On Tue, 9 May 2023 12:45:27 GMT, Ferenc Rakoczi <d...@openjdk.org> wrote:
>> Implement support for Leighton-Micali Signatures (LMS) as described in RFC >> 8554. LMS is an approved software signing algorithm for CNSA 2.0, with >> SHA-256/192 parameters recommended. > > Ferenc Rakoczi has updated the pull request incrementally with one additional > commit since the last revision: > > agreeing with the newest review comments src/java.base/share/classes/sun/security/provider/HSS.java line 97: > 95: > 96: result &= LMSUtils.lmsVerify(lmsPubKey, sig.siglist[sig.Nspk], > messageStream.toByteArray()); > 97: messageStream.reset(); We still need the `messageStream.reset()` call in a `finally` block even if there is no `catch` block. It must be called even if an exception is thrown. src/java.base/share/classes/sun/security/provider/HSS.java line 376: > 374: qArr = Arrays.copyOfRange(sigArray, offset, offset + 4); > 375: sigOtsType = LMSUtils.fourBytesToInt(sigArray, offset + > 4); > 376: lmotsParams = LMOTSParams.of(sigOtsType); Only this single line needs to be put in the `try` block. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1188599102 PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1188603688