On Thu, 9 Oct 2025 18:29:29 GMT, Koushik Muthukrishnan Thirupattur <[email protected]> wrote:
>> Looking at RFC 9879 on PBES2 and PBMAC1 in PKCS12, algorithm identifiers for >> HmacSHA*** (like SHA***) should always contain NULL as params. We can update >> the list at AlgorithmId.encode(DOS) to enforce this rule. > > Koushik Muthukrishnan Thirupattur has updated the pull request incrementally > with two additional commits since the last revision: > > - 8367008: Algorithm identifiers for HmacSHA* should always have NULL as > params > - 8367008: Algorithm identifiers for HmacSHA* should always have NULL as > params src/java.base/share/classes/sun/security/x509/AlgorithmId.java line 690: > 688: ObjectIdentifier.of(KnownOIDs.HmacSHA256), > 689: ObjectIdentifier.of(KnownOIDs.HmacSHA384), > 690: ObjectIdentifier.of(KnownOIDs.HmacSHA512) The "HMAC algorithm identifiers" section of https://www.rfc-editor.org/rfc/rfc9879.html#name-asn1-module also includes algid-hmacWithSHA512-224 and algid-hmacWithSHA512-256. Also, I have always been wondering how SHA3 Hmac `AlgorithmId` are encoded. https://datatracker.ietf.org/doc/html/rfc9688#name-signature-algorithms says "the parameters field MUST be absent". Although I'm not sure if this is only in CMS, but I think it's worth adding a reference here explaining why those OIDs are not included. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/27700#discussion_r2418356050
