• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

unexpected behaviour of compiler

 
Ranch Hand
Posts: 218
5
MS IE Notepad Suse
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
First: I couldn't find any better sub-forum - if one of the mods thinks this thread is better placed else - please move =D

As one who knows how to ask questions correctly - let me split this up in a few specific sections:

What I tried:

So I'm playing around with a few crypto stuff - and had to deal with all those obscure factories (as this fits my personal style - I really like how de-coupled all this is =D) - and obvious had to down-cast some by myself.
Here's a small snippet:

"encoded" is a byte-array holding a PKCS8 RSA private key - so while I myself know the data I'm reading in from file indeed really is a RSAPrivateCrtKey - the compiler simple can't. As an experienced programmer I know - risking RuntimeException to be thrown is bad coding style - I try to avoid them by checking.

What I expected:

So as I wrote my lines - I simple missed such check once - but noticed the compiler doesn't show me any warnings about any potential issues wich I expected.

What's my question:

Is the compiler simple somhow so smart to somehow check this cast somehow (AFAIK, a PKCS8 can contain more than just an RSA private key - at least DH, DSA and RSA - according to doc about what a KeyPairGenerator is required to be able to return) so it knows this is safe - or is such a manual down-cast by itself defined as "nah, the programmer surely knows what s/he's doin - the compiler doesn't need to check this at all"?

My environment:

OS: Windows 7 x64
JDK: Oracle 8u144
editor: notepad
compiler: javac on cmd-terminal

The main reason why I post this question: I've asked google about "java unsafe cast" - but all showing up is only Generics related. So I expected to get any warning w/o the if-block - but somehow the compiler just seems to think: "ok - manual down-cast - programmer knows - my job here's done - nothing to do for me - kthxbai"?
I guess using an IDE like Netbeans, Eclipse or others maybe would advert some warning about this "unsage" down-cast w/o any checking beforehand - but standard oracle compiler seems not to care at all.

Any hints?
 
Saloon Keeper
Posts: 15510
363
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Matt Wong wrote:Is the compiler simple somhow so smart to somehow check this cast somehow (AFAIK, a PKCS8 can contain more than just an RSA private key - at least DH, DSA and RSA - according to doc about what a KeyPairGenerator is required to be able to return) so it knows this is safe - or is such a manual down-cast by itself defined as "nah, the programmer surely knows what s/he's doin - the compiler doesn't need to check this at all"?


The compiler only checks whether the cast is allowed when you cast from one class type to another class type. When either of the types involved in the cast is an interface, the compiler doesn't perform any checking. That's because it can't guarantee that there isn't some subclass somewhere that does implement the interface, even if the class involved in the cast does not. In ALL cases though, casting is essentially the programmer telling the compiler: "I know what I'm doing, so shut up and just treat this reference as a different type".

So I expected to get any warning w/o the if-block - but somehow the compiler just seems to think: "ok - manual down-cast - programmer knows - my job here's done - nothing to do for me - kthxbai"?
I guess using an IDE like Netbeans, Eclipse or others maybe would advert some warning about this "unsage" down-cast w/o any checking beforehand - but standard oracle compiler seems not to care at all.


The compiler figures that the programmer knows best. Besides, it would be really annoying if you got a compiler warning when your code already guarantees that the reference is always of the type you're casting to. Note that there are actually compilers and tools for certain programming languages that perform this kind of checking for other situations. For instance, there's a tool for C# that warns you when you try to dereference something before checking that it's not null. It shuts up if there's a conditional statement that performs the null check.

My question to you is, why do you perform the cast in the first place? Why do you need a reference of type RSAPrivateCrtKey? Most of the crypto APIs are very loose in what they accept, and I imagine the class that you need pass the key to will accept an instance of PrivateKey.
 
Matt Wong
Ranch Hand
Posts: 218
5
MS IE Notepad Suse
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thank you for your explanation - that's explains why I don't get the expected warning, didn't knew this.

About your question why I need this down-cast: I've generated a KeyPair using KeyPairFactory and only saved the RSAPrivateCrtKey it returns. As such a key is saved not only with modulus and private exponent but also both primes one can re-construct the public exponent from it - wich java.security.interfaces.RSAPrivateCrtKey provides with getPublicExponent(). Why do I need it? Cause there's another method wich needes the public key to this private key.
Sure, I could save the public in a differnt file - I also could just generate two primes by myself, save them, and calculate the rest of the CRT-values myself.
But: If one looks around, almost any other public key implementation (like openSSL or openSSH/PuTTy) simply save the private-key with both primes and re-construct public key from it. So I just thought I follow this "standard". But as Java requires some casting due to its losely coupling I thought it's a good style to check myself before casting cause I thought it's needed. I just didn't knew the standard compiler is built the way you mentioned

telling the compiler: "I know what I'm doing, so shut up and just treat this reference as a different type"


Thanks for clearing it up =D
 
Stephan van Hulst
Saloon Keeper
Posts: 15510
363
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You can use the KeyStore class to store keys securely. The only cast you need is when you retrieve the PrivateKeyEntry from the key store.
 
The harder I work, the luckier I get. -Sam Goldwyn So tiny. - this ad:
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic