[8] Code review request for 8006591: Protect keystore entries using stronger PBE algorithms

Sean Mullan sean.mullan at oracle.com
Wed Jan 23 16:40:53 UTC 2013


Just one comment:

1. In PasswordProtection.getAlgorithm(), I'd recommend adding the 
following sentence:

"If this security property is not set, an implementation-specific 
algorithm will be used."

--Sean

On 01/22/2013 06:18 PM, Vincent Ryan wrote:
> Last call and an updated webrev that includes the review comments:
>
> Webrev: http://cr.openjdk.java.net/~vinnie/8006591/webrev.01/
>
>
> On 18/01/2013 19:53, Vincent Ryan wrote:
>> Hello,
>>
>> Please review the fix for 8006591. It introduces a mechanism to enable
>> stronger PBE algorithms to be specified when encrypting a keystore entry.
>> This allows developers to make use of the new PBE algorithms delivered in
>> JEP-121. Note however that PKCS12 is currently the only keystore that
>> supports this new feature.
>>
>> It is a component of the JEP-166 delivery.
>>
>> Webrev: http://cr.openjdk.java.net/~vinnie/8006591/webrev.00/
>>
>> Thanks.
>




More information about the security-dev mailing list