RFR: 8343232: PKCS#12 KeyStore support for RFC 9579: Use of Password-Based Message Authentication Code 1 (PBMAC1) [v2]
Bernd
duke at openjdk.org
Tue Sep 16 18:51:44 UTC 2025
On Tue, 16 Sep 2025 18:11:32 GMT, Mark Powers <mpowers at openjdk.org> wrote:
>> [JDK-8343232](https://bugs.openjdk.org/browse/JDK-8343232)
>
> Mark Powers has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains 17 commits:
>
> - merge
> - removed changes to PBMAC1Core and addressed some comments from Valerie
> - small changes
> - not used
> - refresh index
> - Merge
> - rework to eliminate PBMAC1ParameterSpec
> - merge
> - comments from Valerie
> - missed this new file
> - ... and 7 more: https://git.openjdk.org/jdk/compare/075ebb4e...624ef92e
src/java.base/share/classes/sun/security/pkcs12/MacData.java line 106:
> 104: macSalt = pbeSpec.getSalt();
> 105: String ps = digestAlgorithmParams.toString();
> 106: kdfHmac = getKdfHmac(ps);
Are the macs always the same? (The encoder serializes them Independent)
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2353361561
More information about the security-dev
mailing list