RFR: 8301553: Support Password-Based Cryptography in SunPKCS11 [v6]
Martin Balao
mbalao at openjdk.org
Tue Jun 6 03:35:11 UTC 2023
On Mon, 5 Jun 2023 23:18:49 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Martin Balao has updated the pull request incrementally with one additional commit since the last revision:
>>
>> 8301553: Support Password-Based Cryptography in SunPKCS11 (iteration #4)
>>
>> Co-authored-by: Francisco Ferrari <fferrari at redhat.com>
>> Co-authored-by: Martin Balao <mbalao at redhat.com>
>
> test/jdk/sun/security/pkcs11/Cipher/PBECipher.java line 50:
>
>> 48: public final class PBECipher extends PKCS11Test {
>> 49: private static final char[] password = "123456".toCharArray();
>> 50: private static final byte[] salt = "abcdefgh".getBytes();
>
> Same comment for the charset encoding...
Good. Fixed for salt and plainText here.
> test/jdk/sun/security/pkcs11/Mac/PBAMac.java line 47:
>
>> 45: public final class PBAMac extends PKCS11Test {
>> 46: private static final char[] password = "123456".toCharArray();
>> 47: private static final byte[] salt = "abcdefgh".getBytes();
>
> This converts the string into bytes using "default" charset which means this test will likely fail if the default charset changed unexpectedly? Same goes for other data such as 'plainText'.
That's right. Fixed for salt and plainText.
> test/jdk/sun/security/pkcs11/SecretKeyFactory/TestPBKD.java line 143:
>
>> 141: private static final char[] pwd = "123456\uA4F7".toCharArray();
>> 142: private static final char[] emptyPwd = new char[0];
>> 143: private static final byte[] salt = "abcdefgh".getBytes();
>
> My other comment of charset encoding applies here as well?
Good. Fixed for salt here.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/12396#discussion_r1218827193
PR Review Comment: https://git.openjdk.org/jdk/pull/12396#discussion_r1218824432
PR Review Comment: https://git.openjdk.org/jdk/pull/12396#discussion_r1218825066
More information about the security-dev
mailing list