On Mon, 13 Oct 2025 17:22:25 GMT, Anthony Scarpino <[email protected]> wrote:
>> Hi >> >> Please review the [Second Preview](https://openjdk.org/jeps/8360563) for the >> PEM API. The most significant changes from [JEP >> 470](https://openjdk.org/jeps/470) are: >> >> - Renamed the name of `PEMRecord` class to `PEM`. >> - Revised the new `encryptKey` methods of the `EncryptedPrivateKeyInfo` >> class to accept `DEREncodable` objects rather than just `PrivateKey` objects >> so that cryptographic objects with public keys, i.e., `KeyPair` and >> `PKCS8EncodedKeySpec`, can also be encrypted. >> - Enhanced the `PEMEncoder` and `PEMDecoder` classes to support the >> encryption and decryption of `KeyPair` and `PKCS8EncodedKeySpec` objects. >> >> thanks >> >> Tony > > Anthony Scarpino has updated the pull request incrementally with one > additional commit since the last revision: > > updates src/java.base/share/classes/java/security/PEMEncoder.java line 77: > 75: * > 76: * <p> The following lists the supported {@code DEREncodable} classes and > 77: * the PEM types they encoded as: s/encoded/encode/ src/java.base/share/classes/java/security/PEMEncoder.java line 89: > 87: * <li>{@code KeyPair} : PRIVATE KEY</li> > 88: * <li>{@code KeyPair} : > 89: * ENCRYPTED PRIVATE KEY if configured with encryption)</li> s/if/(if/ src/java.base/share/classes/java/security/PEMEncoder.java line 326: > 324: if (privateEncoding == null) { > 325: throw new IllegalArgumentException("This DEREncodable > cannot " + > 326: "be encrypted."); It seems you could move this check earlier when you check if `keyspec` is not null. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2430223693 PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2430224875 PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2430313564
