Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8151149

CipherSpi implementation of PBEWithSHA1AndDESede returns key size in bytes

XMLWordPrintable

    • b109
    • generic
    • generic
    • Verified

        FULL PRODUCT VERSION :


        A DESCRIPTION OF THE PROBLEM :
        CipherSpi.engineGetKeySize() should return key size in bits. PBEWithSHA1AndDESede algorithm implementing class com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndDESede returns key size in bytes. This enables usage of this algorithm without installing JCE Unlimited Strength Jurisdiction Policy Files. While this is maybe intended (permission javax.crypto.CryptoPermission "DESede", *; in default_local.policy) ti certainly isn't done right.


        REPRODUCIBILITY :
        This bug can be reproduced always.

              vinnie Vincent Ryan
              webbuggrp Webbug Group
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: