RFR: 8377506: Implementation of PEM Encodings of Cryptographic Objects

Sean Mullan mullan at openjdk.org
Thu Feb 19 20:03:41 UTC 2026 

On Mon, 9 Feb 2026 21:04:34 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:

> Please review the finalized PEM API at https://openjdk.org/jeps/8360563. The most significant changes from the second preview, JEP 524 (https://openjdk.org/jeps/524), include:
> 
> - `PEM` is changed from a record to a class, with content stored in binary form and data defensively copied.
> - `DEREncodable` is renamed to `BinaryEncodable` to more accurately reflect the binary data stored in PEM text.
> - In `EncryptedPrivateKeyInfo`, the `encrypt` methods now accept `BinaryEncodable`, and the `getKey()` and `getKeyPair()` methods no longer include a `Provider` parameter.
> - A new `CryptoException` indicates failures during cryptographic processing at runtime.
> 
> thanks

src/java.base/share/classes/java/security/PEMEncoder.java line 163:

> 161:      * string.
> 162:      *
> 163:      * @param de the {@code BinaryEncodable} to encode

Change variable name to `be`.

src/java.base/share/classes/java/security/PEMEncoder.java line 260:

> 258:      * byte array.
> 259:      *
> 260:      * @param de the {@code BinaryEncodable} to be encoded

Change variable name to `be`.

src/java.base/share/classes/java/security/PEMEncoder.java line 279:

> 277:      * {@code PKCS8EncodedKeySpec} objects can be encoded with this newly
> 278:      * configured instance.  Encoding other {@code BinaryEncodable} objects will
> 279:      * throw an {@code PEMException}.

s/an/a/

src/java.base/share/classes/java/security/PEMEncoder.java line 327:

> 325: 
> 326:         if (key != null && privateEncoding == null) {
> 327:             throw new IllegalArgumentException("This BinaryEncodable cannot " +

Some exception messages end with a period, others don't. Probably should be consistent. I don't think it common to end exception messages with a period.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/29640#discussion_r2829846441
PR Review Comment: https://git.openjdk.org/jdk/pull/29640#discussion_r2829865682
PR Review Comment: https://git.openjdk.org/jdk/pull/29640#discussion_r2829869191
PR Review Comment: https://git.openjdk.org/jdk/pull/29640#discussion_r2829881214

More information about the security-dev mailing list