RFR 8245679: KeyStore cannot probe PKCS12 keystore if BouncyCastle is the top security provider
Sean Mullan
sean.mullan at oracle.com
Fri Jun 12 16:00:05 UTC 2020
Looks good to me.
--Sean
On 6/8/20 8:25 AM, Weijun Wang wrote:
> Please take a look at
>
> https://cr.openjdk.java.net/~weijun/8245679/webrev.00/
>
> If two providers support the same keystore type, we only try engineProbe() on the 1st one, and fail if it hasn't implemented it. The correct way is to try KeyStoreSpi from all providers.
>
> I also fixed an error that engineProbe() of both JKS and CaseExactJKS would return true on a JKS keystore, since the method is implemented in their common base class. This means there's a chance that a JKS keystore would be recognized as a CaseExactJKS keystore. This is seen after my code change in KeyStore.
>
> Thanks,
> Max
>
More information about the security-dev
mailing list