Loading...

XML

Word

Printable

Type: Enhancement
Resolution: Fixed
Priority: P2
Fix Version/s: 26
Affects Version/s: None
Component/s: security-libs
Labels:
- release-note=yes

Subcomponent:
java.security
Resolved In Build:
b23

There is a new stronger MAC algorithm for PKCS#12 defined in RFC 9879: https://www.rfc-editor.org/rfc/rfc9879.html. We should add support for it to our PKCS#12 KeyStore implementation.

csr for

JDK-8370042 PKCS#12 KeyStore support for RFC 9879: Use of Password-Based Message Authentication Code 1 (PBMAC1)

Closed

relates to

JDK-8371156 PBKDF2 default values should not be DER encoded

Open

JDK-8370245 Change default PKCS12 mac algorithm to PBMAC1

Open

JDK-8362894 PKCS12 KeyStore PBMAC1 interoperability testing

In Progress

JDK-8153005 Upgrade the default PKCS12 encryption/MAC algorithms

Resolved

JDK-8366979 Cannot change key length in PBMAC1

Open

links to

Commit(master) openjdk/jdk/1781b186

Review(master) openjdk/jdk/24429

(1 relates to, 2 links to)

Release Note: support for PBMAC1 protection on PKCS12 keystores

New

Mark Powers

Assignee:: Mark Powers
Reporter:: Youliang Guo
Votes:: 0 Vote for this issue
Watchers:: 10 Start watching this issue

Created:: 2024-10-29 14:08
Updated:: 2 days ago 09:01
Resolved:: 2025-10-31 10:56

Details

Description

Attachments

Issue Links

Sub-Tasks

Activity

People

Dates