Harmony
  1. Harmony
  2. HARMONY-6357

[classlib][security] PermissionCollectionTest passes thanks to a bug in bcprov.jar

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 5.0M11
    • Fix Version/s: 5.0M12
    • Component/s: Classlib
    • Labels:
      None
    • Environment:
      x86/redhat el5

      Description

      The junit test, test_impliesLjava_security_Permisson of the tests.api.java.security.PermissionCollectionTest passes thanks to a bug in bcprov-jdk15-141.jar. See http://www.bouncycastle.org/jira/browse/BJA-222. In the bcprov-jdk15-144.jar, the bug has been fixed.
      This means that if the dependency for bcprov is updated to use bcprov-jdk15-144.jar, the junit test will fail. Either the test case needs update or excluded.

        Activity

        Hide
        Tim Ellison added a comment -

        For the record, the test failure I see with BouncyCastle 1.44 is

        Permission should be granted expected:<[fals]e> but was:<[tru]e>

        junit.framework.ComparisonFailure: Permission should be granted expected:<[fals]e> but was:<[tru]e>
        at tests.api.java.security.PermissionCollectionTest.test_impliesLjava_security_Permission(PermissionCollectionTest.java:166)
        at java.lang.reflect.AccessibleObject.invokeV(AccessibleObject.java:197)

        Show
        Tim Ellison added a comment - For the record, the test failure I see with BouncyCastle 1.44 is Permission should be granted expected:< [fals] e> but was:< [tru] e> junit.framework.ComparisonFailure: Permission should be granted expected:< [fals] e> but was:< [tru] e> at tests.api.java.security.PermissionCollectionTest.test_impliesLjava_security_Permission(PermissionCollectionTest.java:166) at java.lang.reflect.AccessibleObject.invokeV(AccessibleObject.java:197)
        Hide
        Tim Ellison added a comment -

        I see the NPE is being thrown in the DefaultPolicyParser and handled away quietly by a catch Exception handler. Changing the parser to pass in a bogus password with bcprov 1.41 shows the test failing in the same way as null does with bcprov 1.44, e.g.

        Index: src/main/java/common/org/apache/harmony/security/fortress/DefaultPolicyParser.java
        ===================================================================
        — src/main/java/common/org/apache/harmony/security/fortress/DefaultPolicyParser.java (revision 828627)
        +++ src/main/java/common/org/apache/harmony/security/fortress/DefaultPolicyParser.java (working copy)
        @@ -466,7 +466,7 @@
        InputStream is = AccessController
        .doPrivileged(new PolicyUtils.URLLoader(location));
        try {

        • ks.load(is, null);
          + ks.load(is, new char[] {});
          }
          finally {
          is.close();

        This is the NPE that is being thrown and handled away...

        java.lang.NullPointerException
        at org.bouncycastle.crypto.PBEParametersGenerator.PKCS12PasswordToBytes(Unknown Source)
        at org.bouncycastle.jce.provider.JDKKeyStore.engineLoad(Unknown Source)
        at java.security.KeyStore.load(KeyStore.java:630)
        at org.apache.harmony.security.fortress.DefaultPolicyParser.initKeyStore(DefaultPolicyParser.java:469)
        at org.apache.harmony.security.fortress.DefaultPolicyParser.parse(DefaultPolicyParser.java:132)
        at org.apache.harmony.security.fortress.DefaultPolicy.refresh(DefaultPolicy.java:284)
        at org.apache.harmony.security.fortress.DefaultPolicy.<init>(DefaultPolicy.java:183)
        at org.apache.harmony.security.fortress.DefaultPolicy.<init>(DefaultPolicy.java:172)

        The fix was to update BouncyCastle and fix the test to create a valid policy file and fix the assertions for the implied permissions. Fixed at repo revision r828697.

        Please verify.

        Show
        Tim Ellison added a comment - I see the NPE is being thrown in the DefaultPolicyParser and handled away quietly by a catch Exception handler. Changing the parser to pass in a bogus password with bcprov 1.41 shows the test failing in the same way as null does with bcprov 1.44, e.g. Index: src/main/java/common/org/apache/harmony/security/fortress/DefaultPolicyParser.java =================================================================== — src/main/java/common/org/apache/harmony/security/fortress/DefaultPolicyParser.java (revision 828627) +++ src/main/java/common/org/apache/harmony/security/fortress/DefaultPolicyParser.java (working copy) @@ -466,7 +466,7 @@ InputStream is = AccessController .doPrivileged(new PolicyUtils.URLLoader(location)); try { ks.load(is, null); + ks.load(is, new char[] {}); } finally { is.close(); This is the NPE that is being thrown and handled away... java.lang.NullPointerException at org.bouncycastle.crypto.PBEParametersGenerator.PKCS12PasswordToBytes(Unknown Source) at org.bouncycastle.jce.provider.JDKKeyStore.engineLoad(Unknown Source) at java.security.KeyStore.load(KeyStore.java:630) at org.apache.harmony.security.fortress.DefaultPolicyParser.initKeyStore(DefaultPolicyParser.java:469) at org.apache.harmony.security.fortress.DefaultPolicyParser.parse(DefaultPolicyParser.java:132) at org.apache.harmony.security.fortress.DefaultPolicy.refresh(DefaultPolicy.java:284) at org.apache.harmony.security.fortress.DefaultPolicy.<init>(DefaultPolicy.java:183) at org.apache.harmony.security.fortress.DefaultPolicy.<init>(DefaultPolicy.java:172) The fix was to update BouncyCastle and fix the test to create a valid policy file and fix the assertions for the implied permissions. Fixed at repo revision r828697. Please verify.
        Hide
        Hudson added a comment -

        Integrated in Harmony-1.5-head-linux-x86_64 #510 (See http://hudson.zones.apache.org/hudson/job/Harmony-1.5-head-linux-x86_64/510/)
        Fix for ([classlib][security] PermissionCollectionTest passes thanks to a bug in bcprov.jar)

        Update BouncyCastle dependency to version 1.44, and

        fix the PermissionCollections test to:

        • write out the policy file in a valid format
        • assert the permissions implies correctly from the forked VM
        Show
        Hudson added a comment - Integrated in Harmony-1.5-head-linux-x86_64 #510 (See http://hudson.zones.apache.org/hudson/job/Harmony-1.5-head-linux-x86_64/510/ ) Fix for ( [classlib] [security] PermissionCollectionTest passes thanks to a bug in bcprov.jar) Update BouncyCastle dependency to version 1.44, and fix the PermissionCollections test to: write out the policy file in a valid format assert the permissions implies correctly from the forked VM
        Hide
        Kyle Cho added a comment -

        confirmed that the revison r828697 fixed the issue.

        Show
        Kyle Cho added a comment - confirmed that the revison r828697 fixed the issue.

          People

          • Assignee:
            Tim Ellison
            Reporter:
            Kyle Cho
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development