On Thu, 25 Sep 2025 23:03:11 GMT, Anthony Scarpino <[email protected]> wrote:
>> Hi >> >> Please review the [Second Preview](https://openjdk.org/jeps/8360563) for the >> PEM API. The most significant changes from [JEP >> 470](https://openjdk.org/jeps/470) are: >> >> - Renamed the name of `PEMRecord` class to `PEM`. >> - Revised the new `encryptKey` methods of the `EncryptedPrivateKeyInfo` >> class to accept `DEREncodable` objects rather than just `PrivateKey` objects >> so that cryptographic objects with public keys, i.e., `KeyPair` and >> `PKCS8EncodedKeySpec`, can also be encrypted. >> - Enhanced the `PEMEncoder` and `PEMDecoder` classes to support the >> encryption and decryption of `KeyPair` and `PKCS8EncodedKeySpec` objects. >> >> thanks >> >> Tony > > Anthony Scarpino has updated the pull request incrementally with one > additional commit since the last revision: > > missed some decoder comments src/java.base/share/classes/java/security/PEMEncoder.java line 1: > 1: /* Suggest using "PEM-encoded" instead of "PEM encoded" to be consistent with JEP wording. src/java.base/share/classes/java/security/PEMEncoder.java line 1: > 1: /* line 48, s/CRL/CRLs/ src/java.base/share/classes/java/security/PEMEncoder.java line 71: > 69: * OneAsymmetricKey structure using the "PRIVATE KEY" type. > 70: * > 71: * <p> When encoding a {@link PEM}, the API surrounds the suggest saying "When encoding a PEM object, ..." src/java.base/share/classes/java/security/PEMEncoder.java line 72: > 70: * > 71: * <p> When encoding a {@link PEM}, the API surrounds the > 72: * {@link PEM#content()} with the PEM header and footer s/the/a/ src/java.base/share/classes/java/security/PEMEncoder.java line 73: > 71: * <p> When encoding a {@link PEM}, the API surrounds the > 72: * {@link PEM#content()} with the PEM header and footer > 73: * from {@link PEM#type()}. {@link PEM#leadingData()} is s/from/of/ src/java.base/share/classes/java/security/PEMEncoder.java line 74: > 72: * {@link PEM#content()} with the PEM header and footer > 73: * from {@link PEM#type()}. {@link PEM#leadingData()} is > 74: * not included in the encoding. {@code PEM} will not perform I don't think you need this final sentence, leave that to the `PEM` javadocs. src/java.base/share/classes/java/security/PEMEncoder.java line 267: > 265: * by the {@code jdk.epkcs8.defaultAlgorithm} security property and > 266: * uses the default encryption parameters of the provider that is > selected. > 267: * For greater flexibility with encryption options and parameters, > use Suggest using the JEP words here instead: "To use non-default encryption parameters, or to encrypt with a different encryption [provider](https://docs.oracle.com/en/java/javase/24/docs/api/java.base/java/security/Provider.html), use ..." ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2402627574 PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2402745066 PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2402751207 PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2402754710 PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2402755066 PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2402759080 PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2402653825
