LuciferYang opened a new pull request, #258: URL: https://github.com/apache/commons-crypto/pull/258
In version 1.2.0 of `commons-crypto`, the static initialization code block of `o.a.c.crypto.random.OpenSslCryptoRandom` may throw a `GeneralSecurityException` wrapped by `IllegalStateException`, which ultimately gets wrapped into `j.l.ExceptionInInitializerError` by Java's own mechanism. This results in behavior differences when running the statement ```java org.apache.commons.crypto.random.CryptoRandomFactory#getCryptoRandom(new java.util.Properties()); ``` on platforms that do not support `OpenSslCryptoRandom` compared to when using `commons-crypto` 1.1.0 (e.g. Apple Silicon) - `commons-crypto` 1.1.0 After `OpenSslCryptoRandom` initialization fails, it tries to initialize `JavaCryptoRandom`, and `JavaCryptoRandom` can be successfully initialized and return results. - `commons-crypto` 1.2.0 After `OpenSslCryptoRandom` initialization fails, it throws an `ExceptionInInitializerError`. Since the `CryptoRandomFactory#getCryptoRandom` method does not catch `ExceptionInInitializerError` and perform fault tolerance, `ExceptionInInitializerError` continues to be thrown upward, losing the opportunity to try to initialize `JavaCryptoRandom`. Therefore, this PR adds the catch and fault tolerance for `ExceptionInInitializerError` in the `CryptoRandomFactory#getCryptoRandom` method to keep it behaving similarly to `commons-crypto` 1.1.0. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
