Is this a bug? Undocumented Interface?

Daniel Fisla (daniel.fisla@utoronto.ca)
Thu, 19 Aug 1999 00:52:15 -0400

Date: 	Thu, 19 Aug 1999 00:52:15 -0400
From: Daniel Fisla <daniel.fisla@utoronto.ca>
To: java-security@java.sun.com
Subject: Is this a bug? Undocumented Interface?

I tried to compile the Diffy-Hellman example for key exchange between 2
parties that comes with the
jce 1.2 .

This is what I get: (Discussion follows after the error listing)
---------------------------------------------------------------------------------------

DHKeyAgreement2.java:207: Ambiguous class: java.security.SecretKey and
javax.crypto.SecretKey
SecretKey bobDesKey = bobKeyAgree.generateSecret("DES");

DHKeyAgreement2.java:211: Ambiguous class: java.security.SecretKey and
javax.crypto.SecretKey
SecretKey aliceDesKey = aliceKeyAgree.generateSecret("DES");

DHKeyAgreement2.java:216: Ambiguous class: java.security.Cipher and
javax.crypto.Cipher
Cipher bobCipher = Cipher.getInstance("DES/ECB/PKCS5Padding");

DHKeyAgreement2.java:216: Ambiguous class: java.security.Cipher and
javax.crypto.Cipher
Cipher bobCipher = Cipher.getInstance("DES/ECB/PKCS5Padding");

DHKeyAgreement2.java:225: Ambiguous class: java.security.Cipher and
javax.crypto.Cipher
Cipher aliceCipher = Cipher.getInstance("DES/ECB/PKCS5Padding");

DHKeyAgreement2.java:225: Ambiguous class: java.security.Cipher and
javax.crypto.Cipher
Cipher aliceCipher = Cipher.getInstance("DES/ECB/PKCS5Padding");

DHKeyAgreement2.java:236: Ambiguous class: java.security.Cipher and
javax.crypto.Cipher
bobCipher = Cipher.getInstance("DES/CBC/PKCS5Padding");

DHKeyAgreement2.java:252: Ambiguous class: java.security.Cipher and
javax.crypto.Cipher
aliceCipher = Cipher.getInstance("DES/CBC/PKCS5Padding");

8 errors
----------------------------------------------------------------------------------------------

Now the weird things is, according to the java api docs, there is no
SecretKey interface or class in
java.security package.

The reason it is saying "Ambiguous class" is because there are
interfaces by the same name in
2 different places/packages.

I know the solution for this is to use absolute package names, ie.
java.security.SecretKey or
javax.crypto.SecretKey. Being interface it probably does not matter
which one I'll use, but what I
found strange that this is not documented, and how do I know if the two
interfaces are the same or
different. I guess I can just try which one will compile fine. :)

My Java docs:
Java 2 Platform, Standard Edition, version 1.2.2.

My JDK:
Java 2 Platform, Standard Edition, version 1.2.2.

Regards,

Daniel.