[9] RFR 8167371: KeyStoreSpi.engineSetEntry should throw an Exception if password protection alg is specified

Xuelei Fan xuelei.fan at oracle.com
Thu Oct 13 10:52:24 UTC 2016

Nice catch!  Looks fine to me.


On 10/13/2016 6:33 PM, Vincent Ryan wrote:
> Please review this fix to add a check to the default implementation of KeyStore setEntry and getEntry (in KeyStoreSpi).
> An exception is thrown if a password protection algorithm is specified. An existing test has been updated to validate the fix.
> Keystore implementations that support a user-supplied password protection algorithm override the default implementation
> of these setEntry/getEntry methods and are unaffected by this fix.
> Thanks.
> Bug: https://bugs.openjdk.java.net/browse/JDK-8167371
> Webrev: http://cr.openjdk.java.net/~vinnie/8167371/webrev.00/

More information about the security-dev mailing list