RFR: 8286069: keytool prints out wrong key algorithm for -importpass command [v2]
Weijun Wang
weijun at openjdk.java.net
Wed May 4 03:01:22 UTC 2022
> Since `keytool -importpass` always uses `KeyFactory.getInstance("PBE")` to generate the secret key, and "PBE" is an alias of "PBEwithMD5andDES" inside the SunJCE security provider, its `getAlgorithm` is always `PBEwithMD5andDES`.
>
> This code change modifies it to "PBE".
>
> Note that I haven't chosen the `-keyalg` option value here because it is actually the algorithm used to protect the PBE secret key entry. It's a cipher algorithm instead of a key algorithm.
Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
algorithm id
-------------
Changes:
- all: https://git.openjdk.java.net/jdk/pull/8520/files
- new: https://git.openjdk.java.net/jdk/pull/8520/files/e99bdc32..a45a500b
Webrevs:
- full: https://webrevs.openjdk.java.net/?repo=jdk&pr=8520&range=01
- incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=8520&range=00-01
Stats: 1 line in 1 file changed: 0 ins; 0 del; 1 mod
Patch: https://git.openjdk.java.net/jdk/pull/8520.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/8520/head:pull/8520
PR: https://git.openjdk.java.net/jdk/pull/8520
More information about the security-dev
mailing list