Skip to content

Support for PBES2, PBEKeyfactory, PBEKey and PBEParameters #833

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Support for PBES2, PBEKeyfactory, PBEKey and PBEParameters #833

wants to merge 1 commit into from
+2,409 −165

Conversation

dev-koan
Copy link
Collaborator

@dev-koan dev-koan commented Oct 7, 2025

This update adds support for PBES2, PBEKeyFactory, PBEKey, and PBEParameters for PBE algorithms with Hmac and AES for OpenJCEPlus provider.

Signed-off-by: Dev Agarwal [email protected]

jasonkatonica
jasonkatonica requested changes Oct 7, 2025
View reviewed changes
README.md
SecretKeyFactory | PBKDF2WithHmacSHA224 |X |X | |
SecretKeyFactory | PBKDF2WithHmacSHA256 |X |X | |
SecretKeyFactory | PBKDF2WithHmacSHA384 |X |X | |
SecretKeyFactory | PBKDF2WithHmacSHA512 |X |X | |
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have noticed that there is also Mac services that make use of PBE also. For example on Java 25 do we want to intentionally skip these for now?

SunJCE: Mac.PBEWithHmacSHA512/224 SupportedKeyFormats
SunJCE: Mac.PBEWithHmacSHA384
SunJCE: Mac.PBEWithHmacSHA256
SunJCE: Mac.PBEWithHmacSHA224
SunJCE: Mac.PBEWithHmacSHA224 SupportedKeyFormats
SunJCE: Mac.PBEWithHmacSHA256 SupportedKeyFormats
SunJCE: Mac.PBEWithHmacSHA512/256
SunJCE: Mac.PBEWithHmacSHA512/256 SupportedKeyFormats
SunJCE: Mac.PBEWithHmacSHA1 SupportedKeyFormats
SunJCE: Mac.PBEWithHmacSHA384 SupportedKeyFormats
SunJCE: Mac.PBEWithHmacSHA1
SunJCE: Mac.PBEWithHmacSHA512/224
SunJCE: Mac.PBEWithHmacSHA512
SunJCE: Mac.PBEWithHmacSHA512 SupportedKeyFormats

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am not sure about this, we can discuss if we would want to add these

jasonkatonica
jasonkatonica reviewed Oct 8, 2025
View reviewed changes
jasonkatonica
jasonkatonica reviewed Oct 8, 2025
View reviewed changes
@dev-koan dev-koan force-pushed the implement_pbe branch 3 times, most recently from 3321ceb to cea7626 Compare October 10, 2025 10:23
dev-koan
dev-koan commented Oct 10, 2025
View reviewed changes
jasonkatonica
jasonkatonica requested changes Oct 10, 2025
View reviewed changes
KostasTsiounis
KostasTsiounis requested changes Oct 14, 2025
View reviewed changes
jasonkatonica
jasonkatonica requested changes Oct 15, 2025
View reviewed changes
jasonkatonica
jasonkatonica requested changes Oct 16, 2025
View reviewed changes
@jasonkatonica
Copy link
Member

jasonkatonica commented Oct 16, 2025
edited
Loading

Performance seems good to me here vs the OpenJDK providers:

For example on linux x86 here is a small sample of the decrypt benchmark results:
image

And encrypt on x86 linux:
image

The full set of data is attached here for AIX, ppcle linux, and x86 linux:
performanceDataPBE.zip

JinhangZhang
JinhangZhang reviewed Oct 16, 2025
View reviewed changes
@dev-koan dev-koan force-pushed the implement_pbe branch 2 times, most recently from 5d492c9 to 7c24df7 Compare October 16, 2025 15:20
JinhangZhang
JinhangZhang requested changes Oct 16, 2025
View reviewed changes
taoliult
taoliult reviewed Oct 16, 2025
View reviewed changes
@dev-koan
Support for PBES2, PBEKeyfactory, PBEKey and PBEParameters
07aaa88 
This update adds support for PBES2, PBEKeyFactory, PBEKey,
and PBEParameters for PBE algorithms with Hmac and AES for
OpenJCEPlus provider.

Signed-off-by: Dev Agarwal <[email protected]>
jasonkatonica
jasonkatonica approved these changes Oct 17, 2025
View reviewed changes
Copy link
Member

@jasonkatonica jasonkatonica left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

taoliult
taoliult approved these changes Oct 17, 2025
View reviewed changes
Copy link
Collaborator

@taoliult taoliult left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

KostasTsiounis
KostasTsiounis approved these changes Oct 17, 2025
View reviewed changes
Copy link
Member

@KostasTsiounis KostasTsiounis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

JinhangZhang
JinhangZhang approved these changes Oct 17, 2025
View reviewed changes
Copy link
Collaborator

@JinhangZhang JinhangZhang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@taoliult taoliult taoliult approved these changes

@KostasTsiounis KostasTsiounis KostasTsiounis approved these changes

@jasonkatonica jasonkatonica jasonkatonica approved these changes

@JinhangZhang JinhangZhang JinhangZhang approved these changes

@johnpeck-us-ibm johnpeck-us-ibm Awaiting requested review from johnpeck-us-ibm

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@dev-koan @jasonkatonica @taoliult @KostasTsiounis @JinhangZhang