RFR: 8007632: DES/3DES keys support in PKCS12 keystore

Weijun Wang weijun at openjdk.java.net
Tue Oct 27 16:15:23 UTC 2020


On Tue, 27 Oct 2020 14:44:09 GMT, Alexey Bakhtin <abakhtin at openjdk.org> wrote:

>> src/java.base/share/classes/sun/security/util/KnownOIDs.java line 355:
>> 
>>> 353:     // OIW secsig 1.3.14.3.*
>>> 354:     OIW_DES_CBC("1.3.14.3.2.7", "DES/CBC"),
>>> 355:     OIW_DES_ECB("1.3.14.3.2.6", "DES/ECB", "DES"),
>> 
>> What OID are other vendors using?
>
> At least BouncyCastle uses the same OIDs: http://javadox.com/org.bouncycastle/bcprov-jdk15on/1.51/org/bouncycastle/asn1/oiw/OIWObjectIdentifiers.html

Yes I can see the OIDs. I was just wondering if other vendors are also using the OID for DES/ECB when storing a DES key. After all, this is only a key and it can can be used with all Cipher modes.

-------------

PR: https://git.openjdk.java.net/jdk/pull/877



More information about the security-dev mailing list