JDK-6229618 : Crypto permission lookup is wrong when the Cipher algorithm name is not all uppercase
- Type: Bug
- Component: security-libs
- Sub-Component: javax.crypto
- Affected Version: 6
- Priority: P3
- Status: Resolved
- Resolution: Fixed
- OS: generic
- CPU: generic
- Submitted: 2005-02-15
- Updated: 2010-04-02
- Resolved: 2005-02-18
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| Other | JDK 6 |
|---|---|
| 5.0u7Fixed | 6 betaFixed  |
Description
Currently, JCE framework would convert all algorithm names to uppercases when parsing the jurisdiction policy file. However, Cipher class stores the user specified transformation directly and uses it to look up the granted crypto permission. This has not been an issue since most algorithm names in JCE are in uppercases by convention and has the same keysize limit as the default (wildcard) one. However, DESede has a mixed case name, thus the current JCE crypto permission lookup fails to find the right permission and use the default one instead. ###@###.### 2005-2-15 22:37:21 GMT
Comments
|