RFR: 5066842: PKCS8EncodedKeySpec needs getAlgorithm method
Weijun Wang
weijun at openjdk.org
Thu Sep 1 23:37:34 UTC 2022
On Thu, 1 Sep 2022 23:30:40 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:
>> Since the algorithm is already encoded inside a PKCS #8 data block, it is not necessary to provide an algorithm when a `PKCS8EncodedKeySpec` object is created. The same for `X509EncodedKeySpec`.
>
> src/java.base/share/classes/java/security/spec/PKCS8EncodedKeySpec.java line 73:
>
>> 71: * it will be returned. Otherwise, the object identifier inside the `privateKeyAlgorithm`
>> 72: * field is returned in its string format (For example, "1.3.14.7.2.1.1").
>> 73: * If the encoded key cannot be parsed correctly, the algorithm will be null.
>
> Is this that OID format last week we talked about with passing algorithms we don't know to another provider?
Yes, if it's unknown. I plan to implement this with `AlgorithmId.parse(privateKeyAlgorithm).getName()`.
-------------
PR: https://git.openjdk.org/jdk/pull/10131
More information about the security-dev
mailing list