RFR: 8343232: PKCS#12 KeyStore support for RFC 9879: Use of Password-Based Message Authentication Code 1 (PBMAC1) [v3]
Mark Powers
mpowers at openjdk.org
Sun Sep 21 21:01:15 UTC 2025
On Fri, 19 Sep 2025 18:06:14 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Imagine reading a PBMAC1 protected keystore with a 32 byte salt. Now it's time to write it out. You have to remember the salt length of whatever PBMAC1 you just read in order to generate a new salt of the same length. It doesn't seem right to always generate 20 bytes of salt.
>>
>> We could hardcode the extras, but it seems better to me to return the original values if you're upgrading an old MAC protected keystore to a PBMAC1 protected keystore. It's is a nice touch but the code complexity might not be worth it.
>
> You do have a point here, but we have always been rewriting salt with a possible different length. We can discuss this in another issue, but the change is not necessary here, especially it also affects other old Mac algorithms.
Are you suggesting to always generate a 20 byte salt?
Can you provide a line number for your first comment about breaking up "PBEWithHmacSHA256"?
This string is read from the property file and has nothing to do with any DER encoded values read from the keystore input stream.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2366391247
More information about the security-dev
mailing list