> > It seems that existing impl of PBES2Parameters class only enforces that the > KDF algo is one of the HmacSHAxxx. But it does not throw exception if the > instance is requested with "PBEWithHmacSHA256AndAES_256" and then initialized > with DER encoding containing "PBEWithHmacSHA512AndAES_256". Perhaps it should > be further tightened up?
I think so. There is a general "PBES2" that allows filling in the algorithms at init() but if they are already inside the algorithm name, then only the same can appear in the encoding. Filed https://bugs.openjdk.java.net/browse/JDK-8244564. Maybe we will backport it. --Max
