harmony-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Yang Paulex" <paulex.y...@gmail.com>
Subject Re: [jira] Created: (HARMONY-2940) [classlib][security]Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider"); fails while org.bouncycastle.jce.provider.BouncyCastleProvider is added as a security provider
Date Tue, 16 Jan 2007 07:25:59 GMT
I see, thank you, Stepan, I'll look at if we can modify the URLClassLoader
implementation not to cache the JarFile instance until  the instance is
fully initiated.

2007/1/16, Stepan Mishura <stepan.mishura@gmail.com>:
>
> On 1/15/07, Yang Paulex wrote:
> >
> > 2007/1/12, Stepan Mishura :
> > <SNIP>
> > > IMHO the case with BC provider only is just particular case of
> > classloader
> > > bug. As you  pointed out URLClassloader caches JarFile instances - so
> > the
> > > problem is that during JarFile object initialization there may be
> > request
> > > to
> > > load a class from the same jar-file. For example, the request may be
> > > initiated by a security manager (not by Services class).
> > >
> > > So adding to static init block "Security.getProviders()" will resolve
> > > problem only with "bouncycastle.jar".
> >
> >
> > This workaround can resolve problems related with any security
> providers.
> > But I agree this is just a special case, that's exactly why I have
> concern
> > on it. And I thought that maybe URLClassLoader should not cache the
> > JarFile
> > instance until it is fully initiated, but because URLClassLoader is so
> > widely used, so I need more tests to validate.
>
>
> Hi Paulex,
>
> I afraid that this workaround may not help, for example I've added to
> HARMONY-2940 a test that reproduces the failure with SecurityManager. The
> test may look odd but it just demonstrates possible failure conditions.
>
> Thanks,
> Stepan.
>
> Thanks,
> > > Stepan.
> > >
> > > 2007/1/4, Leo Li (JIRA) <jira@apache.org >:
> > > > >
> > > > > [classlib][security]Class.forName("
> > > > > org.bouncycastle.jce.provider.BouncyCastleProvider"); fails while
> > > > > org.bouncycastle.jce.provider.BouncyCastleProvider is added as a
> > > > security
> > > > > provider
> > > > >
> > > > >
> > > >
> > >
> >
> ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
> >
> > > > >
> > > > >                  Key: HARMONY-2940
> > > > >                  URL:
> > > https://issues.apache.org/jira/browse/HARMONY-2940
> > > > >              Project: Harmony
> > > > >           Issue Type: Bug
> > > > >           Components: Classlib
> > > > >             Reporter: Leo Li
> > > > >             Priority: Critical
> > > > >
> > > > >
> > > > > Here is a testcase:
> > > > >
> > > > > public void test()
> > > > > {
> > > > >     Class cls = Class.forName("
> > > > > org.bouncycastle.jce.provider.BouncyCastleProvider");
> > > > > }
> > > > >
> > > > > Harmony fails.
> > > > >
> > > > > After digging into it, I found that it is related with
> bcprov.jarhas
> > > a
> > > > > certificate signed by the signature provided by itself.  I  tried
> to
> > > > remove
> > > > > it signature and move it into the boot directory and it works.
> > > > >
> > > > > So I recommend to put an unsigned bcprov.jar into the boot
> > directory.
> > > > >
> > > > >
> > > > > --
> > > > > This message is automatically generated by JIRA.
> > > > > -
> > > > > If you think it was sent incorrectly contact one of the
> > > administrators:
> > > > > https://issues.apache.org/jira/secure/Administrators.jspa
> > > > > -
> > > > > For more information on JIRA, see:
> > > > http://www.atlassian.com/software/jira
> > > > >
> > > > >
> > > > >
> > > >
> > > >
> > > > --
> > > > Paulex Yang
> > > > China Software Development Labotary
> > > > IBM
> > > >
> > > >
> > >
> > >
> > > --
> > > Stepan Mishura
> > > Intel Enterprise Solutions Software Division
> > >
> > >
> >
> >
> > --
> > Paulex Yang
> > China Software Development Labotary
> > IBM
> >
> >
>
>
> --
> Stepan Mishura
> Intel Enterprise Solutions Software Division
>
>


-- 
Paulex Yang
China Software Development Labotary
IBM

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message