Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-4867890

Clarify the return value/exception for java.security.SignedObject.verify

    XMLWordPrintable

    Details

    • Subcomponent:
    • Resolved In Build:
      b24
    • CPU:
      generic
    • OS:
      generic

      Backports

        Description

        Look at
        http://java.sun.com/j2se/1.4.2/docs/api/java/security/SignedObject.html#verify(java.security.PublicKey, java.security.Signature)
        It is saying that
        " Returns:
              true if the signature is valid, false otherwise
           Throws:
              SignatureException - if signature verification failed. "

        Which seems to be saying that
        either "a false would be return" or "SignatureException would be threw" if
        the signature verification failed (signature is invalid)
        -- which give too much room to API implementer (vendor) who, therefore, could
           implement this API in different way (one of two options).
           Hence this spec cause confusion in the customer side who don't know what
           to expect really when the signature verification failed

          Attachments

            Issue Links

              Activity

                People

                Assignee:
                mullan Sean Mullan
                Reporter:
                skesunw Stuart Ke (Inactive)
                Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved:
                  Imported:
                  Indexed: