RFR: 8343232: PKCS#12 KeyStore support for RFC 9879: Use of Password-Based Message Authentication Code 1 (PBMAC1) [v2]
Mark Powers
mpowers at openjdk.org
Wed Oct 22 15:56:06 UTC 2025
On Tue, 16 Sep 2025 18:48:43 GMT, Bernd <duke at openjdk.org> wrote:
>> Mark Powers has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains 17 commits:
>>
>> - merge
>> - removed changes to PBMAC1Core and addressed some comments from Valerie
>> - small changes
>> - not used
>> - refresh index
>> - Merge
>> - rework to eliminate PBMAC1ParameterSpec
>> - merge
>> - comments from Valerie
>> - missed this new file
>> - ... and 7 more: https://git.openjdk.org/jdk/compare/075ebb4e...624ef92e
>
> src/java.base/share/classes/sun/security/pkcs12/MacData.java line 106:
>
>> 104: macSalt = pbeSpec.getSalt();
>> 105: String ps = digestAlgorithmParams.toString();
>> 106: kdfHmac = getKdfHmac(ps);
>
> Are the macs always the same? (The encoder serializes them Independent)
The macs can be different.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2452571813
More information about the security-dev
mailing list