tools: Update comments for cacerts jks format

author: Stef Walter <stefw@gnome.org> 2013-02-24 17:27:50 +0100
committer: Stef Walter <stefw@gnome.org> 2013-03-03 10:07:08 +0100
commit: 02d7da2ba2247d017f248dd48e4365bd0a219bff (patch)
tree: 85fae520e7bc42a9fb2563474dff16b7adce0911
parent: b06bee023df6f4f2b004030e86e8ee90579681f5 (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/tools/extract-jks.c b/tools/extract-jks.c
index 93a7964..6d40da0 100644
--- a/tools/extract-jks.c
+++ b/tools/extract-jks.c
@@ -294,15 +294,15 @@ prepare_jks_buffer (P11KitIter *iter,
 	encode_msb_int ((unsigned char *)buffer->data + count_at, count);
 
 	/*
-	 * Java keystore reinvents HMAC and uses it to try and secure the
-	 * keystore. We fill this in and use an empty string as the password
-	 * for this keyed digest.
+	 * Java keystore reinvents HMAC and uses it to try and "secure" the
+	 * cacerts. We fill this in and use the default "changeit" string
+	 * as the password for this keyed digest.
 	 */
 	length = buffer->len;
 	digest = p11_buffer_append (buffer, P11_CHECKSUM_SHA1_LENGTH);
 	return_val_if_fail (digest != NULL, false);
 	p11_checksum_sha1 (digest,
-	                   "\000c\000h\000a\000n\000g\000e\000i\000t", 16, /* empty password */
+	                   "\000c\000h\000a\000n\000g\000e\000i\000t", 16, /* default password */
 	                   "Mighty Aphrodite", 16, /* go figure */
 	                   buffer->data, length,
 	                   NULL);
author	Stef Walter <stefw@gnome.org>	2013-02-24 17:27:50 +0100
committer	Stef Walter <stefw@gnome.org>	2013-03-03 10:07:08 +0100
commit	02d7da2ba2247d017f248dd48e4365bd0a219bff (patch)
tree	85fae520e7bc42a9fb2563474dff16b7adce0911
parent	b06bee023df6f4f2b004030e86e8ee90579681f5 (diff)