On Mon, 20 Oct 2025 22:19:41 GMT, Anthony Scarpino <[email protected]> wrote:
>> Hi >> >> Please review the [Second Preview](https://openjdk.org/jeps/8360563) for the >> PEM API. The most significant changes from [JEP >> 470](https://openjdk.org/jeps/470) are: >> >> - Renamed the name of `PEMRecord` class to `PEM`. >> - Revised the new `encryptKey` methods of the `EncryptedPrivateKeyInfo` >> class to accept `DEREncodable` objects rather than just `PrivateKey` objects >> so that cryptographic objects with public keys, i.e., `KeyPair` and >> `PKCS8EncodedKeySpec`, can also be encrypted. >> - Enhanced the `PEMEncoder` and `PEMDecoder` classes to support the >> encryption and decryption of `KeyPair` and `PKCS8EncodedKeySpec` objects. >> >> thanks >> >> Tony > > Anthony Scarpino has updated the pull request incrementally with two > additional commits since the last revision: > > - fix non-pbe > - doc updates, zeroing, fix unencrypted keypair encoding, exception mods src/java.base/share/classes/javax/crypto/EncryptedPrivateKeyInfo.java line 1: > 1: /* Some inconsistency in parameter definitions that are the same across different methods. Please check and use consistent wording. src/java.base/share/classes/javax/crypto/EncryptedPrivateKeyInfo.java line 368: > 366: * @throws RuntimeException if encryption of the encoding fails > 367: * > 368: * @implNote The {@code jdk.epkcs8.defaultAlgorithm} security > property You can remove this impl note since algorithm param is required now. src/java.base/share/classes/javax/crypto/EncryptedPrivateKeyInfo.java line 535: > 533: * decryption key and provider. > 534: * > 535: * @param decryptKey the decryption key. Must not be {@code null} Missing period. src/java.base/share/classes/javax/crypto/EncryptedPrivateKeyInfo.java line 538: > 536: * @param provider the {@code Provider} used for {@link Cipher} > decryption > 537: * and {@link PrivateKey} generation. If {@code > null}, the > 538: * default provider configuration is used Missing period. src/java.base/share/classes/javax/crypto/EncryptedPrivateKeyInfo.java line 604: > 602: * @param decryptKey the decryption key; must not be {@code null} > 603: * @param provider the {@code Provider} used for {@link Cipher} > decryption > 604: * and key generation. If {@code null} the default > provider comma after "if null". src/java.base/share/classes/javax/crypto/EncryptedPrivateKeyInfo.java line 605: > 603: * @param provider the {@code Provider} used for {@link Cipher} > decryption > 604: * and key generation. If {@code null} the default > provider > 605: * configuration is used Missing period. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2453163439 PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2453121482 PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2453162122 PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2453157490 PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2453160035 PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2453158818
