Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8007934

algorithm parameters for PBE Scheme 2 not decoded correctly in PKCS12 keystore

    XMLWordPrintable

    Details

    • Subcomponent:
    • Resolved In Build:
      b78
    • Verification:
      Verified

      Backports

        Description

        Private keys and secret keys are protected in PKCS #12 by means of a Password-based Encryption (PBE)
        algorithm. Several PBE algorithms are standardized in PKCS #12.

        Support for stronger PBE Scheme 2 (PBES2) algorithms was added to the implementation for PKCS12
        keystore. However decoding the algorithm parameters for PBES2 from ASN.1 DER is not handled correctly.

        The effect of this is that protection of crypto keys is limited to weaker PBE algorithms rather than the
        stronger PBES2 algorithms.

          Attachments

            Issue Links

              Activity

                People

                Assignee:
                vinnie Vincent Ryan
                Reporter:
                vinnie Vincent Ryan
                Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved: