-
Bug
-
Resolution: Fixed
-
P3
-
None
-
b28
-
Verified
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8247537 | 16 | Weijun Wang | P3 | Resolved | Fixed | b02 |
| JDK-8249424 | 15.0.1 | Unassigned | P3 | Resolved | Fixed | b01 |
Internally, KeyStore.getInstance(File, password) is supported by
1 private static final KeyStore getInstance(File file, ...) throws ... {
2 try (open file as dataStream) {
3 for (String type : Security.getAlgorithms("KeyStore")) {
4 Object[] objs = null;
5 try {
6 objs = Security.getImpl(type, "KeyStore", (String)null);
7 KeyStoreSpi impl = (KeyStoreSpi)objs[0];
8 if (impl.engineProbe(dataStream)) {
9 keystore = new KeyStore(impl, (Provider)objs[1], type);
10 break;
11 }
12 }
13 }
14 if (keystore != null) {
15 load it and return;
16 }
17 }
18 die;
19 }
Unfortunately, on line 3, only the storetype names are returned. This means when type == "pkcs12", BC's pkcs12 keystore impl will be returned on line 6 but it does not support probing. The loop continues to other storetypes, and finally reach the die point. What a pity!
Maybe we should iterate through all <Provider,storetype> pairs on line 3.
1 private static final KeyStore getInstance(File file, ...) throws ... {
2 try (open file as dataStream) {
3 for (String type : Security.getAlgorithms("KeyStore")) {
4 Object[] objs = null;
5 try {
6 objs = Security.getImpl(type, "KeyStore", (String)null);
7 KeyStoreSpi impl = (KeyStoreSpi)objs[0];
8 if (impl.engineProbe(dataStream)) {
9 keystore = new KeyStore(impl, (Provider)objs[1], type);
10 break;
11 }
12 }
13 }
14 if (keystore != null) {
15 load it and return;
16 }
17 }
18 die;
19 }
Unfortunately, on line 3, only the storetype names are returned. This means when type == "pkcs12", BC's pkcs12 keystore impl will be returned on line 6 but it does not support probing. The loop continues to other storetypes, and finally reach the die point. What a pity!
Maybe we should iterate through all <Provider,storetype> pairs on line 3.
- backported by
-
JDK-8247537 KeyStore cannot probe PKCS12 keystore if BouncyCastle is the top security provider
-
- Resolved
-
-
-
- Resolved
-
- relates to
-
-
- Resolved
-