signed JAR file doesn't load if identity database doesn't exist

Marianne Mueller (mrm@eng.sun.com)
Tue, 11 Mar 1997 07:52:55 -0800

Date: Tue, 11 Mar 1997 07:52:55 -0800
Message-Id: <199703111552.HAA10453@puffin.eng.sun.com>
From: Marianne Mueller <mrm@eng.sun.com>
To: pjenkins@dallas.objectspace.com
Subject: signed JAR file doesn't load if identity database doesn't exist

Thanks for the bug report. It is a bug for the applet not to load as
untrusted if the identitydb.obj isn't present. There's a bug filed.

Marianne

> From: Paul Jenkins <pjenkins@dallas.objectspace.com>
> Date: Mon, 10 Mar 1997 15:10:28 -0600
> Encoding: 121 TEXT
>
> Paul Jenkins
> Senior Member of Advanced Research
> ObjectSpace, Inc.
> mailto:pjenkins@objectspace.com
> http://www.objectspace.com
>
> >
> >greetings,
> > i'm experimenting with signed jar files and am using your demo at
> >http://java.sun.com/security/signExample. I downloaded the .html and
> >.jar files from the ftp site and attempted to run the applet locally
> >(with no security signing for Duke yet in place.) I received a stack
> >dump similiar to the one running it over the network (see below). I
> >thought that the jar(applet) would load, but since I don't have Duke in
> >the trusted entities list, a security exception would be thrown when an
> >attempt was made to access the local disk. Instead, it appears that the
> >jar loading for a signed jar doesn't work. Is this a known bug?
> >(couldn't find it on the site)
> >
> >when i make Duke a trusted entity in the dbase with his certificate, the
> >local version works as expected. (tell Marianne and Duke i have a cat as
> >well :-)
> >
> >can you give any insight into this?
> >
> >Thanks,
> >Paul Jenkins
> >
> >java.lang.NullPointerException:
> > at
> >sun.tools.jar.JarVerifierStream.findIdentities0(JarVerifierStream.java:4
> >05)
> > at
> >sun.tools.jar.JarVerifierStream.findIdentities(JarVerifierStream.java:36
> >9)
> > at
> >sun.tools.jar.JarVerifierStream.addIdentities(JarVerifierStream.java:343
> >)
> > at
> >sun.tools.jar.JarVerifierStream.processSignature(JarVerifierStream.java:
> >329)
> > at
> >sun.tools.jar.JarVerifierStream.computeSignatures(JarVerifierStream.java
> >:265)
> > at
> >sun.tools.jar.JarVerifierStream.getNextEntry(JarVerifierStream.java:147)
> > at
> >sun.applet.AppletResourceLoader.loadJar(AppletResourceLoader.java:156)
> > at sun.applet.AppletPanel.runLoader(AppletPanel.java:388)
> > at sun.applet.AppletPanel.run(AppletPanel.java:223)
> > at java.lang.Thread.run(Thread.java:481)
> >java.lang.IllegalArgumentException: Argument # > Arg length
> > at java.text.MessageFormat.format(MessageFormat.java:563)
> > at java.text.MessageFormat.format(MessageFormat.java:396)
> > at java.text.Format.format(Format.java:69)
> > at
> >sun.applet.AppletMessageHandler.getMessage(AppletMessageHandler.java:63)
> > at
> >sun.applet.AppletMessageHandler.getMessage(AppletMessageHandler.java:78)
> > at sun.applet.AppletPanel.showAppletStatus(AppletPanel.java:554)
> > at sun.applet.AppletPanel.run(AppletPanel.java:330)
> > at java.lang.Thread.run(Thread.java:481)