--- old/src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java Fri May 1 23:33:30 2015 +++ new/src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java Fri May 1 23:33:30 2015 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2015, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -1642,7 +1642,7 @@ Entry entry = entries.get(alias); // certificate chain - int chainLen = 1; + int chainLen = 0; Certificate[] certs = null; if (entry instanceof PrivateKeyEntry) { @@ -1656,6 +1656,7 @@ } else if (entry instanceof CertEntry) { certs = new Certificate[]{((CertEntry) entry).cert}; + chainLen = 1; } for (int i = 0; i < chainLen; i++) { --- old/test/sun/security/pkcs12/StoreSecretKeyTest.java Fri May 1 23:33:31 2015 +++ new/test/sun/security/pkcs12/StoreSecretKeyTest.java Fri May 1 23:33:30 2015 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2013, 2015 Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,12 +23,14 @@ /* * @test - * @bug 8005408 + * @bug 8005408 8079129 * @summary KeyStore API enhancements */ import java.io.*; import java.security.*; +import java.security.cert.*; +import java.security.cert.Certificate; import java.util.*; import javax.crypto.*; import javax.crypto.spec.*; @@ -39,7 +41,9 @@ private final static String DIR = System.getProperty("test.src", "."); private static final char[] PASSWORD = "passphrase".toCharArray(); private static final String KEYSTORE = "keystore.p12"; - private static final String ALIAS = "my secret key"; + private static final String CERT = DIR + "/trusted.pem"; + private static final String ALIAS = "my trusted cert"; + private static final String ALIAS2 = "my secret key"; public static void main(String[] args) throws Exception { @@ -56,8 +60,13 @@ KeyStore keystore = KeyStore.getInstance("PKCS12"); keystore.load(null, null); - // Set entry + // Set trusted certificate entry + Certificate cert = loadCertificate(CERT); keystore.setEntry(ALIAS, + new KeyStore.TrustedCertificateEntry(cert), null); + + // Set secret key entry + keystore.setEntry(ALIAS2, new KeyStore.SecretKeyEntry(generateSecretKey("AES", 128)), new KeyStore.PasswordProtection(PASSWORD)); @@ -73,7 +82,7 @@ " entries"); } - KeyStore.Entry entry = keystore.getEntry(ALIAS, + KeyStore.Entry entry = keystore.getEntry(ALIAS2, new KeyStore.PasswordProtection(PASSWORD)); System.out.println("Retrieved entry: " + entry); @@ -101,4 +110,14 @@ generator.init(size); return generator.generateKey(); } + + private static Certificate loadCertificate(String certFile) + throws Exception { + X509Certificate cert = null; + try (FileInputStream certStream = new FileInputStream(certFile)) { + CertificateFactory factory = + CertificateFactory.getInstance("X.509"); + return factory.generateCertificate(certStream); + } + } }