On Thu, 25 Sep 2025 23:03:11 GMT, Anthony Scarpino <[email protected]> wrote:
>> Hi >> >> Please review the [Second Preview](https://openjdk.org/jeps/8360563) for the >> PEM API. The most significant changes from [JEP >> 470](https://openjdk.org/jeps/470) are: >> >> - Renamed the name of `PEMRecord` class to `PEM`. >> - Revised the new `encryptKey` methods of the `EncryptedPrivateKeyInfo` >> class to accept `DEREncodable` objects rather than just `PrivateKey` objects >> so that cryptographic objects with public keys, i.e., `KeyPair` and >> `PKCS8EncodedKeySpec`, can also be encrypted. >> - Enhanced the `PEMEncoder` and `PEMDecoder` classes to support the >> encryption and decryption of `KeyPair` and `PKCS8EncodedKeySpec` objects. >> >> thanks >> >> Tony > > Anthony Scarpino has updated the pull request incrementally with one > additional commit since the last revision: > > missed some decoder comments One test comment. test/jdk/javax/crypto/EncryptedPrivateKeyInfo/GetKeyPair.java line 103: > 101: "PublicKey didn't match with decoded."); > 102: Asserts.assertEqualsByteArray(kps.origPubEncoding, > actualPubEncoding, > 103: "PublicKey didn't match with decoded."); There is no need to always compare public key encoding twice. You can compare `kpOrig.getPublic()` and `mlkemKP.getPubic()` once after line 72. Then you can just compare `mlkemKP` and `kp` and there is no need to invent a new `KeyPairs` type. I would more like to see this test and `GetKey` merged, probably also covering `getKeySpec`. ------------- PR Review: https://git.openjdk.org/jdk/pull/27147#pullrequestreview-3296464508 PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2400109232
