Review Request: loading JCE providers using ServiceLoader

Sean Mullan sean.mullan at oracle.com
Tue Aug 14 07:30:15 PDT 2012 

On 8/14/12 5:30 AM, Alan Bateman wrote:
> On 13/08/2012 20:17, Sean Mullan wrote:
>>
>> I thought about doing that, just adding them on to the end. But there 
>> are a few other subtle issues. Right now, if you want to use a JCE 
>> provider that isn't registered, you instantiate it directly (as I 
>> showed above). Or you could also instantiate it and use the 
>> Security.addProvider or insertProviderAt methods to add it to the list 
>> of registered providers. There are apps doing that today. That code 
>> may break (addProvider will return -1) if we automatically registered 
>> all JCE providers that were found by ServiceLoader. So I would rather 
>> hold off on this and address it later with the ordering of providers. 
>> We may need to adjust what it actually means for a JCE provider to be 
>> installed:
> I think it would make sense to add them at the end. One could imagine 
> calling Signature.getInstance(algorithm) and the implementation would 
> iterate over the configured providers and if none of them support the 
> algorithm then it will move onto the other installed providers looking 
> for one that supports this algorithm.
> 
> On the dynamic registration via Security.addProvider then I would think 
> it should be an error for someone to install the provider as a service 
> provider module and also attempts to register it themselves (and to 
> register it themselves would require they have some means to instantiate 
> it, suggesting it exports an API for that). It may be that bundled 
> providers intended to be dynamically registered just don't declare 
> themselves as services.
> 
> So I think it would be good to re-visit this, not critical for the 
> initial push of course.

Ok, that's good. It's a bit more work to make providers not configured in
java.security available by default -- it will require more surgery to the
sun.security.jca classes, so I'd rather do this later.

I've created a new CR to track the issues we should look at later:

http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7191104

--Sean

More information about the jigsaw-dev mailing list