: 
http://grepcode.com/file_/repository.grepcode.com/java/root/jdk/openjdk/8u40-b25/sun/security/provider/JavaKeyStore.java/?v=source
: 
: The getPreKeyedHash method is where MessageDigest.getInstance("SHA") is
: called. From everything I've read this code is incorrect because SHA is not
: a valid algorithm.

Interesting... what exactly does your JVM produce if you run this code...

    public static void main(String[] args) throws Exception {
        java.security.MessageDigest x = 
java.security.MessageDigest.getInstance("SHA");
        System.out.println(x.toString());
        System.out.println(x.getAlgorithm());
        System.out.println(x.getProvider().toString());
    }

On my system i get...

---
hossman@tray:~/tmp$ java -ea Temp
SHA Message Digest from SUN, <initialized>

SHA
SUN version 1.8
---

It perplexes me that in the javadocs for MessageDigest the sample usage 
code shows 'MessageDigest.getInstance("SHA");' as the very first line, but 
then lower down it says...

>> Every implementation of the Java platform is required to support the 
>> following standard MessageDigest algorithms:
>>
>>  * MD5
>>  * SHA-1
>>  * SHA-256

...and the linked to "Java Cryptography Architecture Standard Algorithm 
Name Documentation" doesn't mention "SHA" but does mention the various 
"SHA-n" specific impls...

https://docs.oracle.com/javase/8/docs/api/java/security/MessageDigest.html
https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#MessageDigest



-Hoss
http://www.lucidworks.com/

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org

Reply via email to