sun.security.x509.AlgorithmId.get(String) isn't thread-safe and can lead to null be returned for an algorithm that should be present. This commit aims to work around this problem by avoiding the call to AlgorithmId.get(String). It does so by configuring the PKCS12 key protection algorithm to one that starts with pbewithhmacsha (case insensitive). This short-circuits the logic in PKCS12KeyStore.mapPBEAlgorithmToOID(String) and avoids the call to AlgorithmId.get(String). Thanks again to @dreis2211 for the suggestion. The work around is only used when building with Java 8 as the problem was fixed in Java 9. Closes gh-26252pull/27078/head
parent
a470c1af3a
commit
912c82e50d
@ -0,0 +1 @@
|
|||||||
|
keystore.pkcs12.keyProtectionAlgorithm=PBEWithHmacSHA256AndAES_256
|
Loading…
Reference in New Issue