RFR: 8360564: Implement JEP 524: PEM Encodings of Cryptographic Objects (Second Preview) [v12]
Weijun Wang
weijun at openjdk.org
Thu Oct 30 21:47:16 UTC 2025
On Thu, 30 Oct 2025 17:12:31 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:
>> Hi
>>
>> Please review the [Second Preview](https://openjdk.org/jeps/8360563) for the PEM API. The most significant changes from [JEP 470](https://openjdk.org/jeps/470) are:
>>
>> - Renamed the name of `PEMRecord` class to `PEM`.
>> - Revised the new `encryptKey` methods of the `EncryptedPrivateKeyInfo` class to accept `DEREncodable` objects rather than just `PrivateKey` objects so that cryptographic objects with public keys, i.e., `KeyPair` and `PKCS8EncodedKeySpec`, can also be encrypted.
>> - Enhanced the `PEMEncoder` and `PEMDecoder` classes to support the encryption and decryption of `KeyPair` and `PKCS8EncodedKeySpec` objects.
>>
>> thanks
>>
>> Tony
>
> Anthony Scarpino has updated the pull request incrementally with one additional commit since the last revision:
>
> minor doc updates, fix some bugs, PEM set to 26
src/java.base/share/classes/java/security/PEMEncoder.java line 209:
> 207: byte[] encoding = null;
> 208: if (key != null) {
> 209: throw new IllegalArgumentException("Certificates " +
Typo. Not `Certificates`.
src/java.base/share/classes/sun/security/util/Pem.java line 195:
> 193: } else {
> 194: while (hyphen > 0) {
> 195: os.write('-');
The `-`s have already been written into `os` on line 202.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2479406607
PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2479603168
More information about the security-dev
mailing list