RFR: 8286024: PKCS12 keystore shows "DES/CBC" as the algorithm of a DES SecretKeyEntry
Valerie Peng
valeriep at openjdk.java.net
Mon May 2 22:07:22 UTC 2022
On Mon, 2 May 2022 17:41:52 GMT, Weijun Wang <weijun at openjdk.org> wrote:
> PKCS12 stores the object identifier of a SecretKey along with it, and when retrieved, translate the object identifier to an algorithm name. Unfortunately, inside `KnownOIDs.java`, "DES" is [only registered as](https://github.com/wangweij/jdk/blob/7a6cbef157b67bb4fb877617f2a23228aade9a5d/src/java.base/share/classes/sun/security/util/KnownOIDs.java#L368-L368) an alias of another name "DES/CBC". We should modify it to "DES" before returning the secret key.
Looks fine. Thanks.
-------------
Marked as reviewed by valeriep (Reviewer).
PR: https://git.openjdk.java.net/jdk/pull/8505
More information about the security-dev
mailing list