Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8245679

KeyStore cannot probe PKCS12 keystore if BouncyCastle is the top security provider

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P3
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 15
    • Component/s: security-libs
    • Labels:
    • Subcomponent:
    • Resolved In Build:
      b28
    • Verification:
      Verified

      Backports

        Description

        Internally, KeyStore.getInstance(File, password) is supported by

             1   private static final KeyStore getInstance(File file, ...) throws ... {
             2     try (open file as dataStream) {
             3       for (String type : Security.getAlgorithms("KeyStore")) {
             4         Object[] objs = null;
             5         try {
             6           objs = Security.getImpl(type, "KeyStore", (String)null);
             7           KeyStoreSpi impl = (KeyStoreSpi)objs[0];
             8           if (impl.engineProbe(dataStream)) {
             9             keystore = new KeyStore(impl, (Provider)objs[1], type);
            10             break;
            11           }
            12         }
            13       }
            14       if (keystore != null) {
            15         load it and return;
            16       }
            17     }
            18     die;
            19   }

        Unfortunately, on line 3, only the storetype names are returned. This means when type == "pkcs12", BC's pkcs12 keystore impl will be returned on line 6 but it does not support probing. The loop continues to other storetypes, and finally reach the die point. What a pity!

        Maybe we should iterate through all <Provider,storetype> pairs on line 3.

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  weijun Weijun Wang
                  Reporter:
                  weijun Weijun Wang
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  4 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: