Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8007934

algorithm parameters for PBE Scheme 2 not decoded correctly in PKCS12 keystore

XMLWordPrintable

    • b78
    • Verified

        Private keys and secret keys are protected in PKCS #12 by means of a Password-based Encryption (PBE)
        algorithm. Several PBE algorithms are standardized in PKCS #12.

        Support for stronger PBE Scheme 2 (PBES2) algorithms was added to the implementation for PKCS12
        keystore. However decoding the algorithm parameters for PBES2 from ASN.1 DER is not handled correctly.

        The effect of this is that protection of crypto keys is limited to weaker PBE algorithms rather than the
        stronger PBES2 algorithms.

              vinnie Vincent Ryan
              vinnie Vincent Ryan
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: