RFR: 8343232: PKCS#12 KeyStore support for RFC 9879: Use of Password-Based Message Authentication Code 1 (PBMAC1) [v13]
Sean Mullan
mullan at openjdk.org
Thu Oct 16 13:06:25 UTC 2025
On Tue, 14 Oct 2025 23:43:39 GMT, Mark Powers <mpowers at openjdk.org> wrote:
>> [JDK-8343232](https://bugs.openjdk.org/browse/JDK-8343232)
>
> Mark Powers has updated the pull request incrementally with one additional commit since the last revision:
>
> remaining comments
src/java.base/share/classes/sun/security/pkcs12/MacData.java line 229:
> 227: } else {
> 228: throw new ParsingException("unexpected algorithm '"
> 229: +macAlgorithm+ "'");
add spaces around `+`.
src/java.base/share/classes/sun/security/pkcs12/PBMAC1Parameters.java line 121:
> 119: String kdfHmac, String hmac, byte[] digest) throws NoSuchAlgorithmException {
> 120: if (algName.equals("PBMAC1")) {
> 121: return new DerOutputStream().write(DerValue.tag_Sequence, new DerOutputStream()
This use of method chaining is compact, but I find it much harder to review. Consider breaking it up into something more readable. Also, some of the lines are quite long.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2435830879
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2435811684
More information about the security-dev
mailing list