archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-25 22:04:51 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8347428: Avoid using secret-key in specifications

Browse source 
Reviewed-by: mullan
This commit is contained in:
Ben Perez 2025-02-03 22:14:38 +00:00
parent 618c5eb27b
commit 43979fb1be
7 changed files with 28 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/java.base/share/classes/com/sun/crypto/provider/JceKeyStore.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998, 2024, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1998, 2025, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -820,7 +820,7 @@ public final class JceKeyStore extends KeyStoreSpi {
// Add the entry to the list
entries.put(alias, entry);
} else if (tag == 3) { // secret-key entry
} else if (tag == 3) { // secret key entry
secretKeyCount++;
SecretKeyEntry entry = new SecretKeyEntry();

4
src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2024, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2025, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -566,7 +566,7 @@ public final class SunJCE extends Provider {
null);
/*
* Secret-key factories
* Secret key factories
*/
ps("SecretKeyFactory", "DES",
"com.sun.crypto.provider.DESKeyFactory");

18
src/java.base/share/classes/javax/crypto/SecretKeyFactory.java
View file

@ -52,7 +52,7 @@ import sun.security.jca.GetInstance.Instance;
* {@link #generateSecret(java.security.spec.KeySpec) generateSecret} and
* {@link #getKeySpec(javax.crypto.SecretKey, java.lang.Class) getKeySpec}
* methods.
* For example, the DESede (Triple DES) secret-key factory supplied by the
* For example, the DESede (Triple DES) secret key factory supplied by the
* "SunJCE" provider supports {@code DESedeKeySpec} as a transparent
* representation of Triple DES keys.
*
@ -100,7 +100,7 @@ public class SecretKeyFactory {
*
* @param keyFacSpi the delegate
* @param provider the provider
* @param algorithm the secret-key algorithm
* @param algorithm the secret key algorithm
*/
protected SecretKeyFactory(SecretKeyFactorySpi keyFacSpi,
Provider provider, String algorithm) {
@ -140,7 +140,7 @@ public class SecretKeyFactory {
* may be different from the order of providers returned by
* {@link Security#getProviders() Security.getProviders()}.
*
* @param algorithm the standard name of the requested secret-key
* @param algorithm the standard name of the requested secret key
* algorithm.
* See the SecretKeyFactory section in the <a href=
* "{@docRoot}/../specs/security/standard-names.html#secretkeyfactory-algorithms">
@ -176,7 +176,7 @@ public class SecretKeyFactory {
* <p> Note that the list of registered providers may be retrieved via
* the {@link Security#getProviders() Security.getProviders()} method.
*
* @param algorithm the standard name of the requested secret-key
* @param algorithm the standard name of the requested secret key
* algorithm.
* See the SecretKeyFactory section in the <a href=
* "{@docRoot}/../specs/security/standard-names.html#secretkeyfactory-algorithms">
@ -221,7 +221,7 @@ public class SecretKeyFactory {
* object is returned. Note that the specified provider object
* does not have to be registered in the provider list.
*
* @param algorithm the standard name of the requested secret-key
* @param algorithm the standard name of the requested secret key
* algorithm.
* See the SecretKeyFactory section in the <a href=
* "{@docRoot}/../specs/security/standard-names.html#secretkeyfactory-algorithms">
@ -327,7 +327,7 @@ public class SecretKeyFactory {
* @return the secret key
*
* @exception InvalidKeySpecException if the given key specification
* is inappropriate for this secret-key factory to produce a secret key.
* is inappropriate for this secret key factory to produce a secret key.
*/
public final SecretKey generateSecret(KeySpec keySpec)
throws InvalidKeySpecException {
@ -371,7 +371,7 @@ public class SecretKeyFactory {
* whereas {@code keySpec} is the specification of a software-based
* key), or the given key cannot be dealt with
* (e.g., the given key has an algorithm or format not supported by this
* secret-key factory).
* secret key factory).
*/
public final KeySpec getKeySpec(SecretKey key, Class<?> keySpec)
throws InvalidKeySpecException {
@ -399,14 +399,14 @@ public class SecretKeyFactory {
/**
* Translates a key object, whose provider may be unknown or potentially
* untrusted, into a corresponding key object of this secret-key factory.
* untrusted, into a corresponding key object of this secret key factory.
*
* @param key the key whose provider is unknown or untrusted
*
* @return the translated key
*
* @exception InvalidKeyException if the given key cannot be processed
* by this secret-key factory.
* by this secret key factory.
*/
public final SecretKey translateKey(SecretKey key)
throws InvalidKeyException {

