RFR: 8288050: Add support of SHA-512/224 and SHA-512/256 to the PBKDF2 and PBES2 impls in SunJCE provider [v2]

Valerie Peng valeriep at openjdk.org
Sat Dec 3 00:49:11 UTC 2022


On Mon, 28 Nov 2022 20:09:34 GMT, Weijun Wang <weijun at openjdk.org> wrote:

>> Valerie Peng has updated the pull request incrementally with one additional commit since the last revision:
>> 
>>   remove extra whitespace
>
> src/java.base/share/classes/javax/crypto/Cipher.java line 325:
> 
>> 323:          * index 2: padding component (e.g., PKCS5Padding)
>> 324:          */
>> 325:         String[] parts = { "", "", "" };
> 
> 1. Do you want to add a test for the `PBEWithHmacSHA512/256AndAES_128/CBC/PKCS5Padding` cipher transformation?
> 2. Is `transformation` case-sensitive? `transformation.indexOf(SHA512TRUNCATED)` might not be able to detect "sha512/2".

Yes, good catch. I added the additional algorithm to the existing PBES2Test and also updated the indexOf(...) call with additional toUpperCase(...) call.

-------------

PR: https://git.openjdk.org/jdk/pull/11339


More information about the security-dev mailing list