-
Type:
Enhancement
-
Resolution: Fixed
-
Priority:
P4
-
Affects Version/s: 8, 9
-
Component/s: security-libs
-
b12
-
generic
-
generic
A DESCRIPTION OF THE REQUEST :
Java arrays/lists are zero based but for unknown reasons developers at Sun choose to make the provider list 1 base, ie entries at index 0 is not used.
JUSTIFICATION :
The provider is not used, ie Suns/Oracles less secure JCE will take precedence when the developer thinks the supplied provider is used.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
This code should throw an IllegalArgumentException
Security.insertProviderAt(new BouncyCastleProvider(), 0);
ACTUAL -
The provider is not used.
---------- BEGIN SOURCE ----------
Security.insertProviderAt(new BouncyCastleProvider(), 0);
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
Apparently, by convention index 2 is the first "user" index to use.
Security.insertProviderAt(new BouncyCastleProvider(), 2);
Java arrays/lists are zero based but for unknown reasons developers at Sun choose to make the provider list 1 base, ie entries at index 0 is not used.
JUSTIFICATION :
The provider is not used, ie Suns/Oracles less secure JCE will take precedence when the developer thinks the supplied provider is used.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
This code should throw an IllegalArgumentException
Security.insertProviderAt(new BouncyCastleProvider(), 0);
ACTUAL -
The provider is not used.
---------- BEGIN SOURCE ----------
Security.insertProviderAt(new BouncyCastleProvider(), 0);
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
Apparently, by convention index 2 is the first "user" index to use.
Security.insertProviderAt(new BouncyCastleProvider(), 2);
- csr for
-
JDK-8314168 Update Security.insertProviderAt to specify behavior when requested position is out of range.
-
- Closed
-
