From 02d7da2ba2247d017f248dd48e4365bd0a219bff Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Sun, 24 Feb 2013 17:27:50 +0100 Subject: tools: Update comments for cacerts jks format --- tools/extract-jks.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'tools') diff --git a/tools/extract-jks.c b/tools/extract-jks.c index 93a7964..6d40da0 100644 --- a/tools/extract-jks.c +++ b/tools/extract-jks.c @@ -294,15 +294,15 @@ prepare_jks_buffer (P11KitIter *iter, encode_msb_int ((unsigned char *)buffer->data + count_at, count); /* - * Java keystore reinvents HMAC and uses it to try and secure the - * keystore. We fill this in and use an empty string as the password - * for this keyed digest. + * Java keystore reinvents HMAC and uses it to try and "secure" the + * cacerts. We fill this in and use the default "changeit" string + * as the password for this keyed digest. */ length = buffer->len; digest = p11_buffer_append (buffer, P11_CHECKSUM_SHA1_LENGTH); return_val_if_fail (digest != NULL, false); p11_checksum_sha1 (digest, - "\000c\000h\000a\000n\000g\000e\000i\000t", 16, /* empty password */ + "\000c\000h\000a\000n\000g\000e\000i\000t", 16, /* default password */ "Mighty Aphrodite", 16, /* go figure */ buffer->data, length, NULL); -- cgit v1.1