> Code changes for HSS/LMS that's related to keytool and jarsigner: > > 1. No need to add `-sigalg` for both tools when HSS/LMS key is involved, it > can only be `HSS/LMS`. > 2. The `digestAlgorithm` field in a PKCS7 `SignerInfo`. It must be the same > as the hash algorithm used by the HSS/LMS key. This needs to be enforced both > at signing and verification. > 3. HSS/LMS reuses `.DSA` as the signature block file extension inside a > signed JAR file
Weijun Wang has updated the pull request incrementally with one additional commit since the last revision: no need to talk about the limitation here ------------- Changes: - all: https://git.openjdk.org/jdk/pull/14254/files - new: https://git.openjdk.org/jdk/pull/14254/files/04a7a0b7..fae4757a Webrevs: - full: https://webrevs.openjdk.org/?repo=jdk&pr=14254&range=04 - incr: https://webrevs.openjdk.org/?repo=jdk&pr=14254&range=03-04 Stats: 1 line in 1 file changed: 0 ins; 1 del; 0 mod Patch: https://git.openjdk.org/jdk/pull/14254.diff Fetch: git fetch https://git.openjdk.org/jdk.git pull/14254/head:pull/14254 PR: https://git.openjdk.org/jdk/pull/14254
