Add support for password-based encryption scheme 2 params (PBES2) #13539
Conversation
|
Please also add unit tests. |
|
@xiezhaokun as @hyperxpro said... can you please add a unit test ? |
| @@ -102,6 +103,8 @@ public abstract class SslContext { | |||
|
|
|||
| private final boolean startTls; | |||
| private final AttributeMap attributes = new DefaultAttributeMap(); | |||
| private static final String OID_PKCS5_PBES2 = "1.2.840.113549.1.5.13"; | |||
| private static final String PBES2 = "PBES2"; | |||
There was a problem hiding this comment.
can you add a comment to explain where these values come from ?
|
Sounds like PKCS12 is a bit of a messy landscape but I'm told PBES2 is the "state of the art" there. A good test for this would be to generate a |
|
@xiezhaokun @chrisvest I added a test-case |
normanmaurer
force-pushed
the
issue-13536
branch
from
4e01429
to
d17af6f
Compare
|
/cc @hyperxpro |
| private static String getPBEAlgorithm(EncryptedPrivateKeyInfo encryptedPrivateKeyInfo) { | ||
| AlgorithmParameters parameters = encryptedPrivateKeyInfo.getAlgParameters(); | ||
| String algName = encryptedPrivateKeyInfo.getAlgName(); | ||
| // Java 8 ~ 16 returns OID_PKCS5_PBES2 |
There was a problem hiding this comment.
Does this mean Java < 8 are not supported?
There was a problem hiding this comment.
@hyperxpro good point... maybe we should just add a version check as well. Let me do this
|
Motivation:
Add support for password-based encryption scheme 2 params (PBES2)
Modification:
Describe the modifications you've done.
Result:
Fixes #13536
If there is no issue then describe the changes introduced by this PR.