[8] code review for 8006951: Avoid storing duplicate PKCS12 attributes (original) (raw)
Vincent Ryan vincent.x.ryan at oracle.com
Fri Jan 25 17:05:03 UTC 2013
- Previous message (by thread): [8] code review for 8006951: Avoid storing duplicate PKCS12 attributes
- Next message (by thread): [8] code review for 8006951: Avoid storing duplicate PKCS12 attributes
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Sure. Three safeBag attributes require special handling by the PKCS12 keystore: friendlyName, localKeyId and trustedKeyUsage. The friendlyName is used as the keystore entry alias, localKeyId is used to match private keys to their associated certificates, and trustedKeyUsage, to identify trusted certificates.
When loading a PKCS12 keystore these 3 attributes are added to the collection of entry attributes. When storing a PKCS12 keystore these 3 attributes should be removed from the collection of entry attributes because they are handled separately.
The fix prevents these 3 attributes from being duplicated when storing a PKCS12 keystore.
On 25 Jan 2013, at 16:41, Sean Mullan wrote:
Can you explain a bit more what use-case is causing this failure? I don't quite understand why you are ignoring the attributes that are already in the KeyStore.Entry.
--Sean On 01/25/2013 10:37 AM, Vincent Ryan wrote: Please review this fix to correct a failing PKCS12 test:
Webrev: http://cr.openjdk.java.net/~vinnie/8006951/webrev.00/ Thanks.
- Previous message (by thread): [8] code review for 8006951: Avoid storing duplicate PKCS12 attributes
- Next message (by thread): [8] code review for 8006951: Avoid storing duplicate PKCS12 attributes
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]