On Wed, 4 May 2022 01:50:34 GMT, Valerie Peng <valer...@openjdk.org> wrote:
>> Since `keytool -importpass` always uses `KeyFactory.getInstance("PBE")` to
>> generate the secret key, and "PBE" is an alias of "PBEwithMD5andDES" inside
>> the SunJCE security provider, its `getAlgorithm` is always
>> `PBEwithMD5andDES`.
>>
>> This code change modifies it to "PBE".
>>
>> Note that I haven't chosen the `-keyalg` option value here because it is
>> actually the algorithm used to protect the PBE secret key entry. It's a
>> cipher algorithm instead of a key algorithm.
>
> test/jdk/sun/security/pkcs12/ImportPassKeyAlg.java line 75:
>
>> 73: .shouldContain("Generated PBE secret key");
>> 74:
>> 75: // The aid of a protected entry (at 110c010c01010c0 inside p12)
>> is:
>
> nit: use "algorithm id" instead.
No problem.
-------------
PR: https://git.openjdk.java.net/jdk/pull/8520
