Loading...

XML

Word

Printable

Type: Bug
Resolution: Duplicate
Priority: P2
Fix Version/s: None
Affects Version/s: 1.3.1
Component/s: security-libs
Labels:
- regression
- webbug

Subcomponent:
java.security
CPU:

x86
OS:

windows_2000

Name: boT120536 Date: 02/28/2001

Java(TM) Plug-in: Version 1.3.1
Using JRE version 1.3.1-beta Java HotSpot(TM) Client VM
  User home directory = C:\Documents and Settings\pboysen
Proxy Configuration: no proxy

My application and security has worked for all previous versions
including JDK1.3._01. I now get an AccessControlException. The applet is
signed and I also have a security policy file the client uses. JCE is an
installed extension (jce1_2_1.jar,local_policy.jar,sunjce_provider.jar and
US_export_policy.jar are in JRE/1.3.1/lib/ext).

The error, policy file and source code are listed below:

java.security.AccessControlException: access denied
(java.security.SecurityPermission putProviderProperty.SunJCE)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkSecurityAccess(Unknown Source)
at sun.plugin.ActivatorSecurityManager.checkSecurityAccess(Unknown
Source)
at java.security.Provider.check(Unknown Source)
at java.security.Provider.put(Unknown Source)
at com.sun.crypto.provider.b.run([DashoPro-V1.2-120198])
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.crypto.provider.SunJCE.<init>([DashoPro-V1.2-120198])
at edu.iastate.ecademy.server.NetPacket.setSecurity(NetPacket.java:577)
at edu.iastate.ecademy.server.NetPacket.send(NetPacket.java:622)
at
edu.iastate.ecademy.tools.applet.EcademyApplet.dbSend(EcademyApplet.java:921)
at
edu.iastate.ecademy.tools.applet.EcademyApplet.login(EcademyApplet.java:1012)
at Login.actionPerformed(Login.java:111)
.....

/* AUTOMATICALLY GENERATED ON Wed Feb 28 14:01:19 CST 2001*/
/* DO NOT EDIT */

grant codeBase "http://webacademy.cc.iastate.edu/-" {
  permission java.io.FilePermission "<<ALL FILES>>", "read, write, delete";
  permission java.util.PropertyPermission "*", "read,write";
  permission java.awt.AWTPermission "showWindowWithoutWarningBanner";
  permission java.awt.AWTPermission "accessClipboard";
  permission java.lang.RuntimePermission "queuePrintJob";
  permission javax.sound.sampled.AudioPermission "*", "play,record";
  permission java.security.SecurityPermission "insertProvider.SunJCE";
/* I tried putting the putProviderProperty.SunJCE here but it made no difference
*/
  permission java.net.SocketPermission "*", "accept, connect";
  permission java.lang.RuntimePermission "modifyThreadGroup";
  permission java.lang.RuntimePermission "modifyThread";
  permission java.lang.RuntimePermission "accessClassInPackage.sun.audio";
  permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
  permission java.lang.RuntimePermission "accessClassInPackage.sun.audio";
  permission java.lang.RuntimePermission "loadLibrary.*";
};

    /*******************************************************************
    * Client-side methods *
    *******************************************************************/

    /**
    * Use Diffie-Hellman key agreement to establish a shared secret and
    * create the ciphers for use for all Client-Server communication
    */
    public static synchronized void setSecurity()
        throws EcademyException {
        if (isSecure()) return;
        try {
error===>> Security.addProvider(new SunJCE());
            KeyRec rec = rmiServer.getKeyRec();
            if (rec.encodedKey != null) {
                KeyFactory keyFactory = KeyFactory.getInstance("DH");
                X509EncodedKeySpec x509KeySpec = new
X509EncodedKeySpec(rec.encodedKey);
                PublicKey serverPubKey = keyFactory.generatePublic(x509KeySpec);
                DHParameterSpec dhParamSpec =
((DHPublicKey)serverPubKey).getParams();
                KeyPairGenerator keyPairGen =
KeyPairGenerator.getInstance("DH");
                byte[] seed = new byte[32];
                (new Random()).nextBytes(seed);
                keyPairGen.initialize(dhParamSpec,new SecureRandom(seed));
                KeyPair keypair = keyPairGen.generateKeyPair();
                KeyAgreement keyagreement = KeyAgreement.getInstance("DH");
                keyagreement.init(keypair.getPrivate());
                rec.encodedKey = keypair.getPublic().getEncoded();
                keyagreement.doPhase(serverPubKey, true);
                SecretKey secretKey = keyagreement.generateSecret("DES");
                encrypt = Cipher.getInstance("DES");
                encrypt.init(Cipher.ENCRYPT_MODE,secretKey);
                decrypt = Cipher.getInstance("DES");
                decrypt.init(Cipher.DECRYPT_MODE,secretKey);
            } else {
                encrypt = new NullCipher();
                decrypt = new NullCipher();
            }
            rmiServer.validateTicket(rec);
            // this needs to be last because it is used to indicate the client
is now secure
            masterKey = rec.ticketKey;
        }
        catch (RemoteException gse) {
            throw new
EcademyException(EcademyException.BAD_COMMAND,gse.toString());
        }
        catch (GeneralSecurityException gse) {
            throw new
EcademyException(EcademyException.BAD_COMMAND,gse.toString());
        }
    }
(Review ID: 117868)
======================================================================

duplicates

JDK-4416056 Application requesting JRE 1.4.0-beta could not be launched (B58)

Closed

Assignee:: Valerie Peng

Reporter:: Bret O'neal (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Created:: 2001-02-28 17:05

Updated:: 2001-03-05 19:08

Resolved:: 2001-03-05 19:08

Imported:: 16/Sep/12 1:56 AM

Indexed:: 17/Jul/12 9:59 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates