On 1/15/07, Yang Paulex wrote:
2007/1/12, Stepan Mishura :
<SNIP>
> IMHO the case with BC provider only is just particular case of
classloader
> bug. As you pointed out URLClassloader caches JarFile instances - so
the
> problem is that during JarFile object initialization there may be
request
> to
> load a class from the same jar-file. For example, the request may be
> initiated by a security manager (not by Services class).
>
> So adding to static init block "Security.getProviders()" will resolve
> problem only with "bouncycastle.jar".
This workaround can resolve problems related with any security providers.
But I agree this is just a special case, that's exactly why I have concern
on it. And I thought that maybe URLClassLoader should not cache the
JarFile
instance until it is fully initiated, but because URLClassLoader is so
widely used, so I need more tests to validate.
Hi Paulex,
I afraid that this workaround may not help, for example I've added to
HARMONY-2940 a test that reproduces the failure with SecurityManager. The
test may look odd but it just demonstrates possible failure conditions.
Thanks,
Stepan.
Thanks,
> Stepan.
>
> 2007/1/4, Leo Li (JIRA) <[EMAIL PROTECTED] >:
> > >
> > > [classlib][security]Class.forName("
> > > org.bouncycastle.jce.provider.BouncyCastleProvider"); fails while
> > > org.bouncycastle.jce.provider.BouncyCastleProvider is added as a
> > security
> > > provider
> > >
> > >
> >
>
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
> > >
> > > Key: HARMONY-2940
> > > URL:
> https://issues.apache.org/jira/browse/HARMONY-2940
> > > Project: Harmony
> > > Issue Type: Bug
> > > Components: Classlib
> > > Reporter: Leo Li
> > > Priority: Critical
> > >
> > >
> > > Here is a testcase:
> > >
> > > public void test()
> > > {
> > > Class cls = Class.forName("
> > > org.bouncycastle.jce.provider.BouncyCastleProvider");
> > > }
> > >
> > > Harmony fails.
> > >
> > > After digging into it, I found that it is related with bcprov.jarhas
> a
> > > certificate signed by the signature provided by itself. I tried to
> > remove
> > > it signature and move it into the boot directory and it works.
> > >
> > > So I recommend to put an unsigned bcprov.jar into the boot
directory.
> > >
> > >
> > > --
> > > This message is automatically generated by JIRA.
> > > -
> > > If you think it was sent incorrectly contact one of the
> administrators:
> > > https://issues.apache.org/jira/secure/Administrators.jspa
> > > -
> > > For more information on JIRA, see:
> > http://www.atlassian.com/software/jira
> > >
> > >
> > >
> >
> >
> > --
> > Paulex Yang
> > China Software Development Labotary
> > IBM
> >
> >
>
>
> --
> Stepan Mishura
> Intel Enterprise Solutions Software Division
>
>
--
Paulex Yang
China Software Development Labotary
IBM
--
Stepan Mishura
Intel Enterprise Solutions Software Division
