Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-3431

FileBasedKeyManagerProvider should not use case sensitive comparison for key presence check

    Details

    • Type: Bug
    • Status: Done
    • Priority: Trivial
    • Resolution: Fixed
    • Affects Version/s: 3.0.0
    • Fix Version/s: 5.5.0
    • Component/s: core server
    • Labels:

      Description

      FileBasedKeyManagerProvider.containsKeyWithAlias() iterates over the enumeration of aliases in keystore and compares present aliases with the parameter using equals.

      http://docs.oracle.com/javase/7/docs/api/java/security/KeyStore.html claims that if the aliases are case sensitive or not, is implementation dependent. Default JKS implementation uses case insensitive aliases (that are converted to lower case internally for storage and comparison). If the keyAlias in server configuration does contain uppercase letters, it will be not found although one can find it by the exact same string using keytool.

      Java KeyStore API has methods like containsAlias(), isKeyAlias() and entryInstanceOf() that could be used instead of iterating aliases?

        Attachments

          Activity

            People

            • Assignee:
              ludo Ludovic Poitou
              Reporter:
              jjpp jjpp
              Dev Assignee:
              Ludovic Poitou
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: