The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed. Resolved: Release in which this issue/RFE has been resolved. Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
The proposed changes included KAT test vectors to existing Hmac regression tests already. I will double check other Hmac regression tests and update them to test Hmac SHA-3 also if applicable. Thanks for the suggestion.
To summarize, this RFE will enhance SunJCE provider w/
- KeyGenerator and MAC impls for HmacSHA3-x algorithms
- oid aliases and KeyGenerator impls for HmacSHA512/224 and HmacSHA512/256 algorithms (MAC impls are already done under JDK-8051408 )
Per feedback from Michael StJohns, OASIS PKCS11 is working on updating to include SHA-3:
It seems that SunMSCAPI provider does not provide any HMAC implementation. So, will not cover SunMSCAPI provider under this RFE.
PKCS11 v2.40 does not include any algorithms with SHA-3 family of digest, so no changes needed for SunPKCS11 provider (yet).
Due to Solaris support being removed, OracleUcrypto provider will not be covered for this RFE.
NIST defined SHA3 relevant algorithm oids here:
Add Hmac w/ SHA-3 digests to SunJCE provider and check for native support for SunPKCS11, OracleUcrypto, SunMSCAPI providers.