RFR: 8360564: Implement JEP 524: PEM Encodings of Cryptographic Objects (Second Preview) [v4]
Weijun Wang
weijun at openjdk.org
Wed Oct 1 21:20:28 UTC 2025
On Wed, 1 Oct 2025 20:02:33 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Anthony Scarpino has updated the pull request incrementally with one additional commit since the last revision:
>>
>> missed some decoder comments
>
> src/java.base/share/classes/java/security/PEMDecoder.java line 76:
>
>> 74: * decryption)</li>
>> 75: * <li>ENCRYPTED PRIVATE KEY : {@code PKCS8EncodedKeySpec} (if configured with
>> 76: * decryption)</li>
>
> Plus "and passed as a Class parameter".
You can also decode `PRIVATE KEY` or `ENCRYPTED PRIVATE KEY` into a `PublicKey` if it's passed as a class parameter, right?
> src/java.base/share/classes/javax/crypto/EncryptedPrivateKeyInfo.java line 368:
>
>> 366: */
>> 367: @PreviewFeature(feature = PreviewFeature.Feature.PEM_API)
>> 368: public static EncryptedPrivateKeyInfo encryptKey(DEREncodable de,
>
> Shall we name it `encryptKey` or simply `encrypt`? I'm asking because it can be something other than a key. The decrypt side has `getKey`, `getKeySpec`, and `getKayPair`. Since we have only one on the encrypt side, it needn't use the noun of one of them.
I cannot comment on the `@param provider` line. Shall we change "the Provider will be used" to "the Provider used"? This is consistent with `getKeyPair`.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2395748169
PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2395527848
More information about the security-dev
mailing list