Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8329419

Implementation of PEM API (Preview)

    XMLWordPrintable

Details

    • CSR
    • Resolution: Unresolved
    • P2
    • 24
    • security-libs
    • None
    • minimal
    • Java API, System or security property
    • SE

    Description

      Summary

      Introduce an API for encoding and decoding the Privacy-Enhanced Mail (PEM) format. The PEM format is used for storing and sending cryptographic keys and certificates.

      Problem

      PEM is a textual encoding used for storing and transferring security objects, such as asymmetric keys, certificates, and certificate revocation lists (CRLs). Defined in RFC 1421 and RFC 7468, PEM consists of a Base64-formatted binary encoding surrounded by a header and footer identifying the type.

      The Java API does not provide an easy-to-use implementation of PEM. It leaves much of the work to the developer; from using trial-and-error techniques to discover the binary encoded key algorithm, to stripping or adding PEM headers and footers, to creating all the encryption objects necessary to encrypt or decrypt a private key. This complexity drives users to find other solutions. Java can simplify these tasks by providing an internal parser to obtain the key algorithm and a simple API to read and write PEM textual data. The next two sections will illustrate how the current Java APIs are lacking and tedious to use for reading and writing PEM textual data.

      Solution

      Provide new API to encode and decode PEM data. Alternative API designs are documented in the JEP (https://bugs.openjdk.org/browse/JDK-8300911).

      Specification

      See attached pem-spec file

      Attachments

        Issue Links

          Activity

            People

              ascarpino Anthony Scarpino
              ascarpino Anthony Scarpino
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated: