Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-4959840

Add support to parse keyBag type in pkcs12 keystore

    Details

    • Type: Enhancement
    • Status: Resolved
    • Priority: P4
    • Resolution: Won't Fix
    • Affects Version/s: 1.4.2
    • Fix Version/s: None
    • Component/s: security-libs
    • Labels:
    • Subcomponent:
    • CPU:
      x86, sparc
    • OS:
      generic, windows_xp

      Description

      Currently, our pkcs12 keystore implementation supports shroudedkeybag
      type used to store encrypted private keys, as defined in PKCS#8
      EncryptedPrivateKeyInfo. As per the pkcs12 spec, private keys
      could also be stored as PrivateKeyInfo in KeyBags.

      As per the PKCS12 spec:

      KeyBag := PrivateKeyInfo
      PKCS8ShroudedKeyBag := EncrypedPrivateKeyInfo

      Currently we store encrypted private keys in Data contentInfo
      and certificate chain in EncryptedData contentInfo.
      However, private keys could also be saved as PrivateKeyInfo
      in keyBag, and stored in EncryptedData contentInfo

      When creating pkcs12 file, we store encrypted private key in
      shroudedkeybag. However, when reading pkcs12, need to add support
      to parse keybag type, and read the private key.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                vinnie Vincent Ryan
                Reporter:
                smalkanisunw Seema Malkani (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Imported:
                  Indexed: