harmony-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mikhail Loenko (JIRA)" <j...@apache.org>
Subject [jira] Assigned: (HARMONY-615) java.security.KeyStoreSpi.engineEntryInstanceOf(..) doesn't distinguish PrivateKeyEntry and SecretKeyEntry
Date Mon, 10 Jul 2006 10:31:32 GMT
     [ http://issues.apache.org/jira/browse/HARMONY-615?page=all ]

Mikhail Loenko reassigned HARMONY-615:
--------------------------------------

    Assign To: Mikhail Loenko

> java.security.KeyStoreSpi.engineEntryInstanceOf(..) doesn't distinguish PrivateKeyEntry
and SecretKeyEntry
> ----------------------------------------------------------------------------------------------------------
>
>          Key: HARMONY-615
>          URL: http://issues.apache.org/jira/browse/HARMONY-615
>      Project: Harmony
>         Type: Bug

>   Components: Classlib
>     Reporter: Anton Rusanov
>     Assignee: Mikhail Loenko
>  Attachments: patch.txt, regression_test_patch.txt
>
> The method can only tell the difference between a certificate entry and a key entry,
but doesn't distinguish KeyStore.PrivateKeyEntry and KeyStore.SecretKeyEntry.
> Test case that reveals the problem is down here:
> import java.security.*;
> import javax.crypto.*;
> public class KeyStoreSpi_engineEntryInstanceOfTest {
>     public static void main(String[] args) throws Exception {
>         // create a KeyStore
>         KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
>         keyStore.load(null, "pwd".toCharArray());
>         // genarate a key
>         KeyGenerator keyGen = KeyGenerator.getInstance("DES");
>         keyGen.init(56);
>         SecretKey secretKey = keyGen.generateKey();
>         // put the key into keystore
>         String alias = "alias";
>         keyStore.setKeyEntry(alias, secretKey, "pwd".toCharArray(), null);
>         // check if it is a secret key
>         if (keyStore.entryInstanceOf(alias, KeyStore.SecretKeyEntry.class)) {
>             System.out.println("OK");
>         }
>         // check if it is a private key
>         if (keyStore.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class)) {
>             System.out.println("TEST FAILED");
>         }
>     }
> }
> The good way to check if the entry is an instance of the given class would be to get
the entry from the keystore and call instanceof. But there is not enough data to do the check
in this way, because password is required to get the entry, and there is no such parameter.
So check if the entry has certificate chain in it or not seems to be the only way to distinguish
KeyStore.PrivateKeyEntry and KeyStore.SecretKeyEntry.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message