RFR: 8298420: PEM API: Implementation (Preview) [v15]
Sean Mullan
mullan at openjdk.org
Mon May 12 16:50:16 UTC 2025
On Fri, 9 May 2025 20:46:49 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:
>> src/java.base/share/classes/java/security/spec/EncodedKeySpec.java line 63:
>>
>>> 61: * This constructor extracts the algorithm name from the encoded bytes,
>>> 62: * which may be an OID if no standard algorithm name is defined. If the
>>> 63: * algorithm name cannot be extracted, it is set to null.
>>
>> Hmm, I think this is leaking details about DER encoding into this abstract class which does not make any assumptions about the type of encoding used. Have you considered only parsing the encoding in the `X509EncodedKeySpec` and `PKCS8EncodedKeySpec` subclasses which are DER specific?
>
> Well, [JEP 513](https://openjdk.org/jeps/513) will make it possible to limit it to those two EPSs when it integrates. Right now P8EPS and X509EPS are dependent on super() call and would require duplicating the static final variables and overriding all the methods.
>
> What I can do right now is document it in P8EPS and X509EPS, but leave the code in EPS until the JEP integrates.
Ok. JEP 513 is Integrated now.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/17543#discussion_r2085024879
More information about the security-dev
mailing list