<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Hello all, happy Friday!<br>
</p>
<p>Please review the following CSR and code review. This makes
updates to the SunJCE implementation of PBES2-based
AlgorithmParameters. Many of the details are in the CSR (see the
link below). But a short list of the updates:</p>
<ul>
<li>Add DER Encode/Decode support for the following OIDS from RFC
8018:<br>
</li>
<ul>
<li>PRFs: HmacSHA512/224, HmacSHA512/256</li>
<li>Encryption Schemes: AES-192-CBC, DES, Triple-DES, RC2, RC5</li>
</ul>
<li>Enforce init-time type consistency between
AlgorithmParameterSpec objects and the algorithms they are used
with (i.e. No using RC5ParameterSpec with AES-128-CBC.</li>
<li>Enforce sanity checks on AlgorithmParameterSpec objects used
to init (e.g. IV length checks, integer range checks, etc.)</li>
<li>Fixed a bug where explicit DER decoding of the optional key
length field in PBKDF2-params would cause the PRF to be forced
to HmacSHA1 even if the DER indicated otherwise</li>
<li>Allow incoming DER encoded AlgorithmIdentifier structures to
honor the OPTIONAL qualifier on the parameters field for both
PRFs and Encryption Schemes.</li>
<li>If a null encryption scheme AlgorithmParameterSpec is provided
during init time, omit the PBES2-params.encryptionScheme's
parameter segment since it is OPTIONAL per the ASN.1 from RFC
5280</li>
</ul>
<p>More details are in the CSR.<br>
</p>
<p>CSR: <a class="moz-txt-link-freetext" href="https://bugs.openjdk.java.net/browse/JDK-8221936">https://bugs.openjdk.java.net/browse/JDK-8221936</a></p>
<p>Bug: <a class="moz-txt-link-freetext" href="https://bugs.openjdk.java.net/browse/JDK-8076999">https://bugs.openjdk.java.net/browse/JDK-8076999</a></p>
<p>Webrev:
<a class="moz-txt-link-freetext" href="http://cr.openjdk.java.net/~jnimeh/reviews/8076999/webrev.01/">http://cr.openjdk.java.net/~jnimeh/reviews/8076999/webrev.01/</a></p>
<p>--Jamil<br>
</p>
<p><br>
</p>
</body>
</html>