-
Enhancement
-
Resolution: Won't Fix
-
P4
-
None
-
1.4.2
-
x86, sparc
-
generic, windows_xp
Currently, our pkcs12 keystore implementation supports shroudedkeybag
type used to store encrypted private keys, as defined in PKCS#8
EncryptedPrivateKeyInfo. As per the pkcs12 spec, private keys
could also be stored as PrivateKeyInfo in KeyBags.
As per the PKCS12 spec:
KeyBag := PrivateKeyInfo
PKCS8ShroudedKeyBag := EncrypedPrivateKeyInfo
Currently we store encrypted private keys in Data contentInfo
and certificate chain in EncryptedData contentInfo.
However, private keys could also be saved as PrivateKeyInfo
in keyBag, and stored in EncryptedData contentInfo
When creating pkcs12 file, we store encrypted private key in
shroudedkeybag. However, when reading pkcs12, need to add support
to parse keybag type, and read the private key.
type used to store encrypted private keys, as defined in PKCS#8
EncryptedPrivateKeyInfo. As per the pkcs12 spec, private keys
could also be stored as PrivateKeyInfo in KeyBags.
As per the PKCS12 spec:
KeyBag := PrivateKeyInfo
PKCS8ShroudedKeyBag := EncrypedPrivateKeyInfo
Currently we store encrypted private keys in Data contentInfo
and certificate chain in EncryptedData contentInfo.
However, private keys could also be saved as PrivateKeyInfo
in keyBag, and stored in EncryptedData contentInfo
When creating pkcs12 file, we store encrypted private key in
shroudedkeybag. However, when reading pkcs12, need to add support
to parse keybag type, and read the private key.
- relates to
-
JDK-8190932 Sun Provider's PKCS12 KeyStore should document that KeyBag type is not supported
-
- Resolved
-