RFR: 8343232: PKCS#12 KeyStore support for RFC 9579: Use of Password-Based Message Authentication Code 1 (PBMAC1)

Valerie Peng valeriep at openjdk.org
Tue Sep 2 19:57:44 UTC 2025


On Thu, 3 Apr 2025 22:58:39 GMT, Mark Powers <mpowers at openjdk.org> wrote:

> [JDK-8343232](https://bugs.openjdk.org/browse/JDK-8343232)

src/java.base/share/classes/com/sun/crypto/provider/PBMAC1Parameters.java line 88:

> 86:  *
> 87:  * id-hmacWithSHA1 OBJECT IDENTIFIER ::= {digestAlgorithm 7}
> 88:  *

nit: instead of repeating all this here, maybe refer to sun.security.util.PBKDF2Parameters class for PBKDF2 related ASN.1 definition?

src/java.base/share/classes/sun/security/util/PBKDF2Parameters.java line 36:

> 34: /**
> 35:  * This class implements the parameter set used with password-based
> 36:  * key derivation function 2 (PBKDF2), which is defined in PKCS#5 as follows:

nit: add link to RFC 8018 here for reference

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2317024083
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2317021620


More information about the security-dev mailing list