RFR: 8286069: keytool prints out wrong key algorithm for -importpass command
Weijun Wang
weijun at openjdk.java.net
Tue May 3 17:57:48 UTC 2022
Since `keytool -importpass` always uses `KeyFactory.getInstance("PBE")` to generate the secret key, and "PBE" is an alias of "PBEwithMD5andDES" inside the SunJCE security provider, its `getAlgorithm` is always `PBEwithMD5andDES`.
This code change modifies it to "PBE".
Note that I haven't chosen the `-keyalg` option value here because it is actually the algorithm used to protect the PBE secret key entry. It's a cipher algorithm instead of a key algorithm.
-------------
Commit messages:
- the fix
Changes: https://git.openjdk.java.net/jdk/pull/8520/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=8520&range=00
Issue: https://bugs.openjdk.java.net/browse/JDK-8286069
Stats: 109 lines in 2 files changed: 107 ins; 1 del; 1 mod
Patch: https://git.openjdk.java.net/jdk/pull/8520.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/8520/head:pull/8520
PR: https://git.openjdk.java.net/jdk/pull/8520
More information about the security-dev
mailing list