United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
Bug ID: JDK-7133495 [macosx] KeyChain KeyStore implementation retrieves only one private key entry
JDK-7133495 : [macosx] KeyChain KeyStore implementation retrieves only one private key entry

Details
Type:
Bug
Submit Date:
2012-01-26
Status:
Closed
Updated Date:
2012-10-03
Project Name:
JDK
Resolved Date:
2012-03-23
Component:
security-libs
OS:
os_x
Sub-Component:
java.security
CPU:
x86
Priority:
P4
Resolution:
Fixed
Affected Versions:
7u4
Fixed Versions:
7u4 (b13)

Related Reports
Backport:

Sub Tasks

Description
From http://java.net/jira/browse/MACOSX_PORT-464 --

Even if the user KeyChain contains more than one certificate chain with private key the Keychain-based KeyStore implementation is only able to retrieve one single chain.

Step to reproduce:
(1) import 2 or more certificate with private keys in KeyChain (for instance from PKCS#12 files)
(2) list the entries with keytool:
keytool -list -provider apple.security.AppleProvider -storetype KeychainStore -keystore NONE | grep PrivateKeyEntry
(3) only one entry is printed

                                    

Comments
EVALUATION

Ensure all the private keys are extracted from the keychain when creating a KeyStore
                                     
2012-02-14
EVALUATION

The bug is fixed in b13 and verified in b14:
http://aurora.ru.oracle.com/functional/faces/RunDetails.xhtml?names=42198.ManualSubmit-1

Manually verification passed as well. The detailed steps for manually verification would be:
1. create a pkcs12 keystore with 2 or more PrivateKeyEntry
2. import the private key entries from the pkcs12 keystore to KeychainStore using Key Access on MacOS
3. use keytool to list and check the results
                                     
2012-03-27



Hardware and Software, Engineered to Work Together