You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@harmony.apache.org by "Tim Ellison (JIRA)" <ji...@apache.org> on 2009/10/22 15:59:59 UTC
[jira] Resolved: (HARMONY-6357) [classlib][security]
PermissionCollectionTest passes thanks to a bug in bcprov.jar
[ https://issues.apache.org/jira/browse/HARMONY-6357?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tim Ellison resolved HARMONY-6357.
----------------------------------
Resolution: Fixed
Fix Version/s: 5.0M12
I see the NPE is being thrown in the DefaultPolicyParser and handled away quietly by a catch Exception handler. Changing the parser to pass in a bogus password with bcprov 1.41 shows the test failing in the same way as null does with bcprov 1.44, e.g.
Index: src/main/java/common/org/apache/harmony/security/fortress/DefaultPolicyParser.java
===================================================================
--- src/main/java/common/org/apache/harmony/security/fortress/DefaultPolicyParser.java (revision 828627)
+++ src/main/java/common/org/apache/harmony/security/fortress/DefaultPolicyParser.java (working copy)
@@ -466,7 +466,7 @@
InputStream is = AccessController
.doPrivileged(new PolicyUtils.URLLoader(location));
try {
- ks.load(is, null);
+ ks.load(is, new char[] {});
}
finally {
is.close();
This is the NPE that is being thrown and handled away...
java.lang.NullPointerException
at org.bouncycastle.crypto.PBEParametersGenerator.PKCS12PasswordToBytes(Unknown Source)
at org.bouncycastle.jce.provider.JDKKeyStore.engineLoad(Unknown Source)
at java.security.KeyStore.load(KeyStore.java:630)
at org.apache.harmony.security.fortress.DefaultPolicyParser.initKeyStore(DefaultPolicyParser.java:469)
at org.apache.harmony.security.fortress.DefaultPolicyParser.parse(DefaultPolicyParser.java:132)
at org.apache.harmony.security.fortress.DefaultPolicy.refresh(DefaultPolicy.java:284)
at org.apache.harmony.security.fortress.DefaultPolicy.<init>(DefaultPolicy.java:183)
at org.apache.harmony.security.fortress.DefaultPolicy.<init>(DefaultPolicy.java:172)
The fix was to update BouncyCastle and fix the test to create a valid policy file and fix the assertions for the implied permissions. Fixed at repo revision r828697.
Please verify.
> [classlib][security] PermissionCollectionTest passes thanks to a bug in bcprov.jar
> ----------------------------------------------------------------------------------
>
> Key: HARMONY-6357
> URL: https://issues.apache.org/jira/browse/HARMONY-6357
> Project: Harmony
> Issue Type: Bug
> Components: Classlib
> Affects Versions: 5.0M11
> Environment: x86/redhat el5
> Reporter: Kyle Cho
> Assignee: Tim Ellison
> Priority: Minor
> Fix For: 5.0M12
>
>
> The junit test, test_impliesLjava_security_Permisson of the tests.api.java.security.PermissionCollectionTest passes thanks to a bug in bcprov-jdk15-141.jar. See http://www.bouncycastle.org/jira/browse/BJA-222. In the bcprov-jdk15-144.jar, the bug has been fixed.
> This means that if the dependency for bcprov is updated to use bcprov-jdk15-144.jar, the junit test will fail. Either the test case needs update or excluded.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.