null PIN gives access to public objects in keystore

ertwroc · Aug 1, 2011 · 86c57ee · 86c57ee
1 parent 0179201
commit 86c57ee
Showing 1 changed file with 5 additions and 3 deletions.
diff --git a/pkcs11/java/src/org/opensc/pkcs11/spi/PKCS11KeyStoreSpi.java b/pkcs11/java/src/org/opensc/pkcs11/spi/PKCS11KeyStoreSpi.java
@@ -463,6 +463,8 @@ public void engineStore(OutputStream arg0, char[] arg1) throws IOException,
 
 	/* (non-Javadoc)
 	 * @see java.security.KeyStoreSpi#engineLoad(java.io.InputStream, char[])
+	 * 
+	 * If pin is null then keystore will contain only public objects
 	 */
 	@Override
 	public void engineLoad(InputStream file, char[] pin) throws IOException,
@@ -472,9 +474,9 @@ public void engineLoad(InputStream file, char[] pin) throws IOException,
 			throw new IOException ("PKCS11 Key Store requires a null InputStream a the first argument.");
 
 		PKCS11LoadStoreParameter param = new PKCS11LoadStoreParameter();
-
-		param.setProtectionParameter(new PasswordProtection(pin));
-
+		if (pin != null) {
+			param.setProtectionParameter(new PasswordProtection(pin));
+		}
 		engineLoad(param);
 	}