harmony-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stepan Mishura" <stepan.mish...@gmail.com>
Subject [classlib][security] Non-bug difference: Security.getProviders(filter) methods don't accept empty attribute value
Date Mon, 12 Feb 2007 05:55:57 GMT

Investigation of HARMONY-2761
<http://issues.apache.org/jira/browse/HARMONY-2761> showed
one more difference with RI HARMONY-3154
<http://issues.apache.org/jira/browse/HARMONY-3154>. From my point of view
Harmony implementation follows the spec. and I'm going to close HARMONY-3154
as "Non-bug differences from RI". If there are other opinions about the
issue please speak up.
Summary: Security.getProviders(filter) methods don't accept empty attribute
value while RI does.

The difference can be demonstrated by the following code:

// The filter is not in the required format
Security.getProviders("MyService.Algorithm KeySize");

 // The value for the key is empty string
Map<String, String> m = new HashMap<String, String>();
m.put("MyService.Algorithm KeySize", "");

The filters in both examples above violates the spec.

In the case of getProviders(Map filter) the spec. clearly says that "The
value associated with the key must be a non-empty string."

And for the second case (getProviders(String filter)) the spec implies that
attribute value can not be omitted. It says:
The selection criterion must be specified in one of the following two
* <crypto_service>.<algorithm_or_type>
* <crypto_service>.<algorithm_or_type> <attribute_name>:< attribute_value>
A provider satisfies this selection criterion iff the provider implements
the specified algorithm or type for the specified cryptographic service
and its implementation meets the constraint expressed by the specified
attribute name/value pair."

Stepan Mishura
Intel Enterprise Solutions Software Division

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message