[8] code review for 8007934: algorithm parameters for PBE Scheme 2 not decoded correctly in PKCS12 keystore
Sean Mullan
sean.mullan at oracle.com
Tue Feb 12 21:17:39 UTC 2013
Looks good.
--Sean
On 02/12/2013 03:59 PM, Vincent Ryan wrote:
> Thanks Sean. Updated webrev:
> http://cr.openjdk.java.net/~vinnie/8007934/webrev.01/
>
> On 12/02/2013 20:19, Sean Mullan wrote:
>> A couple of comments:
>>
>> mapPBEParamsToAlgorithm should be a static method.
>
> Changed both mapPBExxx methods.
>
>
>>
>> Instead of catching the IOException and falling back, couldn't you
>> instead look at the algorithm OID (on line 328 & 1954) and determine if
>> it is PBE or PBES2 (and pass that in as an additional parameter)?
>>
>
> Much better.
>
>
>> --Sean
>>
>> On 02/11/2013 02:09 PM, Vincent Ryan wrote:
>>> Please review this fix to correct the ASN.1 DER decoding of PBES2
>>> algorithm parameters in PKCS12 keystore.
>>>
>>> Webrev: http://cr.openjdk.java.net/~vinnie/8007934/webrev.00/
>>>
>>> Thanks.
>>
>
More information about the security-dev
mailing list