Hi David
I don't understand what it is but I've created a bug for you:
https://bugs.openjdk.java.net/browse/JDK-8046777
BTW, I see no patch. I'm also not sure if this also found issues is related
to the main bug.
Thanks
Max
On Jun 13, 2014, at 16:31, David Kocher dkoc...@sudo.ch wrote:
(I haven’t found a way to register on bugs.openjdk.java.net and file a bug,
therefore posting it here).
There is a bug in the native KeystoreImpl that it only searches for
identities that have a key usage of “Any” using CSSM_KEYUSE_ANY instead of
passing `0` to the SecIdentitySearchCreate keychain function. Refer to line
282 in [1]. This will exclude all identities that have a specific key usage
set such as “Encrypt, Verify, Wrap, Derive”.
[1]
http://hg.openjdk.java.net/jdk8/jdk8/jdk/file/687fd7c7986d/src/macosx/native/apple/security/KeystoreImpl.m
I have also found issues with instances of KeyEntry that have an empty array
for the “chain” property causing index out of bounds exceptions. See attached
patch.
-
David