Fix for: 6415637: PKCS#12 key stores with empty passwords

Vincent Ryan vincent.x.ryan at
Thu Feb 2 04:05:57 PST 2012

That fix looks fine.

On 02/ 2/12 04:48 AM, Weijun Wang wrote:
> I've created a webrev for Florain at
> Very tiny format changes, removing trailing whitespaces, change TABs to spaces,
> and add braces for one-line block in two places.
> The code change looks fine, but I would like to get a confirmation from someone
> in the JCE team.
> Thanks
> Max
> On 01/31/2012 09:47 PM, Florian Weimer wrote:
>> I've ported my previous patch to fix bug 6415637 to the current jdk8-tl
>> forrest.
>> There are two related changes (quoting from the initial submission):
>> 1. The password and salt expansion resulted in a division by zero for
>>     empty password strings.
>> 2. Practically speaking, there are two different ways of deriving keys
>>     from an empty passphrase: the terminating NUL character is required
>>     by the specification, but is left out by some implementations
>>     (including OpenJDK if the first bug is fixed).  OpenSSL tries to
>>     decrypt with both encodings, and the patch implements that as well.
>>     It is difficult to properly implement the retry behavior without
>>     changing any interfaces, so this patch uses "\0" for the password
>>     *without* a NUL terminator.  This is a bit confusing, but it ensures
>>     that passing an empty string as the password creates a PKCS#12 store
>>     which is compliant with the specification.
>> Because of the division of zero issue, the second change does not
>> actually modify visible behavior.
>> To my knowledge, there is now an OCA which covers this change.

More information about the security-dev mailing list