diff options
| author | Alex Klyubin <klyubin@google.com> | 2015-06-10 09:12:53 -0700 |
|---|---|---|
| committer | Alex Klyubin <klyubin@google.com> | 2015-06-10 09:12:53 -0700 |
| commit | 0c1fd5ae392a0d28481cd5680f0dce25e04409b5 (patch) | |
| tree | da54fbca132ddd44a3c1caee4358814c8948a62c /harmony-tests | |
| parent | 28889223fc7eb311775ed70335e2d3064a58b17e (diff) | |
| download | libcore-0c1fd5ae392a0d28481cd5680f0dce25e04409b5.zip libcore-0c1fd5ae392a0d28481cd5680f0dce25e04409b5.tar.gz libcore-0c1fd5ae392a0d28481cd5680f0dce25e04409b5.tar.bz2 | |
Fix X509CertificateTest.testVerifyPublicKeyString failure.
The test was failing because it was making the wrong assumption that
JCA's Signature implementation will select the implementation from the
highest priority provider which offers the matching signature
algorithm. This assumption is wrong because it does not take into
consideration that JCA also filters providers using
SupportedKeyClasses and SupportedKeyFormats attributes.
In this particular case, AndroidKeyStore Provider happens to be the
highest priority Provider which offers Signature.MD5withRSA. However,
according to its declaration, it offers that only for public keys
which are instances of AndroidKeyStorePublicKey.
The fix is to rely on JCA's Signature implementation selection
mechanism to find the highest priority provider which supports the
desired public key.
Bug: 21735869
Change-Id: Ie40f8a1cbf898966614a290c2d6cfe8350a1e99f
Diffstat (limited to 'harmony-tests')
| -rw-r--r-- | harmony-tests/src/test/java/org/apache/harmony/tests/javax/security/cert/X509CertificateTest.java | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/harmony-tests/src/test/java/org/apache/harmony/tests/javax/security/cert/X509CertificateTest.java b/harmony-tests/src/test/java/org/apache/harmony/tests/javax/security/cert/X509CertificateTest.java index 26403f5..093e2e1 100644 --- a/harmony-tests/src/test/java/org/apache/harmony/tests/javax/security/cert/X509CertificateTest.java +++ b/harmony-tests/src/test/java/org/apache/harmony/tests/javax/security/cert/X509CertificateTest.java @@ -39,6 +39,7 @@ import java.security.Principal; import java.security.Provider; import java.security.PublicKey; import java.security.Security; +import java.security.Signature; import java.security.SignatureException; import java.security.Provider.Service; import java.security.cert.CertificateFactory; @@ -763,16 +764,16 @@ public class X509CertificateTest extends TestCase { } Security.addProvider(myProvider); - Provider[] providers = Security.getProviders("Signature.MD5withRSA"); - if (providers == null || providers.length == 0) { - fail("no Provider for Signature.MD5withRSA"); - return; - } + // Find the Provider which offers MD5withRSA for the certificate's + // public key. + Signature signature = Signature.getInstance("MD5withRSA"); + signature.initVerify(javaxSSCert.getPublicKey()); + Provider provider = signature.getProvider(); // self signed cert: should verify with provider try { javaxSSCert.verify(javaxSSCert.getPublicKey(), - providers[0].getName()); + provider.getName()); } catch (SignatureException e) { fail("blu"); } |