You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@harmony.apache.org by "Mikhail Loenko (JIRA)" <ji...@apache.org> on 2006/07/10 13:26:31 UTC

[jira] Resolved: (HARMONY-615) java.security.KeyStoreSpi.engineEntryInstanceOf(..) doesn't distinguish PrivateKeyEntry and SecretKeyEntry

     [ http://issues.apache.org/jira/browse/HARMONY-615?page=all ]
     
Mikhail Loenko resolved HARMONY-615:
------------------------------------

    Resolution: Fixed

fixed in revision 420492
Anton, please check it was fixed as expected

> java.security.KeyStoreSpi.engineEntryInstanceOf(..) doesn't distinguish PrivateKeyEntry and SecretKeyEntry
> ----------------------------------------------------------------------------------------------------------
>
>          Key: HARMONY-615
>          URL: http://issues.apache.org/jira/browse/HARMONY-615
>      Project: Harmony
>         Type: Bug

>   Components: Classlib
>     Reporter: Anton Rusanov
>     Assignee: Mikhail Loenko
>  Attachments: patch.txt, regression_test_patch.txt
>
> The method can only tell the difference between a certificate entry and a key entry, but doesn't distinguish KeyStore.PrivateKeyEntry and KeyStore.SecretKeyEntry.
> Test case that reveals the problem is down here:
> import java.security.*;
> import javax.crypto.*;
> public class KeyStoreSpi_engineEntryInstanceOfTest {
>     public static void main(String[] args) throws Exception {
>         // create a KeyStore
>         KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
>         keyStore.load(null, "pwd".toCharArray());
>         // genarate a key
>         KeyGenerator keyGen = KeyGenerator.getInstance("DES");
>         keyGen.init(56);
>         SecretKey secretKey = keyGen.generateKey();
>         // put the key into keystore
>         String alias = "alias";
>         keyStore.setKeyEntry(alias, secretKey, "pwd".toCharArray(), null);
>         // check if it is a secret key
>         if (keyStore.entryInstanceOf(alias, KeyStore.SecretKeyEntry.class)) {
>             System.out.println("OK");
>         }
>         // check if it is a private key
>         if (keyStore.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class)) {
>             System.out.println("TEST FAILED");
>         }
>     }
> }
> The good way to check if the entry is an instance of the given class would be to get the entry from the keystore and call instanceof. But there is not enough data to do the check in this way, because password is required to get the entry, and there is no such parameter. So check if the entry has certificate chain in it or not seems to be the only way to distinguish KeyStore.PrivateKeyEntry and KeyStore.SecretKeyEntry.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira