RFR: 8007632: DES/3DES keys support in PKCS12 keystore [v3]
Alexey Bakhtin
abakhtin at openjdk.java.net
Tue Oct 27 17:58:35 UTC 2020
> Hi All,
>
> DES and DESede keys are supported by JKS/JCEKS but not supported by PKCS#12 keystores.
> This issue prevents the migration of legacy applications to PKCS#12 keystore. For example, an application has some old 3DES keys that are required for certain legacy features. Java PKCS12 keystore does not support DES/3DES keys, thus, application can’t migrate to PKCS#12
> This patch adds OIDs for the DES/DESede algorithms. It is the only changes required to support DES/3DES keys in the PKCS#12 keystore.
> sun/security/pkcs12/P12SecretKey test is updated to verify new secret keys in the PKCS#12 keystore.
Alexey Bakhtin has updated the pull request incrementally with one additional commit since the last revision:
Fix order of OIDs
-------------
Changes:
- all: https://git.openjdk.java.net/jdk/pull/877/files
- new: https://git.openjdk.java.net/jdk/pull/877/files/94423b3d..efbd5a4f
Webrevs:
- full: https://webrevs.openjdk.java.net/?repo=jdk&pr=877&range=02
- incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=877&range=01-02
Stats: 4 lines in 1 file changed: 2 ins; 2 del; 0 mod
Patch: https://git.openjdk.java.net/jdk/pull/877.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/877/head:pull/877
PR: https://git.openjdk.java.net/jdk/pull/877
More information about the security-dev
mailing list