Re: certificates for javakey

Marianne Mueller (mrm@eng.sun.com)
Tue, 4 Mar 1997 10:38:02 -0800

Date: Tue, 4 Mar 1997 10:38:02 -0800
Message-Id: <199703041838.KAA07578@puffin.eng.sun.com>
From: Marianne Mueller <mrm@eng.sun.com>
To: watson@CEBAF.GOV
Subject: Re: certificates for javakey

(I cc the email list since we are building a hypermail archive at
http://jeeves.javasoft.com/hypermail/java-security-archive)

The findIdentities bug was a bug in JDK 1.1, fixed in JDK 1.1.1 which
is code-freezing very soon. JDK 1.1.1 is our release to support the
HotJava release. There have also been some bug fixes related to how
identities are compared, which I think would fix the problems you're
seeing on win95.

One workaround is to load the signed applet locally rather than across
the net.

We'll look into the rest of the details to see if there is a different
bug related to using the identitydb.obj on win95.

Marianne

> Date: Tue, 04 Mar 1997 09:42:55 -0500
> From: Chip Watson <watson@CEBAF.GOV>
> Cc: Chip Watson <watson@CEBAF.GOV>
>
> We are using the 1.1 FCS, and the HotJava 1.0 beta (latest release I think).
> If I use the javakey on Windows to create an identitydb.obj file containing
> an identity "unknown" which I don't otherwise use, HotJava crashes with
> (best recollection) something that looks like null pointer exception....
> .....called from findIdentities0(...) called from findIdentities(...) called
> from... (can't remember rest). (See also below for more details).
>
> If I add the identity I am actually using using W95 javakey, same
> crash. If I ftp over the Solaris identitydb.obj, everything works. If I
> then delete that file, and create identitydb.obj again using W95 javakey,
> and insert the identity I am using, it still works!!!
> Apparently HotJava has another file somewhere that is
> being initialized from the contents of identitydb.obj in a persistent way?
>
> If this is not enough to go on, I may need to re-install HotJava clean to
> re-create the crash in order to get the crash dump for you.
>
> Off the news group I got another user with apparently the same problem.
> That user sent me this dump, which looks like the one I had:
>
> >From: Rune Eidhammer <Rune.Eidhammer@cc.uit.no>
> >Subject: Re: Signed applets in 1.1 FCS
> ...
> >My NT box gave me the same exception. Did the rest look similar in
> >your win95?
>
> java.lang.NullPointerException:
> at sun.tools.jar.JarVerifierStream.findIdentities0(JarVerifierStrea
> a:405)
> at sun.tools.jar.JarVerifierStream.findIdentities(JarVerifierStream
> :369)
> at sun.tools.jar.JarVerifierStream.addIdentities(JarVerifierStream.
> 343)
> at sun.tools.jar.JarVerifierStream.processSignature(JarVerifierStre
> va:329)
> at sun.tools.jar.JarVerifierStream.computeSignatures(JarVerifierStr
> ava:265)
> at sun.tools.jar.JarVerifierStream.getNextEntry(JarVerifierStream.j
> 47)
> at sun.applet.AppletResourceLoader.loadJar(AppletResourceLoader.jav
> )
> at sun.applet.AppletPanel.runLoader(AppletPanel.java:388)
> at sun.applet.AppletPanel.run(AppletPanel.java:223)
> at java.lang.Thread.run(Thread.java:481)
> java.lang.IllegalArgumentException: Argument # > Arg length
> at java.text.MessageFormat.format(MessageFormat.java:563)
> at java.text.MessageFormat.format(MessageFormat.java:396)
> at java.text.Format.format(Format.java:69)
> at sun.applet.AppletMessageHandler.getMessage(AppletMessageHandler.
> 63)
> at sun.applet.AppletMessageHandler.getMessage(AppletMessageHandler.
> 78)
> at sun.applet.AppletPanel.showAppletStatus(AppletPanel.java:554)
> at sun.applet.AppletPanel.run(AppletPanel.java:330)
> at java.lang.Thread.run(Thread.java:481)
>
> Thanks for any help. It is not urgent as I have a work around. I have
> sent my workaround to Rune, who is having the same problem on NT (don't
> know if they have access to a Solaris system).
>
> Chip
>
>
>