RFR: 8343232: PKCS#12 KeyStore support for RFC 9879: Use of Password-Based Message Authentication Code 1 (PBMAC1) [v7]
Mark Powers
mpowers at openjdk.org
Mon Sep 29 15:05:31 UTC 2025
On Tue, 23 Sep 2025 19:41:31 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Mark Powers has updated the pull request incrementally with one additional commit since the last revision:
>>
>> default salt length and one other comment from Weijun
>
> src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java line 2208:
>
>> 2206: } else {
>> 2207:
>> 2208: // Change SHA-1 to SHA1
>
> While you are in this code, can you update this comment? It's not only SHA-1, it's any message digest with a "-" in it, so suggest changing it to something like:
>
> `// Remove "-" from digest algorithm names`
will fix as suggested
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2388313888
More information about the security-dev
mailing list