RFR: 8343232: PKCS#12 KeyStore support for RFC 9579: Use of Password-Based Message Authentication Code 1 (PBMAC1)
Valerie Peng
valeriep at openjdk.org
Tue Sep 2 22:15:45 UTC 2025
On Thu, 3 Apr 2025 22:58:39 GMT, Mark Powers <mpowers at openjdk.org> wrote:
> [JDK-8343232](https://bugs.openjdk.org/browse/JDK-8343232)
src/java.base/share/classes/sun/security/util/PBKDF2Parameters.java line 73:
> 71:
> 72: // AlgorithmIdentifier
> 73: private String prf = null;
Set the default value to "HmacSHA1" here instead of when parsing the DER encoding?
src/java.base/share/classes/sun/security/util/PBKDF2Parameters.java line 81:
> 79: // the pseudorandom function (default is HmacSHA1)
> 80: private ObjectIdentifier kdfAlgo_OID =
> 81: ObjectIdentifier.of(KnownOIDs.HmacSHA1);
This field is not really used? This can just be a local variable when parsing the DER encoding.
src/java.base/share/classes/sun/security/util/PBKDF2Parameters.java line 142:
> 140: } else {
> 141: kdfAlgo = "HmacSHA1";
> 142: }
Can be removed if setting the `prf` default value.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2317284964
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2317283305
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2317286039
More information about the security-dev
mailing list