BC provider throws the same exceptions as SUN provider (at least for standard digest alg. names: SHA, MD2, MD5, SHA-256, SHA-384, SHA-512). But what about other third party providers?
On 9/5/06, Mikhail Loenko <[EMAIL PROTECTED]> wrote:
IMHO we should look from the perspective of migrating the apps. So let's try to make behavior of "Harmony + BC provider" close to "Sun + Sun's provider" If without the checks the combination Harmony+BC works similar to Sun+Sun's provider, then let's remove the checks. Otherwise let's keep it to make the behavior at least logical. Thanks, Mikhail 2006/9/4, Boris Kuznetsov <[EMAIL PROTECTED]>: > Usually Harmony behavior is compared with RI behavior. But in security > area RI behavior depends on provider. With different providers RI > behave differently. > > For example, RI passes incorrect method arguments to provider. In such > cases provider may throw exception (e.g. DigestException or > IllegalArgumentException) or some RuntimeException (e.g. > ArrayIndexOutOfBoundsException) may be thrown during the execution. > Here is example. > > There are number of methods with arguments like (byte[] buf, int > offset, int len). RI doesn't check if offset and len are negative but > Harmony does, so we have difference in behavior (see Harmony-1120, > 1148): on combination RI + provider application gets provider specific > exception, but on Harmony + provider - IllegalArgumentException (as in > other invalid parameters cases). > > So we have two options: > 1. Fix Harmony (remove negative parameters checks) > 2. Don't fix. Throw IllegalArgumentException for invalid parameters. > Document as non-bug difference from RI. > > Note, specification doesn't describe implementation behavior for > invalid arguments, but RI also throws IllegalArgumentException if > ofsset+len > buf.length. So throwing of IllegalArgumentException in > Harmony can't break any application. > > I suggest option 2. > Thoughts? > > Thanks, > Boris > > --------------------------------------------------------------------- > Terms of use : http://incubator.apache.org/harmony/mailing.html > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- Terms of use : http://incubator.apache.org/harmony/mailing.html To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- Best regards, Boris Kuznetsov Intel Middleware Products Division --------------------------------------------------------------------- Terms of use : http://incubator.apache.org/harmony/mailing.html To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
