Populate the security Provider "info" string

[jeking3]

Currently getInfo() returns an empty string. It could return info about the name, version, and FIPS compliance.

https://github.com/corretto/amazon-corretto-crypto-provider/blob/32fce7ab1077817dd4e36ba0fb6a9fe9cecee679/src/com/amazon/corretto/crypto/provider/AmazonCorrettoCryptoProvider.java#L384C5-L384C65

For comparison, see Bouncy Castle:

https://github.com/bcgit/bc-java/blob/5b1360854d85fd27b75720015be68f9e172db013/prov/src/main/jdk1.1/org/bouncycastle/jce/provider/BouncyCastleProvider.java#L46

[geedo0]

I'm open to the idea, but what is your use case? If we were to do this, it shouldn't be used for any kind of assertion. Perhaps just for logging the provider info?

JDK Doc

[jeking3]

The use case is to align it with other crypto providers and the Provider interface. The constructor allows for an info string to be provided. There is a getInfo() method. I cannot do this reliably because ACCP passes an empty string in for the info, so I have to do this:

            // https://github.com/corretto/amazon-corretto-crypto-provider/issues/377
            String info = null;
            if (preferredProvider.getName().equals("AmazonCorrettoCryptoProvider")) {
                info = String.format("%s %s%s",
                        preferredProvider.getName(),
                        AmazonCorrettoCryptoProvider.INSTANCE.getVersionStr(),
                        AmazonCorrettoCryptoProvider.INSTANCE.isFips() ? " [FIPS]" : "");
            } else {
                info = preferredProvider.getInfo();
            }
            log.info("Preferred crypto provider: " + info);

Something like this would be great:

    AmazonCorrettoCryptoProvider v2.3.3 [FIPS]

Where FIPS is optional, and there may be other optional configuration things that could go in a list here in the future.

[jeking3]

Here's what you get for the name | info from each provider today (OpenJDK8 + ACCP injected by security properties)

23 Apr 2024 14:33:48,579 Security providers at startup:
23 Apr 2024 14:33:48,579 Slot #1: AmazonCorrettoCryptoProvider | 
23 Apr 2024 14:33:48,579 Slot #2: SUN | SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; JKS & DKS keystores; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores, JavaPolicy Policy; JavaLoginConfig Configuration)
23 Apr 2024 14:33:48,579 Slot #3: SunRsaSign | Sun RSA signature provider
23 Apr 2024 14:33:48,579 Slot #4: SunEC | Sun Elliptic Curve provider (EC, ECDSA, ECDH)
23 Apr 2024 14:33:48,579 Slot #5: SunJSSE | Sun JSSE provider(PKCS12, SunX509/PKIX key/trust factories, SSLv3/TLSv1/TLSv1.1/TLSv1.2/TLSv1.3)
23 Apr 2024 14:33:48,579 Slot #6: SunJCE | SunJCE Provider (implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE, Diffie-Hellman, HMAC)
23 Apr 2024 14:33:48,579 Slot #7: SunJGSS | Sun (Kerberos v5, SPNEGO)
23 Apr 2024 14:33:48,579 Slot #8: SunSASL | Sun SASL provider(implements client mechanisms for: DIGEST-MD5, GSSAPI, EXTERNAL, PLAIN, CRAM-MD5, NTLM; server mechanisms for: DIGEST-MD5, GSSAPI, CRAM-MD5, NTLM)
23 Apr 2024 14:33:48,579 Slot #9: XMLDSig | XMLDSig (DOM XMLSignatureFactory; DOM KeyInfoFactory; C14N 1.0, C14N 1.1, Exclusive C14N, Base64, Enveloped, XPath, XPath2, XSLT TransformServices)
23 Apr 2024 14:33:48,835 Slot #10: SunPCSC | Sun PC/SC provider