16
src/java.base/share/classes/javax/crypto/SecretKeyFactorySpi.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2025, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -33,13 +33,13 @@ import java.security.spec.*;
* for the {@code SecretKeyFactory} class.
* All the abstract methods in this class must be implemented by each
* cryptographic service provider who wishes to supply the implementation
* of a secret-key factory for a particular algorithm.
* of a secret key factory for a particular algorithm.
*
* <P> A provider should document all the key specifications supported by its
* secret key factory.
* For example, the DES secret-key factory supplied by the "SunJCE" provider
* For example, the DES secret key factory supplied by the "SunJCE" provider
* supports {@code DESKeySpec} as a transparent representation of DES
* keys, and that provider's secret-key factory for Triple DES keys supports
* keys, and that provider's secret key factory for Triple DES keys supports
* {@code DESedeKeySpec} as a transparent representation of Triple DES
* keys.
*
@ -67,7 +67,7 @@ public abstract class SecretKeyFactorySpi {
* @return the secret key
*
* @exception InvalidKeySpecException if the given key specification
* is inappropriate for this secret-key factory to produce a secret key.
* is inappropriate for this secret key factory to produce a secret key.
*/
protected abstract SecretKey engineGenerateSecret(KeySpec keySpec)
throws InvalidKeySpecException;
@ -91,7 +91,7 @@ public abstract class SecretKeyFactorySpi {
* whereas {@code keySpec} is the specification of a software-based
* key), or the given key cannot be dealt with
* (e.g., the given key has an algorithm or format not supported by this
* secret-key factory).
* secret key factory).
*/
protected abstract KeySpec engineGetKeySpec(SecretKey key, Class<?> keySpec)
throws InvalidKeySpecException;
@ -99,14 +99,14 @@ public abstract class SecretKeyFactorySpi {
/**
* Translates a key object, whose provider may be unknown or
* potentially untrusted, into a corresponding key object of this
* secret-key factory.
* secret key factory.
*
* @param key the key whose provider is unknown or untrusted
*
* @return the translated key
*
* @exception InvalidKeyException if the given key cannot be processed
* by this secret-key factory.
* by this secret key factory.
*/
protected abstract SecretKey engineTranslateKey(SecretKey key)
throws InvalidKeyException;

6
src/java.base/share/classes/javax/crypto/spec/PBEKeySpec.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2024, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2025, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -42,9 +42,9 @@ import java.util.Arrays;
* PKCS #12 looks at all 16 bits of each character.
*
* <p>You convert the password characters to a PBE key by creating an
* instance of the appropriate secret-key factory. For example, a secret-key
* instance of the appropriate secret key factory. For example, a secret key
* factory for PKCS #5 will construct a PBE key from only the low order 8 bits
* of each password character, whereas a secret-key factory for PKCS #12 will
* of each password character, whereas a secret key factory for PKCS #12 will
* take all 16 bits of each character.
*
* <p>Also note that this class stores passwords as char arrays instead of

4
src/java.base/share/classes/javax/crypto/spec/SecretKeySpec.java
View file

@ -91,7 +91,7 @@ public class SecretKeySpec implements KeySpec, SecretKey {
*
* @param key the key material of the secret key. The contents of
* the array are copied to protect against subsequent modification.
* @param algorithm the name of the secret-key algorithm to be associated
* @param algorithm the name of the secret key algorithm to be associated
* with the given key material.
* See the SecretKey Algorithms section in the
* <a href="{@docRoot}/../specs/security/standard-names.html#secretkey-algorithms">
@ -136,7 +136,7 @@ public class SecretKeySpec implements KeySpec, SecretKey {
* @param offset the offset in <code>key</code> where the key material
* starts.
* @param len the length of the key material.
* @param algorithm the name of the secret-key algorithm to be associated
* @param algorithm the name of the secret key algorithm to be associated
* with the given key material.
* See the SecretKey Algorithms section in the
* <a href="{@docRoot}/../specs/security/standard-names.html#secretkey-algorithms">