RFR: 8298420: PEM API: Implementation (Preview) [v2]
Anthony Scarpino
ascarpino at openjdk.org
Tue Jul 30 19:14:32 UTC 2024
On Fri, 26 Jul 2024 04:04:55 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/pkcs/PKCS8Key.java line 109:
>>
>>> 107: throws InvalidKeyException {
>>> 108: this(privEncoding);
>>> 109: pubKeyEncoded = pubEncoding;
>>
>> So if there is already a public key in `privEncoding`, it will be overwritten? BTW, it seems this method is not used anywhere.
>
> If it isn't used anywhere, then it's probably from an old idea that I didn't completely clean up
This constructor is eventually used by PEMEncoder for KeyPair. Yes if the private key encoding did have a public key already it would be overwritten; however, the API usage is to combine the given KeyPair into PEM text. The expected usage is after generating a KeyPair.
As far as preventing an overwrite, while it can probably be done, I don't see the value in adding a check at this point.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/17543#discussion_r1697453713
More information about the security-dev
mailing list