On Wed, 28 Oct 2020 21:35:25 GMT, Valerie Peng <valer...@openjdk.org> wrote:
> Could someone please help review this PKCS#11 v3.0 header files update? > > Changes are straight-forward as below: > 1) Updated pkcs11.h, pkcs11f.h, pkcs11t.h to v3.0 > 2) Updated java side w/ the new constants definitions and name/error code > mappings. > > For the native headers, it's a direct copy of the official v3.0 headers > except that I have to remove the tab space, and trailing white spaces due to > JDK code requirement. I verified the result using 'diff -w'. As for the java > side, the edit is based on the diff of native headers. I also commented out > some of the unused native identifiers at java side. > > I am adding the SHA-3 digests, signatures, and macs in a separate RFE and > would need this one to be reviewed/integrated first. > > Thanks, > Valerie Changes look good. Only minor comments. src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/Functions.java line 793: > 791: addMech(CKM_SHA3_512_RSA_PKCS_PSS, > "CKM_SHA3_512_RSA_PKCS_PSS"); > 792: addMech(CKM_SHA3_224_RSA_PKCS, "CKM_SHA3_224_RSA_PKCS"); > 793: addMech(CKM_SHA3_224_RSA_PKCS_PSS, > "CKM_SHA3_224_RSA_PKCS_PSS"); It appears that you're arranging the addMech(with CKM_xxx) based on the mechanism values. How about the code from #773 to #793, move it up? src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/Functions.java line 1095: > 1093: addMech(CKM_SP800_108_FEEDBACK_KDF, > "CKM_SP800_108_FEEDBACK_KDF"); > 1094: addMech(CKM_SP800_108_DOUBLE_PIPELINE_KDF, > 1095: > "CKM_SP800_108_DOUBLE_PIPELINE_KDF"); same comment as above. src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11Constants.java line 987: > 985: public static final long CKM_SP800_108_FEEDBACK_KDF = > 0x000003adL; > 986: public static final long CKM_SP800_108_DOUBLE_PIPELINE_KDF = > 0x000003aeL; > 987: Same comment. ------------- PR: https://git.openjdk.java.net/jdk/pull/917
