RFR: 8343232: PKCS#12 KeyStore support for RFC 9879: Use of Password-Based Message Authentication Code 1 (PBMAC1) [v7]
Matthew Donovan
mdonovan at openjdk.org
Tue Sep 23 11:47:37 UTC 2025
On Mon, 22 Sep 2025 18:42:57 GMT, Mark Powers <mpowers at openjdk.org> wrote:
>> [JDK-8343232](https://bugs.openjdk.org/browse/JDK-8343232)
>
> Mark Powers has updated the pull request incrementally with one additional commit since the last revision:
>
> default salt length and one other comment from Weijun
test/jdk/sun/security/pkcs12/PBMAC1Encoding.java line 39:
> 37: public class PBMAC1Encoding {
> 38: // A.1. Valid PKCS #12 File with SHA-256 HMAC and PRF
> 39: static final String A1 =
Can you add a comment explaining how to create these Strings?
test/jdk/sun/security/pkcs12/PBMAC1Encoding.java line 423:
> 421: ks = KeyStore.getInstance("PKCS12");
> 422: ks.load(new ByteArrayInputStream(Base64.getDecoder().decode(A2)),
> 423: password.toCharArray());
Throw an exception after `ks.load()`. Otherwise, if `load()` doesn't throw anything, the test will pass when it shouldn't.
test/jdk/sun/security/pkcs12/PBMAC1Encoding.java line 445:
> 443: ks = KeyStore.getInstance("PKCS12");
> 444: ks.load(new ByteArrayInputStream(Base64.getDecoder().decode(A4)),
> 445: password.toCharArray());
throw an exception after `ks.load()` here and for A.5 and A.6 test cases.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2372021710
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2372029145
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2372033887
More information about the security-dev
mailing list