harmony-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stepan Mishura" <stepan.mish...@gmail.com>
Subject Re: [jira] Created: (HARMONY-2940) [classlib][security]Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider"); fails while org.bouncycastle.jce.provider.BouncyCastleProvider is added as a security provider
Date Tue, 16 Jan 2007 04:42:07 GMT
On 1/15/07, Yang Paulex wrote:
>
> 2007/1/12, Stepan Mishura :
> <SNIP>
> > IMHO the case with BC provider only is just particular case of
> classloader
> > bug. As you  pointed out URLClassloader caches JarFile instances - so
> the
> > problem is that during JarFile object initialization there may be
> request
> > to
> > load a class from the same jar-file. For example, the request may be
> > initiated by a security manager (not by Services class).
> >
> > So adding to static init block "Security.getProviders()" will resolve
> > problem only with "bouncycastle.jar".
>
>
> This workaround can resolve problems related with any security providers.
> But I agree this is just a special case, that's exactly why I have concern
> on it. And I thought that maybe URLClassLoader should not cache the
> JarFile
> instance until it is fully initiated, but because URLClassLoader is so
> widely used, so I need more tests to validate.


Hi Paulex,

I afraid that this workaround may not help, for example I've added to
HARMONY-2940 a test that reproduces the failure with SecurityManager. The
test may look odd but it just demonstrates possible failure conditions.

Thanks,
Stepan.

Thanks,
> > Stepan.
> >
> > 2007/1/4, Leo Li (JIRA) <jira@apache.org >:
> > > >
> > > > [classlib][security]Class.forName("
> > > > org.bouncycastle.jce.provider.BouncyCastleProvider"); fails while
> > > > org.bouncycastle.jce.provider.BouncyCastleProvider is added as a
> > > security
> > > > provider
> > > >
> > > >
> > >
> >
> ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
> > > >
> > > >                  Key: HARMONY-2940
> > > >                  URL:
> > https://issues.apache.org/jira/browse/HARMONY-2940
> > > >              Project: Harmony
> > > >           Issue Type: Bug
> > > >           Components: Classlib
> > > >             Reporter: Leo Li
> > > >             Priority: Critical
> > > >
> > > >
> > > > Here is a testcase:
> > > >
> > > > public void test()
> > > > {
> > > >     Class cls = Class.forName("
> > > > org.bouncycastle.jce.provider.BouncyCastleProvider");
> > > > }
> > > >
> > > > Harmony fails.
> > > >
> > > > After digging into it, I found that it is related with bcprov.jarhas
> > a
> > > > certificate signed by the signature provided by itself.  I  tried to
> > > remove
> > > > it signature and move it into the boot directory and it works.
> > > >
> > > > So I recommend to put an unsigned bcprov.jar into the boot
> directory.
> > > >
> > > >
> > > > --
> > > > This message is automatically generated by JIRA.
> > > > -
> > > > If you think it was sent incorrectly contact one of the
> > administrators:
> > > > https://issues.apache.org/jira/secure/Administrators.jspa
> > > > -
> > > > For more information on JIRA, see:
> > > http://www.atlassian.com/software/jira
> > > >
> > > >
> > > >
> > >
> > >
> > > --
> > > Paulex Yang
> > > China Software Development Labotary
> > > IBM
> > >
> > >
> >
> >
> > --
> > Stepan Mishura
> > Intel Enterprise Solutions Software Division
> >
> >
>
>
> --
> Paulex Yang
> China Software Development Labotary
> IBM
>
>


-- 
Stepan Mishura
Intel Enterprise Solutions Software Division

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message