Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-4946277

invalid behaviour in javax.crypto.Cipher getMaxAllowedParameterSpec() and getMax

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Not an Issue
    • Icon: P3 P3
    • None
    • 5.0
    • security-libs



      Name: iiR10263 Date: 10/30/2003



      javax.crypto.Cipher.getMaxAllowedKeyLength() and
      javax.crypto.Cipher.getMaxAllowedParameterSpec()

      do not throw NoSuchAlgorithmException for the following
      transformations:
      "he-he", "DumbAlg!", ":colon", "spa ce", "giveMe$$",
      ".no.provider.here.", "POWERFULLALG" and other invalid
      transformations that contain only algorithm.

      Also the exception is not thrown for the following transformations.
      "PBEWITHSHA1ANDDESEDE/NONE/he-he",
      "PBEWITHSHA1ANDDESEDE/NONE/DumbAlg!",
      "PBEWITHSHA1ANDDESEDE/NONE/:colon", "PBEWITHSHA1ANDDESEDE/NONE/spa
      ce", "PBEWITHSHA1ANDDESEDE/NONE/giveMe$$",
      "PBEWITHSHA1ANDDESEDE/NONE/.no.provider.here.",
       "PBEWITHSHA1ANDDESEDE/NONE/POWERFULLALG".

      But NoSuchAlgorithmException is thrown for for transformations like
      "PBEWITHSHA1ANDDESEDE/.no.provider.here.", i.e. invalid
      transformations that have only algorithm and mode.

      ======================================================================

            Unassigned Unassigned
            duke J. Duke
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved:
              Imported:
              Indexed: