harmony-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boris Kuznetsov (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HARMONY-720) [classlib][security]java.security.Signature.initSign(PrivateKey key) throws unspecified NPE if key is invalid
Date Wed, 12 Jul 2006 09:18:30 GMT
    [ http://issues.apache.org/jira/browse/HARMONY-720?page=comments#action_12420564 ] 

Boris Kuznetsov commented on HARMONY-720:
-----------------------------------------

The functionality of a signature algorithm is implemented by provider. Signature class only
passes key to the provider and lets the provider to decide whether the key is valid or not.
According the spec. provider should throw InvalidKeyException "if the key is improperly encoded,
parameters are missing, and so on."

So the test demonstrates that BC provider behavior is difference from RI provider.
Moreover I guess it can't be considered as a BC bug because of null key encoding in the test.

I suggest move this issue to Non-bug difference from RI.





> [classlib][security]java.security.Signature.initSign(PrivateKey key) throws unspecified
NPE if key is invalid
> -------------------------------------------------------------------------------------------------------------
>
>          Key: HARMONY-720
>          URL: http://issues.apache.org/jira/browse/HARMONY-720
>      Project: Harmony
>         Type: Bug

>   Components: Classlib
>     Reporter: Vladimir Ivanov
>  Attachments: SignatureTest.patch
>
> java.security.Signature.initSign(PrivateKey key) throws unspecified NPE if key is invalid.
According to 1.5 spec method must throw only InvalidKeyException.
> ======================= test.java =========================
> import java.security.*;
> import java.security.interfaces.RSAPrivateCrtKey;
> import java.math.BigInteger;
> public class test  {
>     public static void main (String[] args) {             
>         try {
>             Signature sig = Signature.getInstance("SHA1withRSA");
>             sig.initSign(new testRSAPrivateCrtKey());                      
>         } catch (Exception e) {
>             e.printStackTrace();
>         }   
>     } 
> }
> class testRSAPrivateCrtKey implements RSAPrivateCrtKey {
>     public BigInteger getCrtCoefficient() {
>         return null;
>     }
>     public BigInteger getPrimeP() {
>         return null;
>     }
>     public BigInteger getPrimeQ() {
>         return null;
>     }
>     public BigInteger getPrimeExponentP() {
>         return null;
>     }
>     public BigInteger getPrimeExponentQ() {
>         return null;
>     }
>     public BigInteger getPublicExponent() {
>         return null;
>     }
>     public BigInteger getPrivateExponent() {
>         return null;
>     }
>     public String getAlgorithm() {
>         return "AA";
>     }
>     public String getFormat() {
>         return "AA";
>     }
>     public byte[] getEncoded() {
>         return null;
>     }
>     public BigInteger getModulus() {
>         return null;
>     }
> }
> =======================================================
> Output:
> C:\tmp\tmp17>C:\jrockit-jdk1.5.0-windows-ia32\bin\java.exe -showversion test
> java version "1.5.0"
> Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0-b64)
> BEA WebLogic JRockit(R) (build dra-38972-20041208-2001-win-ia32, R25.0.0-75, GC: System
optimized over throughput (initial strategy singleparpar))
> java.security.InvalidKeyException: Not an RSA key: AA
>         at sun.security.rsa.RSAKeyFactory.checkKey(RSAKeyFactory.java:103)
>         at sun.security.rsa.RSAKeyFactory.toRSAKey(RSAKeyFactory.java:76)
>         at sun.security.rsa.RSASignature.engineInitSign(RSASignature.java:90)
>         at sun.security.rsa.RSASignature.engineInitSign(RSASignature.java:84)
>         at java.security.Signature$Delegate.init(Signature.java:1076)
>         at java.security.Signature$Delegate.chooseProvider(Signature.java:1036)
>         at java.security.Signature$Delegate.engineInitSign(Signature.java:1100)
>         at java.security.Signature.initSign(Signature.java:485)
>         at test.main(test.java:9)
> C:\tmp\tmp17>C:\harmony\trunk_0427\deploy\jdk\jre\bin\java.exe -showversion test
> java version 1.5 (subset)
> (c) Copyright 1991, 2006 The Apache Software Foundation or its licensors, as applicable.
> java.lang.NullPointerException
>         at org.bouncycastle.crypto.engines.RSAEngine.init(Unknown Source)
>         at org.bouncycastle.crypto.encodings.PKCS1Encoding.init(Unknown Source)
>         at org.bouncycastle.jce.provider.JDKDigestSignature.engineInitSign(Unknown Source)
>         at java.security.Signature.initSign(Signature.java:223)
>         at test.main(test.java:9)

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message