On Fri, 15 May 2026 22:31:27 GMT, Anthony Scarpino <[email protected]> wrote:
>> Please review the finalized PEM API at https://openjdk.org/jeps/8376991. The >> most significant changes from the second preview, JEP 524 >> (https://openjdk.org/jeps/524), include: >> >> - The `PEM` class is now an ordinary class rather than a record. It adds >> Binary-encoded content constructors and data is defensively copied. >> - The `DEREncodable` interface is renamed to `BinaryEncodable` to more >> accurately reflect the binary data stored in PEM text. >> - In `EncryptedPrivateKeyInfo`, the `encrypt` methods now accept >> `BinaryEncodable`, and the `getKey()` and `getKeyPair()` methods no longer >> include a `Provider` parameter. >> - A new `CryptoException` class indicates failures in cryptographic >> processing at runtime. >> >> thanks >> >> --------- >> - [x] I confirm that I make this contribution in accordance with the >> [OpenJDK Interim AI Policy](https://openjdk.org/legal/ai). > > Anthony Scarpino has updated the pull request incrementally with one > additional commit since the last revision: > > comments src/java.base/share/classes/javax/crypto/EncryptedPrivateKeyInfo.java line 488: > 486: // For the unlikely case a non-PBE cipher is used, get > the OID. > 487: algId = new > AlgorithmId(AlgorithmId.get(algorithm).getOID(), > 488: c.getParameters()); This is not always available. For example, if `algorithm` is "AES/CBC/NoPadding", it does not have an OID. OIDs are defined for a keysize, like "AES_128/CBC/NoPadding". ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/29640#discussion_r3260671424
