JDK-4508341 : should add the two more methods to the class of EncryptedPrivateKeyInfo
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: javax.crypto
  • Affected Version: 1.4.0
  • Priority: P4
  • Status: Resolved
  • Resolution: Fixed
  • OS: generic
  • CPU: generic
  • Submitted: 2001-09-28
  • Updated: 2017-05-16
  • Resolved: 2003-08-17
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availabitlity Release.

To download the current JDK release, click here.
Other
5.0 tigerFixed
Description
we should add the following two methods for the class of javax.crypto.EncryptedPrivateKeyInfo
    
    public PKCS8EncodedKeySpec getKeySpec(Key key) 
	throws InvalidKeySpecException
	
    public PKCS8EncodedKeySpec getKeySpec(Key key, String provider) 
	throws InvalidKeySpecException


Justification:
    a) In this approach, the getKeySpec method creates a cipher object for the
       appropriate decryption algorithm and initializes it with the given
       decryption key and the algorithm parameters (if any) that were stored in
       the EncryptedPrivateKeyInfo object.
       
       This approach has the advantage that the party who retrieve the
       PKCS8EncodedKeySpec object does not need to keep track of the parameters
       (e.g., an IV, algorithm name, Cipher mode, padding scheme and so on) that
       were used to encrypt the PKCS8EncodedKeySpec object.
       
    b) (Consistency point of view)
       Follow the same the design principle used by other JAVA API design
       For example, look at        
       http://java.sun.com/j2se/1.4/docs/api/javax/crypto/SealedObject.html
       
       The following two methods are provided for SealedObject class        
	getObject(Key key) 
	getObject(Key key, String provider) 
	
       since SealedObject and EncryptedPrivateKeyInfo class are kind of similar,
       should they offer the similar set of API in order to achieve the same
       level of EOU (ease of use)?

Comments
CONVERTED DATA BugTraq+ Release Management Values COMMIT TO FIX: tiger FIXED IN: tiger INTEGRATED IN: tiger tiger-b16
2004-09-01

EVALUATION ###@###.### 2003-07-11 will fix.
2003-07-11