RFR: 8298420: PEM API: Implementation (Preview) [v2]
Anthony Scarpino
ascarpino at openjdk.org
Mon Jul 29 20:15:33 UTC 2024
On Fri, 26 Jul 2024 14:01:26 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> if cipher is defined this is an encrypted PEMEncoder instance, so yes it's important.
>> Encoding doesn't need a factory when the object already provides the DER encoding.
>
> Not sure if I understand. When using encryption, user can set a cipher algorithm that is not implemented in any of the builtin providers, so the `SecretKeyFactory.getInstance` and `Cipher.getInstance` might need a provider argument.
What you are describing is why the encoder accepts EncryptedPrivateKeyInfo. These more complicated configurations I left to EncryptedPrivateKeyInfo as the PEM classes are not trying to replace all the functionality of EncryptedPrivateKeyInfo or the other classes, just simplify the common cases and the PEM construction.
PEMDecoder has a factory method because I saw that as a more common case for important into a HSM.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/17543#discussion_r1695802797
More information about the security-dev
mailing list