RFR: 8288050: Add support of SHA-512/224 and SHA-512/256 to the PBKDF2 and PBES2 impls in SunJCE provider [v4]
Bernd
duke at openjdk.org
Thu Dec 15 17:19:06 UTC 2022
On Wed, 14 Dec 2022 00:23:44 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> This RFE enhances existing PBE algorithms with the "SHA512/224" and "SHA512/256" support.
>> Current transformation parsing in javax.crypto.Cipher class is re-written to handle the additional "/" in the "SHA512/224" and "SHA512/256" algorithm names. Existing tests are updated with the additional new algorithms.
>
> Valerie Peng has updated the pull request incrementally with one additional commit since the last revision:
>
> address review feedbacks
BTW while you touch the algorithm documentation, it Liste pkcs#5 which does work with octet strings, but the java api works with char passwords. It should describe that it uses the ucs2 char->bytes method not utf8 (pkcs8 vs pkcs12 if I recommend correctly).
(Or even better allow both as currently i would still need to use BC for a byte representation in better defined utf8)
-------------
PR: https://git.openjdk.org/jdk/pull/11339
More information about the security-dev
mailing list