Details
-
Bug
-
Resolution: Fixed
-
P3
-
8
-
b78
-
Verified
Backports
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8266273 | 7u321 | Prasadarao Koppula | P3 | Resolved | Fixed | b01 |
JDK-8266512 | 7u311 | Prasadarao Koppula | P3 | Resolved | Fixed | b04 |
Description
Private keys and secret keys are protected in PKCS #12 by means of a Password-based Encryption (PBE)
algorithm. Several PBE algorithms are standardized in PKCS #12.
Support for stronger PBE Scheme 2 (PBES2) algorithms was added to the implementation for PKCS12
keystore. However decoding the algorithm parameters for PBES2 from ASN.1 DER is not handled correctly.
The effect of this is that protection of crypto keys is limited to weaker PBE algorithms rather than the
stronger PBES2 algorithms.
algorithm. Several PBE algorithms are standardized in PKCS #12.
Support for stronger PBE Scheme 2 (PBES2) algorithms was added to the implementation for PKCS12
keystore. However decoding the algorithm parameters for PBES2 from ASN.1 DER is not handled correctly.
The effect of this is that protection of crypto keys is limited to weaker PBE algorithms rather than the
stronger PBES2 algorithms.
Attachments
Issue Links
- backported by
-
JDK-8266273 algorithm parameters for PBE Scheme 2 not decoded correctly in PKCS12 keystore
- Resolved
-
JDK-8266512 algorithm parameters for PBE Scheme 2 not decoded correctly in PKCS12 keystore
- Resolved