On Sun, 12 Oct 2025 01:26:43 GMT, Koushik Muthukrishnan Thirupattur
<[email protected]> wrote:
>> Looking at RFC 9879 on PBES2 and PBMAC1 in PKCS12, algorithm identifiers for
>> HmacSHA*** (like SHA***) should always contain NULL as params. We can update
>> the list at AlgorithmId.encode(DOS) to enforce this rule.
>
> Koushik Muthukrishnan Thirupattur has updated the pull request incrementally
> with one additional commit since the last revision:
>
> 8367008: Algorithm identifiers for HmacSHA* should always have NULL as
> params
src/java.base/share/classes/sun/security/x509/AlgorithmId.java line 146:
> 144: */
> 145: if (params.tag == DerValue.tag_Null) {
> 146: if (params.length() != 0) {
Could you please extend the current tests to cover the case when `params.tag ==
DerValue.tag_Null `? This doesn't seem to be covered by your tests
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27700#discussion_r2440026013
