RFR: [CSR] JDK-8221936: Improvements to SunJCE implementation of PBES2 Parameters
Jamil Nimeh
jamil.j.nimeh at oracle.com
Fri Apr 5 23:43:33 UTC 2019
I'm pretty close to a webrev, but I need to write up the tests still.
I've made a lot of changes in PBES2Parameters to make the internal state
of the object more consistent as it leaves the init state. The other
major change is how the KDFs and encryption schemes are modeled in
PBES2Parameters. The way I've done it I think will make it more
extensible if we want to support other PBES2 parameter encodings in the
future. It is all contained within that one file though.
--Jamil
On 4/5/2019 4:12 PM, Valerie Peng wrote:
> Hi Jamil,
>
> Do you have a webrev ready? For this particular case, I feel it's
> probably better to review the webrev first and agree on the
> changes/approach and then file csr to document the
> impact/incompatibility.
>
> Thanks,
>
> Valerie
>
> On 4/4/2019 6:08 AM, Jamil Nimeh wrote:
>> Hello all,
>>
>> This CSR covers some improvements and behavioral changes specifically
>> to the SunJCE implementation of PBES2-based AlgorithmParameters. The
>> original bug, JDK-8076999, was partially fixed by JDK-8202837 and the
>> remaining issue to fix involves expanding the accepted PRFs and
>> encryption schemes when initializing using DER-encoding. Working on
>> that issue brought about some additional behavioral improvements
>> which are documented in the CSR below.
>>
>> https://bugs.openjdk.java.net/browse/JDK-8221936
>>
>> Thank you,
>> --Jamil
More information about the security-dev
mailing list