security providers and ...

Lars Andersen lars@rimfaxe.com
Fri Aug 16 19:21:00 GMT 2002

• Previous message (by thread): security providers and ...
• Next message (by thread): security providers and ...
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

On Fri, 2002年08月16日 at 22:04, Vladimir Puskas wrote:
> > >i think the cure is:
> > >
> > >1. to catch the ClassCastException,
> > >2. test if the newly instantiated class is an instance of
> > >java.security.MessageDigestSpi,
> > >3. if it isnt re-throw the exception, otherwise
> > >4. wrap the newly instantiated class in a proxy class that channels the
> > >MessageDigest calls to the wrapped Spi (inner) class.
> > >
> > >
> > >cheers;
> > >rsn
> >
> > OK, I have noticed the same behaviour, a ClassCastException when
> > requesting the MD5 MessageDigest from the "GNU" security provider, but
> > please consider :
> >
> > 1: the gnu security provider works fine in sun jdk1.4.
> > I tried to use Reflection to see how it was handled, and it returned the
> > type : MessageDigest$Delegate, not just MessageDigest.
> >
> > 2: It only fails in GCJ in static compiled binaries. I have used the GNU
> > MD5 MessageDigest with GCJ compiled binaries, only when i added the
> > -static option did i get this error.
> >
> > I think the problem is buried somewhere else. The MessageDigestSpi class
> > is intended (long time ago...) for security providers to implement
> > MessageDigest implementations.
> >
> >
> > regards
> > Lars Andersen
>> I wrote previous message rather quickly, and was not aware of sideeffects.
> Still bug is out there, or maybe two. My patch is based on 
> gnu.java.security.provider.SHA, which extends MessageDigest.
>> Does it mean SHA should extend MessgeDigestSpi too, or they (SHA & MD5) are 
> unrelated?
>> V.Puskas
>>>
Clipped from the j2sdk 1.4 API MessageDigest class :
>>>-Note that this class is abstract and extends from MessageDigestSpi for
-historical reasons. Application developers should only take notice of
-the methods defined in this MessageDigest class; all the methods in the
-superclass are intended for cryptographic service providers who wish to
-supply their own implementations of message digest algorithms. 
<<<
It should be OK to imlplement from the MessageDigest class; however the
other approach (extending MessageDigestSpi) ought to work as well. It
does so in the sun jdk1.4.
I solved it by writing my own security provider, with SHA-1 and MD5
MessageDigests subclassing java.security.MessageDigest.
This bypasses two problems in GCJ. The one being the MD5 problem, the
other the absence of aliasing in the GNU provider under GCJ.
regards
Lars Andersen

---

• Previous message (by thread): security providers and ...
• Next message (by thread): security providers and ...
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

More information about the Java mailing list