RFR: 8343232: PKCS#12 KeyStore support for RFC 9579: Use of Password-Based Message Authentication Code 1 (PBMAC1)

Weijun Wang weijun at openjdk.org
Fri Sep 5 13:45:12 UTC 2025 

On Thu, 3 Apr 2025 22:58:39 GMT, Mark Powers <mpowers at openjdk.org> wrote:

> [JDK-8343232](https://bugs.openjdk.org/browse/JDK-8343232)

I cannot find a place how a new keystore can be generated using the new algorithm. I added `-J-Dkeystore.pkcs12.macAlgorithm=PBEWithHmacSHA256` to a keytool command and it fails:

$ keytool -keystore ks -keyalg ec -storepass changeit -genkeypair -alias a -dname CN=a -J-Dkeystore.pkcs12.macAlgorithm=PBEWithHmacSHA256 -debug
Command line args: [-keystore, ks, -keyalg, ec, -storepass, changeit, -genkeypair, -alias, a, -dname, CN=a, -debug]
Generating 384-bit EC (secp384r1) key pair and self-signed certificate (SHA384withECDSA) with a validity of 90 days
	for: CN=a
keytool error: java.io.IOException: Integrity check failed: java.security.NoSuchAlgorithmException: Algorithm HmacPBEHMACSHA256 not available
Exception in thread "main" java.io.IOException: Integrity check failed: java.security.NoSuchAlgorithmException: Algorithm HmacPBEHMACSHA256 not available
	at java.base/sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2204)
	at java.base/sun.security.util.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:226)
	at java.base/java.security.KeyStore.load(KeyStore.java:1502)
	at java.base/java.security.KeyStore.getInstance(KeyStore.java:1824)
	at java.base/java.security.KeyStore.getInstance(KeyStore.java:1708)
	at java.base/sun.security.tools.keytool.Main.doCommands(Main.java:1396)
	at java.base/sun.security.tools.keytool.Main.run(Main.java:422)
	at java.base/sun.security.tools.keytool.Main.main(Main.java:403)
Caused by: java.security.NoSuchAlgorithmException: Algorithm HmacPBEHMACSHA256 not available
	at java.base/javax.crypto.Mac.getInstance(Mac.java:192)
	at java.base/sun.security.pkcs12.PKCS12KeyStore.processMacData(PKCS12KeyStore.java:1939)
	at java.base/sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2198)
	... 7 more

The exception above is thrown after keytool generated the keystore and try to read some info from inside. The pkcs12 file seems invalid, its MacData is still the old format (not PBMAC1) with a problematic algorithm:

...
03CB:004C  [2]     SEQUENCE
03CD:0030  [20]         SEQUENCE
03CF:000C  [200]             SEQUENCE
03D1:000A  [2000]                 OID 1.2.840.113549.2.9 (HmacSHA256)
03DB:0022  [201]             OCTET STRING  (1410868021, 32 bytes)
                              0000: 5F 0D EA C5 9F 2B 66 B3   5D 7D A4 2A 13 CF EF E6  _....+f.]..*....
                              0010: 09 D3 E1 57 6D D2 DB 14   AB B3 18 B0 F5 E3 4C B9  ...Wm.........L.
03FD:0016  [21]         OCTET STRING  (-1902982241, 20 bytes)
                          0000: 23 7C B7 7C AC BB 38 E7   23 15 69 15 43 F9 FB CC  #.....8.#.i.C...
                          0010: C7 C7 92 0F                                        ....
0413:0004  [22]         INTEGER 10000

The OID at position [2000] used to be SHA-256.

-------------

PR Comment: https://git.openjdk.org/jdk/pull/24429#issuecomment-3258401867

More information about the security-dev mailing list