Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
be3ee114
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
be3ee114
编写于
2月 17, 2016
作者:
V
vinnie
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
8149411: PKCS12KeyStore cannot extract AES Secret Keys
Reviewed-by: xuelei
上级
9b3291b2
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
91 addition
and
4 deletion
+91
-4
src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java
src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java
+4
-4
test/sun/security/pkcs12/P12SecretKey.java
test/sun/security/pkcs12/P12SecretKey.java
+87
-0
未找到文件。
src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java
浏览文件 @
be3ee114
/*
* Copyright (c) 1999, 201
5
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 201
6
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -383,19 +383,19 @@ public final class PKCS12KeyStore extends KeyStoreSpi {
// decode secret key
}
else
{
SecretKeyFactory
sKeyFactory
=
SecretKeyFactory
.
getInstance
(
keyAlgo
);
byte
[]
keyBytes
=
in
.
getOctetString
();
SecretKeySpec
secretKeySpec
=
new
SecretKeySpec
(
keyBytes
,
keyAlgo
);
// Special handling required for PBE: needs a PBEKeySpec
if
(
keyAlgo
.
startsWith
(
"PBE"
))
{
SecretKeyFactory
sKeyFactory
=
SecretKeyFactory
.
getInstance
(
keyAlgo
);
KeySpec
pbeKeySpec
=
sKeyFactory
.
getKeySpec
(
secretKeySpec
,
PBEKeySpec
.
class
);
key
=
sKeyFactory
.
generateSecret
(
pbeKeySpec
);
}
else
{
key
=
s
KeyFactory
.
generateSecret
(
secretKeySpec
)
;
key
=
s
ecretKeySpec
;
}
if
(
debug
!=
null
)
{
...
...
test/sun/security/pkcs12/P12SecretKey.java
0 → 100644
浏览文件 @
be3ee114
/*
* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug 8149411
* @summary Get AES key from keystore (uses SecretKeySpec not SecretKeyFactory)
*/
import
java.io.File
;
import
java.io.FileInputStream
;
import
java.io.FileOutputStream
;
import
java.security.KeyStore
;
import
java.security.cert.CertificateException
;
import
java.util.Arrays
;
import
javax.crypto.KeyGenerator
;
import
javax.crypto.SecretKey
;
public
class
P12SecretKey
{
private
static
final
String
ALIAS
=
"alias"
;
public
static
void
main
(
String
[]
args
)
throws
Exception
{
P12SecretKey
testp12
=
new
P12SecretKey
();
String
keystoreType
=
"pkcs12"
;
if
(
args
!=
null
&&
args
.
length
>
0
)
{
keystoreType
=
args
[
0
];
}
testp12
.
run
(
keystoreType
);
}
private
void
run
(
String
keystoreType
)
throws
Exception
{
char
[]
pw
=
"password"
.
toCharArray
();
KeyStore
ks
=
KeyStore
.
getInstance
(
keystoreType
);
ks
.
load
(
null
,
pw
);
KeyGenerator
kg
=
KeyGenerator
.
getInstance
(
"AES"
);
kg
.
init
(
128
);
SecretKey
key
=
kg
.
generateKey
();
KeyStore
.
SecretKeyEntry
ske
=
new
KeyStore
.
SecretKeyEntry
(
key
);
KeyStore
.
ProtectionParameter
kspp
=
new
KeyStore
.
PasswordProtection
(
pw
);
ks
.
setEntry
(
ALIAS
,
ske
,
kspp
);
File
ksFile
=
File
.
createTempFile
(
"test"
,
".test"
);
try
(
FileOutputStream
fos
=
new
FileOutputStream
(
ksFile
))
{
ks
.
store
(
fos
,
pw
);
fos
.
flush
();
}
// now see if we can get it back
try
(
FileInputStream
fis
=
new
FileInputStream
(
ksFile
))
{
KeyStore
ks2
=
KeyStore
.
getInstance
(
keystoreType
);
ks2
.
load
(
fis
,
pw
);
KeyStore
.
Entry
entry
=
ks2
.
getEntry
(
ALIAS
,
kspp
);
SecretKey
keyIn
=
((
KeyStore
.
SecretKeyEntry
)
entry
).
getSecretKey
();
if
(
Arrays
.
equals
(
key
.
getEncoded
(),
keyIn
.
getEncoded
()))
{
System
.
err
.
println
(
"OK: worked just fine with "
+
keystoreType
+
" keystore"
);
}
else
{
System
.
err
.
println
(
"ERROR: keys are NOT equal after storing in "
+
keystoreType
+
" keystore"
);
}
}
}
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录