turcsanyip commented on code in PR #7817:
URL: https://github.com/apache/nifi/pull/7817#discussion_r1341946988
##########
nifi-nar-bundles/nifi-standard-services/nifi-key-service-bundle/nifi-key-service/src/test/java/org/apache/nifi/key/service/StandardPrivateKeyServiceTest.java:
##########
@@ -118,6 +134,21 @@ void testGetPrivateKeyEncryptedKey() throws Exception {
assertEquals(generatedPrivateKey, privateKey);
}
+ private static String[] encryptionAlgorithms() {
+ return new String[] {
+ AES_128_CBC,
+ AES_192_CBC,
+ AES_256_CBC,
+ DES3_CBC,
+ PBE_SHA1_RC4_128,
+ PBE_SHA1_RC4_40,
+ PBE_SHA1_3DES,
+ PBE_SHA1_2DES,
+ PBE_SHA1_RC2_128,
+ PBE_SHA1_RC2_40
Review Comment:
Thanks @exceptionfactory for your review!
Yes, it makes sense to narrow down the encryption algorithms to be tested.
However, I would keep one more: `PBE_SHA1_3DES`
This was the original test input and it ends up in the
[PKCS12](https://github.com/bcgit/bc-java/blob/7349980f39aa26541f69d99e66416e84b9f7c005/pkix/src/main/java/org/bouncycastle/openssl/jcajce/JceOpenSSLPKCS8DecryptorProviderBuilder.java#L101)
branch, so it is handled differently than `AES_256_CBC` and `DES3_CBC`.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
