On Thu, 4 May 2023 21:24:16 GMT, Weijun Wang <wei...@openjdk.org> wrote:
>> Ferenc Rakoczi has updated the pull request incrementally with one >> additional commit since the last revision: >> >> adding key translation, finally block, removing 24-byte LMOTS parameters > > src/java.base/share/classes/sun/security/provider/HSS.java line 528: > >> 526: // update()-digest() sequence) which is parametrized so that >> the digest output is copied back into this buffer. >> 527: // This way, we avoid memory allocations and some computations >> that would have to be done otherwise. >> 528: final byte[] hashBuf; > > I'm a little worried about the mutability of `hashBuf` and whether it's > suitable to be put inside `LMOTSParams`. By using `of` to return an > `LMOTSParams` object we have the chance to return cached objects in the > future. There should always be one `hashBuf` for each LM-OTS verification, > and this is not clear from the current code. How will the performance change if we make `hashbufSha256_24` and `hashbufSha256_32` static and each time we want to verify an LM-OTS signature we clone one of them? ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1187651985
