On Mon, 29 Sep 2025 03:45:38 GMT, Mark Powers <[email protected]> wrote:
>> [JDK-8343232](https://bugs.openjdk.org/browse/JDK-8343232) > > Mark Powers has updated the pull request incrementally with one additional > commit since the last revision: > > another day another iteration (This more of a usage report than a review.) I have been following along as this patch evolves, testing it against `SunPKCS11`. I have been configuring `java.security` with: security.provider.1=SunPKCS11 /tmp/nss.txt security.provider.2=SUN security.provider.3=SunRsaSign security.provider.4=SunEC security.provider.5=SunJSSE security.provider.6=SunJCE security.provider.7=SunJGSS security.provider.8=SunSASL security.provider.9=XMLDSig security.provider.10=SunPCSC security.provider.11=JdkLDAP security.provider.12=JdkSASL then running: keytool -J-Djava.security.debug=all -list -keystore rfc-9579-a.1.p12 -storepass 1234 -v As of commit https://github.com/openjdk/jdk/pull/24429/commits/ecda43f557b4f96c9f54287b13e7cf7056fb8e94, the patch requested `Mac.PBEWithHmacSHA256` directly. `SunPKCS11` does not claim to implement that algorithm name. So even though (in `java.security`) `SunPKCS11` took priority over `SunJCE`, `SunJCE`'s `HMAC-SHA256` algorithm was being used: 3236:Provider[0x3|main|KeyStore.java:822|2025-09-23 16:09:08.499]: KeyStore.PKCS12 type from: SUN 3240:Provider[0x3|main|Cipher.java:1606|2025-09-23 16:09:08.614]: Cipher.PBEWithHmacSHA256AndAES_256, mode: decryption, algorithm from: SunPKCS11-NSS [Start of SunJCE HMAC-SHA256 load messages] 3243:Provider[0x3|main|MessageDigest.java:200|2025-09-23 16:09:08.735]: MessageDigest.SHA-256 algorithm from: SunPKCS11-NSS 3244:Provider[0x3|main|MessageDigest.java:200|2025-09-23 16:09:08.739]: MessageDigest.SHA-256 algorithm from: SunPKCS11-NSS 3245:Provider[0x3|main|Mac.java:446|2025-09-23 16:09:08.740]: Mac.HmacSHA256 algorithm from: SunJCE 7342:Provider[0x3|main|Mac.java:473|2025-09-23 16:09:09.129]: Mac.PBEWithHmacSHA256 algorithm from: SunJCE [End of SunJCE HMAC-SHA256 load messages] 7346:Provider[0x3|main|Signature.java:545|2025-09-23 16:09:09.200]: Signature.SHA256withRSA verification algorithm from: SunPKCS11-NSS 7373:Provider[0x3|main|MessageDigest.java:200|2025-09-23 16:09:09.422]: MessageDigest.SHA-1 algorithm from: SunPKCS11-NSS 7375:Provider[0x3|main|MessageDigest.java:200|2025-09-23 16:09:09.422]: MessageDigest.SHA-256 algorithm from: SunPKCS11-NSS 7455:Provider[0x3|main|KeyStore.java:822|2025-09-23 16:09:09.466]: KeyStore.PKCS12 type from: SUN 7457:Provider[0x3|main|Cipher.java:1606|2025-09-23 16:09:09.466]: Cipher.PBEWithHmacSHA256AndAES_256, mode: decryption, algorithm from: SunPKCS11-NSS [Start of SunJCE HMAC-SHA256 load messages] 7460:Provider[0x3|main|MessageDigest.java:200|2025-09-23 16:09:09.468]: MessageDigest.SHA-256 algorithm from: SunPKCS11-NSS 7461:Provider[0x3|main|MessageDigest.java:200|2025-09-23 16:09:09.468]: MessageDigest.SHA-256 algorithm from: SunPKCS11-NSS 7462:Provider[0x3|main|Mac.java:446|2025-09-23 16:09:09.468]: Mac.HmacSHA256 algorithm from: SunJCE 11559:Provider[0x3|main|Mac.java:473|2025-09-23 16:09:09.831]: Mac.PBEWithHmacSHA256 algorithm from: SunJCE [End of SunJCE HMAC-SHA256 load messages] Commit https://github.com/openjdk/jdk/pull/24429/commits/7a010df9b6c75ac151c53979febcda56ec563ab8 fixed this issue by removing the "PBEWith" from the name: private void processMacData(AlgorithmParameterSpec params, MacData macData, char[] password, byte[] data, String macAlgorithm) throws Exception { final String kdfHmac; String tmp; tmp = macAlgorithm.replace("PBEWith", ""); if (!(tmp.equals("HmacSHA512") || tmp.equals("HmacSHA256"))) { kdfHmac = macAlgorithm; } else { kdfHmac = tmp; } Now `SunPKCS11`'s `HMAC-SHA256` is used, so my testing is satisfied: 3236:Provider[0x3|main|KeyStore.java:822|2025-09-23 15:58:07.252]: KeyStore.PKCS12 type from: SUN 3240:Provider[0x3|main|Cipher.java:1606|2025-09-23 15:58:07.396]: Cipher.PBEWithHmacSHA256AndAES_256, mode: decryption, algorithm from: SunPKCS11-NSS [Start SunPKCS11 HMAC-SHA256 load messages] 3243:Provider[0x3|main|Mac.java:446|2025-09-23 15:58:07.521]: Mac.HmacSHA256 algorithm from: SunPKCS11-NSS [End SunPKCS11 HMAC-SHA256 load messages] 3245:Provider[0x3|main|Signature.java:545|2025-09-23 15:58:07.591]: Signature.SHA256withRSA verification algorithm from: SunPKCS11-NSS 3272:Provider[0x3|main|MessageDigest.java:200|2025-09-23 15:58:07.813]: MessageDigest.SHA-1 algorithm from: SunPKCS11-NSS 3274:Provider[0x3|main|MessageDigest.java:200|2025-09-23 15:58:07.821]: MessageDigest.SHA-256 algorithm from: SunPKCS11-NSS 3354:Provider[0x3|main|KeyStore.java:822|2025-09-23 15:58:07.861]: KeyStore.PKCS12 type from: SUN 3356:Provider[0x3|main|Cipher.java:1606|2025-09-23 15:58:07.862]: Cipher.PBEWithHmacSHA256AndAES_256, mode: decryption, algorithm from: SunPKCS11-NSS [Start SunPKCS11 HMAC-SHA256 load messages] 3359:Provider[0x3|main|Mac.java:446|2025-09-23 15:58:07.864]: Mac.HmacSHA256 algorithm from: SunPKCS11-NSS [End SunPKCS11 HMAC-SHA256 load messages] I didn't see this explicitly discussed in the review comments, so I thought I would mention it. I wonder if it might make sense in a follow up PR to "future proof" `SunPKCS11` by having it declare support for `Mac.PBEWithHmacSHA256` by name, in case `PKCS12KeyStore.java` ever wanted to request that directly. ------------- PR Review: https://git.openjdk.org/jdk/pull/24429#pullrequestreview-3281733011
