-
Bug
-
Resolution: Fixed
-
P2
-
9
-
b81
-
Verified
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8142003 | emb-9 | Vincent Ryan | P2 | Resolved | Fixed | team |
There is an issue with java.security.KeyStore.getInstance(File,char[]).
When one creates a KeyStore with the "keytool....-storepass pw" option, the implementation properly throws an IOException when the getInstance method is called with the wrong password. However, when getInstance is called with null as the password, the IOE is not thrown. While the spec does state that the password can be null, the IOE should be thrown when the KeyStore has a password.
The spec states: Throws: IOException - if there is an I/O or format problem with the keystore data, if a password is required but not given, or if the given password was incorrect.
This leads to a failure of new JCK test:
api/java_security/KeyStore/index.html#GetInstance3Tests[getInstanceIOE1]
When one creates a KeyStore with the "keytool....-storepass pw" option, the implementation properly throws an IOException when the getInstance method is called with the wrong password. However, when getInstance is called with null as the password, the IOE is not thrown. While the spec does state that the password can be null, the IOE should be thrown when the KeyStore has a password.
The spec states: Throws: IOException - if there is an I/O or format problem with the keystore data, if a password is required but not given, or if the given password was incorrect.
This leads to a failure of new JCK test:
api/java_security/KeyStore/index.html#GetInstance3Tests[getInstanceIOE1]
- backported by
-
JDK-8142003 KeyStore.getInstance(File,char[]) does not throw IOE for null password
-
- Resolved
-