RFR: 8343232: PKCS#12 KeyStore support for RFC 9879: Use of Password-Based Message Authentication Code 1 (PBMAC1) [v3]
Weijun Wang
weijun at openjdk.org
Mon Sep 22 13:26:55 UTC 2025
On Sun, 21 Sep 2025 20:58:05 GMT, Mark Powers <mpowers at openjdk.org> wrote:
>> You do have a point here, but we have always been rewriting salt with a possible different length. We can discuss this in another issue, but the change is not necessary here, especially it also affects other old Mac algorithms.
>
> Are you suggesting to always generate a 20 byte salt?
>
> Can you provide a line number for your first comment about breaking up "PBEWithHmacSHA256"?
> This string is read from the property file and has nothing to do with any DER encoded values read from the keystore input stream.
Yes, I think always generating a 20 byte salt is not a problem.
For the name break up, I see that `macAlgorithm` can sometimes be `defaultMacAlgorithm()` which is the full "PBEWithHmacSHA256" (line 1250) and sometimes being "PBMAC1" only (line 2203) with `pbmac1Hmac` serving as the additional info. I suggest always using the full name.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2368385738
More information about the security-dev
mailing list