-
Bug
-
Resolution: Fixed
-
P4
-
8u66, 9
-
b109
-
generic
-
generic
-
Verified
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8151382 | 8-pool | Vincent Ryan | P4 | Open | Unresolved |
FULL PRODUCT VERSION :
A DESCRIPTION OF THE PROBLEM :
CipherSpi.engineGetKeySize() should return key size in bits. PBEWithSHA1AndDESede algorithm implementing class com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndDESede returns key size in bytes. This enables usage of this algorithm without installing JCE Unlimited Strength Jurisdiction Policy Files. While this is maybe intended (permission javax.crypto.CryptoPermission "DESede", *; in default_local.policy) ti certainly isn't done right.
REPRODUCIBILITY :
This bug can be reproduced always.
A DESCRIPTION OF THE PROBLEM :
CipherSpi.engineGetKeySize() should return key size in bits. PBEWithSHA1AndDESede algorithm implementing class com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndDESede returns key size in bytes. This enables usage of this algorithm without installing JCE Unlimited Strength Jurisdiction Policy Files. While this is maybe intended (permission javax.crypto.CryptoPermission "DESede", *; in default_local.policy) ti certainly isn't done right.
REPRODUCIBILITY :
This bug can be reproduced always.
- backported by
-
JDK-8151382 CipherSpi implementation of PBEWithSHA1AndDESede returns key size in bytes
-
- Open
-