Unexpected Keystore message using jdk.crypto.disabledAlgorithms

XMLWordPrintable

    • Type: Bug
    • Resolution: Unresolved
    • Priority: P4
    • tbd
    • Affects Version/s: 26
    • Component/s: security-libs
    • None

      $ cat ListCacertsAliases.java

      import java.security.KeyStore;
      import java.util.*;

      public class ListCacertsAliases {
          public static void main(String[] args) throws Exception {
              String cacertsPath = System.getProperty("java.home") + "/lib/security/cacerts";
              KeyStore ks = KeyStore.getInstance(new java.io.File(cacertsPath), "changeit".toCharArray());
          }
      }


      *****
      Using current jdk feature dev binary:

      java -Djdk.crypto.disabledAlgorithms=KeyStore.PKCS12 ListCacertsAliases
      Exception in thread "main" java.security.KeyStoreException: Unrecognized keystore format. Please load it with a specified type
              at java.base/java.security.KeyStore.getInstance(KeyStore.java:1898)
              at java.base/java.security.KeyStore.getInstance(KeyStore.java:1761)
              at ListCacertsAliases.main(ListCacertsAliases.java:7)

      ****

      The JDK has knowledge of the PKCS12 keystore format. It's a spec requirement.

      Expected an exception similar to below (from related code) :

              if (!CryptoAlgorithmConstraints.permits("KEYSTORE", type)) {
                  throw new KeyStoreException(type + " is disabled");
              }

            Assignee:
            Valerie Peng
            Reporter:
            Sean Coffey
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: