On Fri, 15 May 2026 22:31:27 GMT, Anthony Scarpino <[email protected]> wrote:
>> Please review the finalized PEM API at https://openjdk.org/jeps/8376991. The >> most significant changes from the second preview, JEP 524 >> (https://openjdk.org/jeps/524), include: >> >> - The `PEM` class is now an ordinary class rather than a record. It adds >> Binary-encoded content constructors and data is defensively copied. >> - The `DEREncodable` interface is renamed to `BinaryEncodable` to more >> accurately reflect the binary data stored in PEM text. >> - In `EncryptedPrivateKeyInfo`, the `encrypt` methods now accept >> `BinaryEncodable`, and the `getKey()` and `getKeyPair()` methods no longer >> include a `Provider` parameter. >> - A new `CryptoException` class indicates failures in cryptographic >> processing at runtime. >> >> thanks >> >> --------- >> - [x] I confirm that I make this contribution in accordance with the >> [OpenJDK Interim AI Policy](https://openjdk.org/legal/ai). > > Anthony Scarpino has updated the pull request incrementally with one > additional commit since the last revision: > > comments Not sure if I can comment here as a member of the public but: Does this API allow decoding PEM files containing lists of multiple arbitrary PEM objects, or only a specific subset of multiple objects? For example, an invocation of `openssl req -new -x509` will produce a PEM file containing contents in the form: -----BEGIN PRIVATE KEY----- CONTENTS HERE -----END PRIVATE KEY----- -----BEGIN CERTIFICATE----- CONTENTS HERE -----END CERTIFICATE----- Is it possible to iterate over all PEM objects in a given data source? It seems like a common operation someone would want to perform. ------------- PR Comment: https://git.openjdk.org/jdk/pull/29640#issuecomment-4502884083
