markt-asf commented on a change in pull request #462:
URL: https://github.com/apache/tomcat/pull/462#discussion_r779920656
##########
File path: java/org/apache/tomcat/util/net/jsse/PEMFile.java
##########
@@ -210,6 +214,14 @@ public PrivateKey toPrivateKey(String password, String
keyAlgorithm, Format form
throw exception;
}
+ private String getPBEAlgorithm(EncryptedPrivateKeyInfo privateKeyInfo)
{
+ AlgorithmParameters parameters = privateKeyInfo.getAlgParameters();
+ if(parameters != null &&
OID_PKCS5_PBES2.equals(privateKeyInfo.getAlgName())) {
+ return parameters.toString();
Review comment:
Having looked at the complexity of extracting the algorithm name from
from encoded parameters, and given that the JRE depends on the toString()
implementation as well in places, I think it is reasonable to use toString()
for now. We'll always have the option of parsing the parameters directly if we
discover problems with the toString() approach in the future.
Given PBES2 support is currently broken, the worst this change will do is
maintain the status quo. The more likely result is the PBES2 will be supported
for most (all?) use cases.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
