Hi David I don't understand what it is but I've created a bug for you:
https://bugs.openjdk.java.net/browse/JDK-8046777 BTW, I see no patch. I'm also not sure if this "also found issues" is related to the main bug. Thanks Max On Jun 13, 2014, at 16:31, David Kocher <dkoc...@sudo.ch> wrote: > (I haven’t found a way to register on bugs.openjdk.java.net and file a bug, > therefore posting it here). > > > There is a bug in the native KeystoreImpl that it only searches for > identities that have a key usage of “Any” using CSSM_KEYUSE_ANY instead of > passing `0` to the SecIdentitySearchCreate keychain function. Refer to line > 282 in [1]. This will exclude all identities that have a specific key usage > set such as “Encrypt, Verify, Wrap, Derive”. > > > [1] > http://hg.openjdk.java.net/jdk8/jdk8/jdk/file/687fd7c7986d/src/macosx/native/apple/security/KeystoreImpl.m > > I have also found issues with instances of KeyEntry that have an empty array > for the “chain” property causing index out of bounds exceptions. See attached > patch. > > > > - > David
