Duplicate :
|
|
Duplicate :
|
|
Relates :
|
There are two issues in the PKCS12KeyStore: . if an incorrect password is specified, we get a random decryption failure exception rather than a message saying that the password is incorrect. This is because we first try to decrypt and only then verify the MAC: === java.io.IOException: failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1275) at java.security.KeyStore.load(KeyStore.java:1174) at sun.security.tools.KeyTool.doCommands(KeyTool.java:715) at sun.security.tools.KeyTool.run(KeyTool.java:171) at sun.security.tools.KeyTool.main(KeyTool.java:165) Caused by: javax.crypto.BadPaddingException: Given final block not properly padded at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..) at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..) at com.sun.crypto.provider.PKCS12PBECipherCore.b(DashoA13*..) at com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_40.engineDoFinal(DashoA13*..) at javax.crypto.Cipher.doFinal(DashoA13*..) at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1272) ... 4 more === . if an empty password is supplied, we get a failure due to division by zero: === java.io.IOException: failed to decrypt safe contents entry: java.lang.ArithmeticException: / by zero at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1275) at java.security.KeyStore.load(KeyStore.java:1174) at sun.security.tools.KeyTool.doCommands(KeyTool.java:620) at sun.security.tools.KeyTool.run(KeyTool.java:171) at sun.security.tools.KeyTool.main(KeyTool.java:165) Caused by: java.lang.ArithmeticException: / by zero at com.sun.crypto.provider.PKCS12PBECipherCore.a(DashoA13*..) at com.sun.crypto.provider.PKCS12PBECipherCore.a(DashoA13*..) at com.sun.crypto.provider.PKCS12PBECipherCore.a(DashoA13*..) at com.sun.crypto.provider.PKCS12PBECipherCore.a(DashoA13*..) at com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_40.engineInit(DashoA13*..) at javax.crypto.Cipher.a(DashoA13*..) at javax.crypto.Cipher.a(DashoA13*..) at javax.crypto.Cipher.init(DashoA13*..) at javax.crypto.Cipher.init(DashoA13*..) at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1271) ... 4 more === The 2nd part is resolved in 6879539.
|