Bug in apple.security.KeychainStore provider
Wang Weijun
weijun.wang at oracle.com
Fri Jun 13 08:50:39 UTC 2014
Hi David
I don't understand what it is but I've created a bug for you:
https://bugs.openjdk.java.net/browse/JDK-8046777
BTW, I see no patch. I'm also not sure if this "also found issues" is related to the main bug.
Thanks
Max
On Jun 13, 2014, at 16:31, David Kocher <dkocher at sudo.ch> wrote:
> (I haven’t found a way to register on bugs.openjdk.java.net and file a bug, therefore posting it here).
>
>
> There is a bug in the native KeystoreImpl that it only searches for identities that have a key usage of “Any” using CSSM_KEYUSE_ANY instead of passing `0` to the SecIdentitySearchCreate keychain function. Refer to line 282 in [1]. This will exclude all identities that have a specific key usage set such as “Encrypt, Verify, Wrap, Derive”.
>
>
> [1] http://hg.openjdk.java.net/jdk8/jdk8/jdk/file/687fd7c7986d/src/macosx/native/apple/security/KeystoreImpl.m
>
> I have also found issues with instances of KeyEntry that have an empty array for the “chain” property causing index out of bounds exceptions. See attached patch.
>
>
>
> -
> David
More information about the macosx-port-dev
mailing list