Integrated: 8286024: PKCS12 keystore shows "DES/CBC" as the algorithm of a DES SecretKeyEntry
Weijun Wang
weijun at openjdk.java.net
Mon May 2 22:41:40 UTC 2022
On Mon, 2 May 2022 17:41:52 GMT, Weijun Wang <weijun at openjdk.org> wrote:
> PKCS12 stores the object identifier of a SecretKey along with it, and when retrieved, translate the object identifier to an algorithm name. Unfortunately, inside `KnownOIDs.java`, "DES" is [only registered as](https://github.com/wangweij/jdk/blob/7a6cbef157b67bb4fb877617f2a23228aade9a5d/src/java.base/share/classes/sun/security/util/KnownOIDs.java#L368-L368) an alias of another name "DES/CBC". We should modify it to "DES" before returning the secret key.
This pull request has now been integrated.
Changeset: 50a4df87
Author: Weijun Wang <weijun at openjdk.org>
URL: https://git.openjdk.java.net/jdk/commit/50a4df87c87febdf5fa8561b7d0d21b8d6623943
Stats: 53 lines in 2 files changed: 52 ins; 0 del; 1 mod
8286024: PKCS12 keystore shows "DES/CBC" as the algorithm of a DES SecretKeyEntry
Reviewed-by: valeriep
-------------
PR: https://git.openjdk.java.net/jdk/pull/8505
More information about the security-dev
mailing list