Integrated: 8007632: DES/3DES keys support in PKCS12 keystore

Alexey Bakhtin abakhtin at openjdk.java.net
Tue Oct 27 18:44:20 UTC 2020


On Tue, 27 Oct 2020 12:27:52 GMT, Alexey Bakhtin <abakhtin at openjdk.org> wrote:

> Hi All,
> 
> DES and DESede keys are supported by JKS/JCEKS but not supported by PKCS#12 keystores.
> This issue prevents the migration of legacy applications to PKCS#12 keystore. For example, an application has some old 3DES keys that are required for certain legacy features. Java PKCS12 keystore does not support DES/3DES keys, thus, application can’t migrate to PKCS#12
> This patch adds OIDs for the DES/DESede algorithms. It is the only changes required to support DES/3DES keys in the PKCS#12 keystore.
> sun/security/pkcs12/P12SecretKey test is updated to verify new secret keys in the PKCS#12 keystore.

This pull request has now been integrated.

Changeset: 7a7ce021
Author:    Alexey Bakhtin <abakhtin at openjdk.org>
Committer: Weijun Wang <weijun at openjdk.org>
URL:       https://git.openjdk.java.net/jdk/commit/7a7ce021
Stats:     16 lines in 2 files changed: 5 ins; 1 del; 10 mod

8007632: DES/3DES keys support in PKCS12 keystore

Reviewed-by: weijun

-------------

PR: https://git.openjdk.java.net/jdk/pull/877



More information about the security-dev mailing list