RFR: 8343232: PKCS#12 KeyStore support for RFC 9579: Use of Password-Based Message Authentication Code 1 (PBMAC1) [v3]
Weijun Wang
weijun at openjdk.org
Wed Sep 17 14:50:46 UTC 2025
On Tue, 16 Sep 2025 23:03:00 GMT, Mark Powers <mpowers at openjdk.org> wrote:
>> [JDK-8343232](https://bugs.openjdk.org/browse/JDK-8343232)
>
> Mark Powers has updated the pull request incrementally with one additional commit since the last revision:
>
> a few more comments
Some comments on `PKC12KeyStore`.
src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java line 180:
> 178: private int macSaltLength = -1;
> 179: private byte[] extraSalt = null;
> 180: private int extraIterationCount = -1;
I don't think it's necessary to break the user-provided mac algorithm like "PBEWithHmacSHA256" into `macAlgorithm == "PBMAC1"` and `pbmac1Hmac == "HmacSHA256"`. Keep a single one no matter what kind of mac algorithm it is.
src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java line 1490:
> 1488:
> 1489: if (macAlgorithm.equals("PBMAC1") ||
> 1490: defaultMacAlgorithm().startsWith("PBEWith")) {
`calculateMac` is called when keystore is read from an existing file and `defaultMacAlgorithm` should not be used. Otherwise, algorithm will be modified. Try these:
keytool -keystore ks -keyalg ec -storepass changeit -genkeypair -alias a -dname CN=a -J-Dkeystore.pkcs12.macAlgorithm=PBEWithHmacSHA512
keytool -keystore ks -keyalg ec -storepass changeit -genkeypair -alias b -dname CN=b -J-Dkeystore.pkcs12.macAlgorithm=PBEWithHmacSHA256
src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java line 1495:
> 1493: } else if (defaultMacAlgorithm().equals("PBEWithHmacSHA256")) {
> 1494: kdfHmac = "HmacSHA256";
> 1495: } else {
Why don't we support `PBEWithHmacSHA384` etc?
src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java line 1509:
> 1507:
> 1508: var skf = SecretKeyFactory.getInstance(kdfHmac.equals("HmacSHA512") ?
> 1509: "PBKDF2WithHmacSHA512" : "PBKDF2WithHmacSHA256");
Why is PBKDF2 used for non-PBMAC1 algorithms as well?
-------------
PR Review: https://git.openjdk.org/jdk/pull/24429#pullrequestreview-3234719221
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2355693464
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2355758215
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2355761701
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2355763431
More information about the security-dev
mailing list