tomaswolf commented on issue #590: URL: https://github.com/apache/mina-sshd/issues/590#issuecomment-2322844515
> not sure to follow. do you mean some new method in SecurityProviderRegistrar? No. The `PKCS8PEMResourceKeyPairParser` currently handles unencrypted and encrypted keys. For encrypted keys it relies on BC because of numerous bugs in PBES2 in earlier Java versions. The `PKCS8PEMResourceKeyPairParser` is unconditionally registered in `PEMResourceParserUtils`. My suggestion was to factor out the encrypted key handling into a separate parser, which would implement `OptionalFeature`, and which would be registered only if the required BC classes are present. (And/or BC was registered through a registrar. All this registrar stuff seems way overdesigned to me anyway. I don't quite understand why one would want to have yet another layer on top of Java's SecurityProvider. Why can't we just use whatever SecurityProviders are installed?) Re: ServiceLoader: seems simpler than using ThreadUtils and manual class loading. Java has a mechanism to such things, so why not use it. (It's another area of the code that I don't quite get why we have it at all. What's the problem with ServiceLoader that prompted the creation of these home-grown thread utils?) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
