-
Bug
-
Resolution: Fixed
-
P3
-
6
-
None
-
b15
-
generic
-
generic
This is a limitation of the API itself.
In several of the providers, we have service attributes which OR together their supported modes with a "|". However, getProviders() is doing *EXACT* searches on the variable/value combination, and thus won't return implementation which support specific modes, or even if they are out of order. This seriously limits the usability of this API, and should be corrected.
For example:
Sun provider
============
"Signature.SHA1withDSA SupportedKeyClasses:java.security.interfaces.DSAPublicKey|java.security.interfaces.DSAPrivateKey"
SunJCE Provider
===============
Cipher.RSA SupportedPaddings:NOPADDING|PKCS1PADDING|OAEPWITHMD5ANDMGF1PADDING...."
You should be able to search for any one of the value criteria. This will require a CCC since you are specifying the format of the provider, and will also need to update the two getProviders() methods that take variable/value pairs.
Example:
import java.security.*;
public class ProviderFiltering {
static private void doit(String s) {
System.out.println(s);
Provider [] ps = Security.getProviders(s);
for (Provider p : ps) {
System.out.println(p);
}
}
public static void main(String[] args)
throws NoSuchAlgorithmException {
// works
doit("Signature.SHA1withDSA SupportedKeyClasses:java.security.interfaces
.DSAPublicKey|java.security.interfaces.DSAPrivateKey");
// fails
doit("Signature.SHA1withDSA SupportedKeyClasses:java.security.interfaces
.DSAPrivateKey");
}
}
When this is fixed, we should address the corresponding documentation bug 6447817.
In several of the providers, we have service attributes which OR together their supported modes with a "|". However, getProviders() is doing *EXACT* searches on the variable/value combination, and thus won't return implementation which support specific modes, or even if they are out of order. This seriously limits the usability of this API, and should be corrected.
For example:
Sun provider
============
"Signature.SHA1withDSA SupportedKeyClasses:java.security.interfaces.DSAPublicKey|java.security.interfaces.DSAPrivateKey"
SunJCE Provider
===============
Cipher.RSA SupportedPaddings:NOPADDING|PKCS1PADDING|OAEPWITHMD5ANDMGF1PADDING...."
You should be able to search for any one of the value criteria. This will require a CCC since you are specifying the format of the provider, and will also need to update the two getProviders() methods that take variable/value pairs.
Example:
import java.security.*;
public class ProviderFiltering {
static private void doit(String s) {
System.out.println(s);
Provider [] ps = Security.getProviders(s);
for (Provider p : ps) {
System.out.println(p);
}
}
public static void main(String[] args)
throws NoSuchAlgorithmException {
// works
doit("Signature.SHA1withDSA SupportedKeyClasses:java.security.interfaces
.DSAPublicKey|java.security.interfaces.DSAPrivateKey");
// fails
doit("Signature.SHA1withDSA SupportedKeyClasses:java.security.interfaces
.DSAPrivateKey");
}
}
When this is fixed, we should address the corresponding documentation bug 6447817.
- relates to
-
-
- Resolved
-
