On Tue, 16 Sep 2025 18:11:32 GMT, Mark Powers <mpow...@openjdk.org> wrote:
>> [JDK-8343232](https://bugs.openjdk.org/browse/JDK-8343232) > > Mark Powers has updated the pull request with a new target base due to a > merge or a rebase. The pull request now contains 17 commits: > > - merge > - removed changes to PBMAC1Core and addressed some comments from Valerie > - small changes > - not used > - refresh index > - Merge > - rework to eliminate PBMAC1ParameterSpec > - merge > - comments from Valerie > - missed this new file > - ... and 7 more: https://git.openjdk.org/jdk/compare/075ebb4e...624ef92e src/java.base/share/classes/com/sun/crypto/provider/PBMAC1Parameters.java line 76: > 74: private int iCount = 0; > 75: > 76: // the key derivation function (default is HmacSHA1) Is there a reason why to default to sha1, would be for a new feature good to start with a modern default (or none). I know that hmacsha1 in this usecase would still be ok, but that does Not mean that longer (and faster) hashes dont make Sense. If this is picked due to rfc compatibility, maybe name the reference in a comment? ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2353338481
