java.security.Keystore aliases on JDK 1.6 vs IBM 1.5

4
votes

I've a problem with the enum return value of KeyStore.aliases();

FileInputStream is = new FileInputStream("/tmp/file.p12");
List<String> aliases = new ArrayList<String>();

KeyStore keystore = KeyStore.getInstance("PKCS12");
keystore.load(is, password.toCharArray());
is.close();

Enumeration<String> e=keystore.aliases();
while(e.hasMoreElements()) {
    // never reaches here because "e" is empty
    System.out.println(e.nextElement().toString());
    i++;
}

With Java version "1.6.0_22" Java(TM) SE Runtime Environment (build 1.6.0_22-b04) Java HotSpot(TM) 64-Bit Server VM (build 17.1-b03, mixed mode)

I get an empty enumerator

With java version "1.5.0" Java(TM) 2 Runtime Environment, Standard Edition (build pxi32devifx-20100511a (SR11 FP2 )) IBM J9 VM (build 2.3, J2RE 1.5.0 IBM J9 2.3 Linux x86-32 j9vmxi3223ifx-20100510 (JIT enabled) J9VM - 20100509_57823_lHdSMr JIT - 20091016_1845ifx7_r8 GC - 20091026_AA) JCL - 20100511a

I am able to get all the aliases.

How can I retrieve all the store pkcs12 aliases with Sun/Oracle JDK6?

Thanks

2
javasecurityopensslkeystorejdk1.6
As far as I'm aware, keystores are not binary compatible accross different JVM implementations. (i.e. SUN java vs IBM Java). I don't think it's related to 1.5 vs 1.6 - laher
Which SecurityProvider was providing the store (Keystore.getProvider()) in both cases? - martijno

2 Answers

0
votes

There doesn't appear to be anything wrong with your code to me, and I'd have thought that PKCS#12 keystores should be readable across all versions of all JREs.

Have you tried using OpenSSL to verify your store?

0
votes

here's the answer:

http://www-01.ibm.com/support/docview.wss?uid=swg1IZ77005

-- Problem conclusion This defect will be fixed in:
1.4.2 SR14
5.0.0 SR12
6.0.0 SR9

The PKCS SafeContents.getSafeBags( ) method was modified to detect when the SafeBag array is null and to return an empty SafeBag array instead. PKCS callers of this method are prepared to handle an empty SafeBag array.