[11] RFR 8202837: PBES2 AlgorithmId encoding error in PKCS12 KeyStore
Xuelei Fan
xuelei.fan at oracle.com
Wed Jul 18 15:31:48 UTC 2018
Looks fine to me except a minor nit.
PBES2Parameters.java:
---------------------
282 String kdfAlgo = "HmacSHA1"; // default
I may suggest you move the declaration down to line 314. It is clear
about what the "default" means.
Xuelei
On 7/18/2018 1:57 AM, Weijun Wang wrote:
> Please take a review at
>
> JBS: https://bugs.openjdk.java.net/browse/JDK-8202837
> Fix: http://cr.openjdk.java.net/~weijun/8202837/webrev.00/
>
> The redundant encoding/decoding of the extra PBES2 OID is removed. The encoding/decoding of keyLength and prf in PBKDF2-params is also made optional-aware.
>
> In PKCS12KeyStore, the decrypting of cert is fixed. See line 404 for the correct usage when decrypting the key.
>
> The new test contains a hardcoded PKCS 12 file, but I've included the exact commands to create it.
>
> Thanks
> Max
>
More information about the security-dev
mailing list