RFR: 8343232: PKCS#12 KeyStore support for RFC 9879: Use of Password-Based Message Authentication Code 1 (PBMAC1) [v5]
Mark Powers
mpowers at openjdk.org
Sat Sep 20 21:55:36 UTC 2025
On Tue, 16 Sep 2025 22:55:17 GMT, Mark Powers <mpowers at openjdk.org> wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/PBMAC1Parameters.java line 156:
>>
>>> 154: DerValue kdf = pBMAC1_params.data.getDerValue();
>>> 155: var kdfParams = new PBKDF2Parameters();
>>> 156: String kdfAlgo = kdfParams.init(kdf);
>>
>> Hmm, it's somewhat obscure to return the prf algorithm as the result of `PBKDF2Parameters.init(...) `call.
>> Is there a reason for a separate `init(...)` call? How about just `PBKDF2Parameters(kdf)` and retrieve the `prfAlgo` (instead of the "kdfAlgo" name) separately just like `salt`, `iCount` and `keyLength`?
>
> This has been changed to `PBKDF2Parameters(kdf) `by an earlier comment. Are you suggesting to change `kdfAlgo` to `prfAlgo` or something else?
changed `kdfAlgo` to `prfAlgo`.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2365842311
More information about the security-dev
mailing list