[9] RFR: 8134232: KeyStore.load() throws an IOException with a wrong cause in case of wrong password

Artem Smotrakov artem.smotrakov at oracle.com
Fri Sep 11 11:46:57 UTC 2015


Hello,

Please review this for 9.

According to [1], KeyStore.load(InputStream, char[]) method should throw 
an IOException, and the cause of the IOException should be an 
UnrecoverableKeyException:

...
Throws:
IOException - if there is an I/O or format problem with the keystore 
data, if a password is required but not given, or if the given password 
was incorrect. If the error is due to a wrong password, the cause of the 
IOException should be an UnrecoverableKeyException
...

But in case of PKCS11, PKCS12 and JCEKS keystores it throws an 
IOException, but the cause is not UnrecoverableKeyException.

This fix updates PKCS11, PKCS12 and JCEKS keystore implementations to 
use UnrecoverableKeyException in case of wrong password. Also updated a 
couple of existing tests. Please note that an additional test will be 
added in https://bugs.openjdk.java.net/browse/JDK-8048622 (review pending).

Bug: https://bugs.openjdk.java.net/browse/JDK-8134232
Webrev: http://cr.openjdk.java.net/~asmotrak/8134232/webrev.00/

[1] 
http://docs.oracle.com/javase/8/docs/api/java/security/KeyStore.html#load-java.io.InputStream-char:A-

Artem


More information about the security-dev mailing list