-
Bug
-
Resolution: Not an Issue
-
P4
-
None
-
6
-
None
-
sparc
-
solaris_9
The SunJCE Mac implementation of the HMACSHA1 algorithm writes over the bytes
returned by SecretKey.getEncoded(). Normally this is not a problem since most
SecretKey implementations will return a clone of the array, but the
SecretKey.getEncoded method does not specify that it returns a clone, and maybe
our implementation shouldn't assume it does. I had happened to write a SecretKey
implementation that didn't return a clone for quick testing purposes.
The main problem with this behavior is that it is hard to detect and difficult to
debug. Also, FWIW, the Sun PKCS11 provider does not exhibit this behavior.
###@###.### 2005-06-08 13:32:02 GMT
returned by SecretKey.getEncoded(). Normally this is not a problem since most
SecretKey implementations will return a clone of the array, but the
SecretKey.getEncoded method does not specify that it returns a clone, and maybe
our implementation shouldn't assume it does. I had happened to write a SecretKey
implementation that didn't return a clone for quick testing purposes.
The main problem with this behavior is that it is hard to detect and difficult to
debug. Also, FWIW, the Sun PKCS11 provider does not exhibit this behavior.
###@###.### 2005-06-08 13:32:02 GMT