Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8003631

There is no way to determine real type of a keystore (PKCS12 or JKS)

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P5
    • Resolution: Not an Issue
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: security-libs
    • Labels:
      None
    • Subcomponent:
    • Introduced In Build:
      beta
    • Introduced In Version:
      8
    • CPU:
      generic
    • OS:
      generic

      Description

      There is a strange feature at the implementation of the JEP166 (http://openjdk.java.net/jeps/166)

      I create & keystore:

              KeyStore ks = KeyStore.getInstance(type);
              FileInputStream fin = new FileInputStream("keystore.my");
              ks.load(fin, passwd.toCharArray());

      After that ks.getType() returns the 'type' value (when type is "jks" or "pkcs12"). It doesn't depend on the real format of keystore in the file "keystore.my".

      I think this behavior can be very surprising for users.
      It is possible that application receives keystore file from 3d party, converts it (if required) and sends to clients. In this use case application cannot make determine a keystore type by JDK security API.

        Attachments

          Activity

            People

            • Assignee:
              wetmore Bradford Wetmore
              Reporter:
              tledkov Taras Ledkov (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: