RFR: 8301154: SunPKCS11 KeyStore deleteEntry results in dangling PrivateKey entries [v2]

Weijun Wang weijun at openjdk.org
Mon May 22 18:25:50 UTC 2023


On Fri, 12 May 2023 02:23:17 GMT, Valerie Peng <valeriep at openjdk.org> wrote:

>> Could someone help review this PKCS11KeyStore fix regarding the cert chain removal?
>> 
>> The proposed fix will not remove the cert if it has a corresponding private key or is an issuer of other entities in the same keystore.
>> 
>> Thanks,
>> Valerie
>
> Valerie Peng has updated the pull request incrementally with one additional commit since the last revision:
> 
>   Changed to use keytool to generate keypairs instead of importing from
>   data files.

test/jdk/sun/security/pkcs11/KeyStore/CertChainRemoval/temp.ks line 1:

> 1: ����root��c�0��0


is this file useful?

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/13743#discussion_r1200876867



More information about the security-dev mailing list