Integrated: 8286069: keytool prints out wrong key algorithm for -importpass command

Weijun Wang weijun at openjdk.java.net
Wed May 4 03:01:23 UTC 2022


On Tue, 3 May 2022 17:51:43 GMT, Weijun Wang <weijun at openjdk.org> wrote:

> Since `keytool -importpass` always uses `KeyFactory.getInstance("PBE")` to generate the secret key, and "PBE" is an alias of "PBEwithMD5andDES" inside the SunJCE security provider, its `getAlgorithm` is always `PBEwithMD5andDES`.
> 
> This code change modifies it to "PBE".
> 
> Note that I haven't chosen the `-keyalg` option value here because it is actually the algorithm used to protect the PBE secret key entry. It's a cipher algorithm instead of a key algorithm.

This pull request has now been integrated.

Changeset: 075ce8a0
Author:    Weijun Wang <weijun at openjdk.org>
URL:       https://git.openjdk.java.net/jdk/commit/075ce8a0d0ab279049c81d5ce23fcee3711925e2
Stats:     109 lines in 2 files changed: 107 ins; 1 del; 1 mod

8286069: keytool prints out wrong key algorithm for -importpass command

Reviewed-by: hchao, valeriep

-------------

PR: https://git.openjdk.java.net/jdk/pull/8520



More information about the security-dev mailing list