[11] RFR 8202837: PBES2 AlgorithmId encoding error in PKCS12 KeyStore
Weijun Wang
weijun.wang at oracle.com
Wed Jul 18 08:57:34 UTC 2018
Please take a review at
JBS: https://bugs.openjdk.java.net/browse/JDK-8202837
Fix: http://cr.openjdk.java.net/~weijun/8202837/webrev.00/
The redundant encoding/decoding of the extra PBES2 OID is removed. The encoding/decoding of keyLength and prf in PBKDF2-params is also made optional-aware.
In PKCS12KeyStore, the decrypting of cert is fixed. See line 404 for the correct usage when decrypting the key.
The new test contains a hardcoded PKCS 12 file, but I've included the exact commands to create it.
Thanks
Max
More information about the security-dev
mailing list