RFR: 8153005: Upgrade the default PKCS12 encryption/MAC algorithms [v2]
Sean Mullan
mullan at openjdk.java.net
Thu Oct 8 16:37:21 UTC 2020
On Thu, 8 Oct 2020 14:21:09 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> CSR updated. More description, and iteration counts lowered to 10000. Will update code soon.
>
> New commit updating ic to 10000. I also created separate constants for DEFAULT_CERT_PBE_ITERATION_COUNT and
> DEFAULT_KEY_PBE_ITERATION_COUNT. I haven't made the change for LEGACY_PBE_ITERATION_COUNT since they will never change.
Are you still planning, or is it possible to add a test for Windows 2019? Also, have you considered adding a test that
checks if the JDK can read OpenSSL PKCS#12 files and vice versa? Maybe we can do that later as a follow-on issue.
Otherwise, I will approve.
-------------
PR: https://git.openjdk.java.net/jdk/pull/473
More information about the security-dev
mailing list