On Wed, 4 May 2022 01:50:34 GMT, Valerie Peng <valer...@openjdk.org> wrote:
>> Since `keytool -importpass` always uses `KeyFactory.getInstance("PBE")` to >> generate the secret key, and "PBE" is an alias of "PBEwithMD5andDES" inside >> the SunJCE security provider, its `getAlgorithm` is always >> `PBEwithMD5andDES`. >> >> This code change modifies it to "PBE". >> >> Note that I haven't chosen the `-keyalg` option value here because it is >> actually the algorithm used to protect the PBE secret key entry. It's a >> cipher algorithm instead of a key algorithm. > > test/jdk/sun/security/pkcs12/ImportPassKeyAlg.java line 75: > >> 73: .shouldContain("Generated PBE secret key"); >> 74: >> 75: // The aid of a protected entry (at 110c010c01010c0 inside p12) >> is: > > nit: use "algorithm id" instead. No problem. ------------- PR: https://git.openjdk.java.net/jdk/pull/8520