On Wed, 30 Jul 2025 18:48:07 GMT, Weijun Wang <wei...@openjdk.org> wrote:
> Add support for ML-DSA signing of JAR files. > > Note: https://datatracker.ietf.org/doc/draft-ietf-lamps-cms-ml-dsa/ is not > finalized. Just some clarification. src/java.base/share/classes/sun/security/pkcs/PKCS7.java line 546: > 544: * @exception NoSuchAlgorithmException on unrecognized algorithms. > 545: * @exception SignatureException on signature handling errors. > 546: */ Verify PKCS7 with an external certificate. This is useful for testing. src/java.base/share/classes/sun/security/pkcs/PKCS7.java line 756: > 754: * @param internalsf whether the content should be included in output > 755: * @param directsign if the content is signed directly or through > authattrs > 756: * @param digAlgID digest alg to use; derive from other arguments if > null Some signature algorithms can be used with different digest algorithms. This is useful for testing and allow future enhancements to allow user-specified digest algorithms. src/java.base/share/classes/sun/security/pkcs/PKCS7.java line 788: > 786: if (digAlgName.equals("SHAKE256-LEN")) { > 787: // We don't check the LEN here. Usually it is returned > 788: // by SignatureUtil.getDigestAlgInPkcs7SignerInfo The former "SHAKE256" is already a standard digest algorithm named "SHAKE256-512". No need to treat specially. src/java.base/share/classes/sun/security/pkcs/SignerInfo.java line 587: > 585: public static String makeSigAlg(AlgorithmId digAlgId, AlgorithmId > encAlgId) { > 586: String encAlg = encAlgId.getName(); > 587: String keyAlg = SignatureUtil.extractKeyAlgFromDwithE(encAlg); Move the "WITH" check and special treatment for RSA, DSA, and EC to be beginning, so there is no need to update this method when more future (modern) signature algorithms are introduced. src/java.base/share/classes/sun/security/util/SignatureUtil.java line 250: > 248: } else if > (kAlg.toUpperCase(Locale.ENGLISH).startsWith("ML-DSA")) { > 249: // > https://datatracker.ietf.org/doc/html/draft-ietf-lamps-cms-ml-dsa-06#name-signerinfo-content > 250: // Just use SHA-512 Future enhancement may allow user to specify the digest algorithm here. ------------- PR Review: https://git.openjdk.org/jdk/pull/26563#pullrequestreview-3075415268 PR Review Comment: https://git.openjdk.org/jdk/pull/26563#discussion_r2245383188 PR Review Comment: https://git.openjdk.org/jdk/pull/26563#discussion_r2245391529 PR Review Comment: https://git.openjdk.org/jdk/pull/26563#discussion_r2245395171 PR Review Comment: https://git.openjdk.org/jdk/pull/26563#discussion_r2245399832 PR Review Comment: https://git.openjdk.org/jdk/pull/26563#discussion_r2245416541
