Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8007934

algorithm parameters for PBE Scheme 2 not decoded correctly in PKCS12 keystore

    XMLWordPrintable

Details

    • b78
    • Verified

    Backports

      Description

        Private keys and secret keys are protected in PKCS #12 by means of a Password-based Encryption (PBE)
        algorithm. Several PBE algorithms are standardized in PKCS #12.

        Support for stronger PBE Scheme 2 (PBES2) algorithms was added to the implementation for PKCS12
        keystore. However decoding the algorithm parameters for PBES2 from ASN.1 DER is not handled correctly.

        The effect of this is that protection of crypto keys is limited to weaker PBE algorithms rather than the
        stronger PBES2 algorithms.

        Attachments

          Issue Links

            Activity

              People

                vinnie Vincent Ryan
                vinnie Vincent Ryan
                Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: