On 25/01/2013 17:20, Sean Mullan wrote:
On 01/25/2013 12:05 PM, Vincent Ryan wrote:
Sure. Three safeBag attributes require special handling by the PKCS12
keystore: friendlyName,
localKeyId and trustedKeyUsage. The friendlyName is used as the
keystore entry alias, localKeyId
is used to match private keys to their associated certificates, and
trustedKeyUsage, to identify
trusted certificates.
When loading a PKCS12 keystore these 3 attributes are added to the
collection of entry attributes.
When storing a PKCS12 keystore these 3 attributes should be removed
from the collection of
entry attributes because they are handled separately.
Can the 3 attributes change at all since you have loaded them?
Good point. I'll have to address that issue later.
The fix prevents these 3 attributes from being duplicated when storing
a PKCS12 keystore.
Ok, I am ok with the fix then. I think a better fix when you have more
time is to separate the logic of storing an existing entry that already
has these 3 attributes from a brand new entry where you want to add
these 3 new attributes.
Right. I wanted to change as little code as possible at this stage in
M6.
--Sean
On 25 Jan 2013, at 16:41, Sean Mullan wrote:
Can you explain a bit more what use-case is causing this failure? I
don't quite understand why you are ignoring the attributes that are
already in the KeyStore.Entry.
--Sean
On 01/25/2013 10:37 AM, Vincent Ryan wrote:
Please review this fix to correct a failing PKCS12 test:
Webrev: http://cr.openjdk.java.net/~vinnie/8006951/webrev.00/
Thanks.
