RFR: 8343232: PKCS#12 KeyStore support for RFC 9879: Use of Password-Based Message Authentication Code 1 (PBMAC1) [v10]
Weijun Wang
weijun at openjdk.org
Mon Sep 29 21:28:26 UTC 2025
On Mon, 29 Sep 2025 20:46:13 GMT, Thomas Fitzsimmons <fitzsim at openjdk.org> wrote:
> Now `SunPKCS11`'s `HMAC-SHA256` is used, so my testing is satisfied:
Thanks for trying this out with a PKCS #11 provider. `Mac.PBEWithHmacSHA256` is not used because inside its SunJCE implementation the PBKDF2 key length is hardcoded to the Hmac's _block_ length. On the other hand, in PKCS12's PBMAC1, the key length SHOULD be the _output_ length of Hmac. Without a more flexible `AlgorithmParameterSpec` to supply the full parameters, we don't intend to add `Mac.PBEWithHmacSHA256` to SunPKCS11 very soon. The current recommended approach way to use PBMAC1 is exactly what is shown in this PR: `SecretKeyFactory.PBKDF2With<PRF>` and then a raw Hmac.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/24429#issuecomment-3349110613
More information about the security-dev
mailing list