You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@harmony.apache.org by "Tim Ellison (JIRA)" <ji...@apache.org> on 2009/10/22 15:59:59 UTC

[jira] Resolved: (HARMONY-6357) [classlib][security] PermissionCollectionTest passes thanks to a bug in bcprov.jar

     [ https://issues.apache.org/jira/browse/HARMONY-6357?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Tim Ellison resolved HARMONY-6357.
----------------------------------

       Resolution: Fixed
    Fix Version/s: 5.0M12

I see the NPE is being thrown in the DefaultPolicyParser and handled away quietly by a catch Exception handler.  Changing the parser to pass in a bogus password with bcprov 1.41 shows the test failing in the same way as null does with bcprov 1.44, e.g.

Index: src/main/java/common/org/apache/harmony/security/fortress/DefaultPolicyParser.java
===================================================================
--- src/main/java/common/org/apache/harmony/security/fortress/DefaultPolicyParser.java	(revision 828627)
+++ src/main/java/common/org/apache/harmony/security/fortress/DefaultPolicyParser.java	(working copy)
@@ -466,7 +466,7 @@
                 InputStream is = AccessController
                         .doPrivileged(new PolicyUtils.URLLoader(location));
                 try {
-                    ks.load(is, null);
+                    ks.load(is, new char[] {});
                 }
                 finally {
                     is.close();


This is the NPE that is being thrown and handled away...

 java.lang.NullPointerException
     at org.bouncycastle.crypto.PBEParametersGenerator.PKCS12PasswordToBytes(Unknown Source)
     at org.bouncycastle.jce.provider.JDKKeyStore.engineLoad(Unknown Source)
     at java.security.KeyStore.load(KeyStore.java:630)
     at org.apache.harmony.security.fortress.DefaultPolicyParser.initKeyStore(DefaultPolicyParser.java:469)
     at org.apache.harmony.security.fortress.DefaultPolicyParser.parse(DefaultPolicyParser.java:132)
     at org.apache.harmony.security.fortress.DefaultPolicy.refresh(DefaultPolicy.java:284)
     at org.apache.harmony.security.fortress.DefaultPolicy.<init>(DefaultPolicy.java:183)
     at org.apache.harmony.security.fortress.DefaultPolicy.<init>(DefaultPolicy.java:172)

The fix was to update BouncyCastle and fix the test to create a valid policy file and fix the assertions for the implied permissions.  Fixed at repo revision r828697.

Please verify.



> [classlib][security] PermissionCollectionTest passes thanks to a bug in bcprov.jar
> ----------------------------------------------------------------------------------
>
>                 Key: HARMONY-6357
>                 URL: https://issues.apache.org/jira/browse/HARMONY-6357
>             Project: Harmony
>          Issue Type: Bug
>          Components: Classlib
>    Affects Versions: 5.0M11
>         Environment: x86/redhat el5
>            Reporter: Kyle Cho
>            Assignee: Tim Ellison
>            Priority: Minor
>             Fix For: 5.0M12
>
>
> The junit test, test_impliesLjava_security_Permisson of the tests.api.java.security.PermissionCollectionTest passes thanks to a bug in bcprov-jdk15-141.jar. See http://www.bouncycastle.org/jira/browse/BJA-222. In the bcprov-jdk15-144.jar, the bug has been fixed.
> This means that if the dependency for bcprov is updated to use bcprov-jdk15-144.jar, the junit test will fail. Either the test case needs update or excluded.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.