On Wed, 24 Jan 2024 00:01:06 GMT, Anthony Scarpino <ascarp...@openjdk.org> wrote:
> Hi all, > > I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a format > for encoding and decoding cryptographic keys and certificates. It will be > integrated into JDK24 as a Preview Feature. Preview features does not > permanently define the API and it is subject to change in future releases > until it is finalized. > > Details about this change can be seen at [PEM API > JEP](https://bugs.openjdk.org/browse/JDK-8300911). > > Thanks > > Tony src/java.base/share/classes/java/security/PEMDecoder.java line 82: > 80: > 81: // Singleton instance for PEMDecoder > 82: final private static PEMDecoder PEM_DECODER = new PEMDecoder(null, > null); Suggestion: public final class PEMDecoder { private final Provider factory; private final char[] password; // Singleton instance for PEMDecoder private static final PEMDecoder PEM_DECODER = new PEMDecoder(null, null); src/java.base/share/classes/java/security/PEMEncoder.java line 76: > 74: > 75: // Singleton instance of PEMEncoder > 76: final private static PEMEncoder PEM_ENCODER = new PEMEncoder(null); Suggestion: public final class PEMEncoder { // Singleton instance of PEMEncoder private final static PEMEncoder PEM_ENCODER = new PEMEncoder(null); src/java.base/share/classes/sun/security/util/Pem.java line 93: > 91: > 92: public static final byte[] LINESEPARATOR = "\r\n" > 93: .getBytes(StandardCharsets.UTF_8); These arrays should probably be marked as [`@Stable`]: Suggestion: /** * Public Key PEM header & footer */ public static final @Stable byte[] PUBHEADER = "-----BEGIN PUBLIC KEY-----" .getBytes(StandardCharsets.UTF_8); public static final @Stable byte[] PUBFOOTER = "-----END PUBLIC KEY-----" .getBytes(StandardCharsets.UTF_8); /** * Private Key PEM header & footer */ public static final @Stable byte[] PKCS8HEADER = "-----BEGIN PRIVATE KEY-----" .getBytes(StandardCharsets.UTF_8); public static final @Stable byte[] PKCS8FOOTER = "-----END PRIVATE KEY-----" .getBytes(StandardCharsets.UTF_8); /** * Encrypted Private Key PEM header & footer */ public static final @Stable byte[] PKCS8ENCHEADER = "-----BEGIN ENCRYPTED PRIVATE KEY-----" .getBytes(StandardCharsets.UTF_8); public static final @Stable byte[] PKCS8ENCFOOTER = "-----END ENCRYPTED PRIVATE KEY-----" .getBytes(StandardCharsets.UTF_8); /** * Certificate PEM header & footer */ public static final @Stable byte[] CERTHEADER = "-----BEGIN CERTIFICATE-----" .getBytes(StandardCharsets.UTF_8); public static final @Stable byte[] CERTFOOTER = "-----END CERTIFICATE-----" .getBytes(StandardCharsets.UTF_8); /** * CRL PEM header & footer */ public static final @Stable byte[] CRLHEADER = "-----BEGIN CRL-----" .getBytes(StandardCharsets.UTF_8); public static final @Stable byte[] CRLFOOTER = "-----END CRL-----" .getBytes(StandardCharsets.UTF_8); /** * PKCS#1/slleay/OpenSSL RSA PEM header & footer */ public static final @Stable byte[] PKCS1HEADER = "-----BEGIN RSA PRIVATE KEY-----" .getBytes(StandardCharsets.UTF_8); public static final @Stable byte[] PKCS1FOOTER = "-----END RSA PRIVATE KEY-----" .getBytes(StandardCharsets.UTF_8); public static final @Stable byte[] LINESEPARATOR = "\r\n" .getBytes(StandardCharsets.UTF_8); [`@Stable`]: https://github.com/openjdk/jdk/blob/master/src/java.base/share/classes/jdk/internal/vm/annotation/Stable.java src/java.base/share/classes/sun/security/util/Pem.java line 121: > 119: * characters in the base-64 alphabet and whitespaces. > 120: * @return the decoded bytes > 121: * @throws java.io.IOException if input is invalid Suggestion: * @throws IllegalArgumentException if input is invalid ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/17543#discussion_r1597305365 PR Review Comment: https://git.openjdk.org/jdk/pull/17543#discussion_r1597305962 PR Review Comment: https://git.openjdk.org/jdk/pull/17543#discussion_r1597304717 PR Review Comment: https://git.openjdk.org/jdk/pull/17543#discussion_r1597304989
