[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [iaik-ssl] Both iSaSiLk 3.01 and 3.02 Applet Editions have been packaged incorrectly



These problems have been fixed in the 3.02 release (see attachment). If
your tool says something else it is broken.

Regards,

 Andreas Sterbenz              mailto:Andreas.Sterbenz@iaik.at


-----Ursprüngliche Nachricht-----
Von: <John_Sisson@insession.com>
An: <iaik-ssl@iaik.tu-graz.ac.at>
Gesendet: Freitag, 13. Oktober 2000 01:00
Betreff: [iaik-ssl] Both iSaSiLk 3.01 and 3.02 Applet Editions have been
packaged incorrectly


> I have tried using both version 3.01 and 3.02 Applet editions of
iSaSiLk
> and have found that a number of classes that should be able to be
> subclassed, such as ChainVerifier or DefaultSecurityManager have been
> incorrectly obfuscated, causing the method/field names that are
published
> in the JavaDoc to be renamed to a, b, c  etc.
>
> It seems that version 3.02 is worse as my class browser in my IDE
(Forte
> for java) does not list any methods or fields for the ChainVerifier
class.
>
> Due to these issues, it is almost impossible to implement my own
> ChainVerifier or SecurityManager implementation.
>
> I have sent this email to the mailing list so others do not waste as
much
> time as I have trying to work out what is wrong.
>
> I suggest you look into the rules that your obfuscation program uses.
> Public and Protected fields/methods that are in the JavaDoc should not
be
> obfuscated.
>
> I hope a fixed version will be out soon??
>
> Thanks,
>
> John Sisson

>javap -classpath S:\Releases\iSaSiLkApplet\3.02eval\lib\iaik_ssl_ae.jar iaik.security.ssl.ChainVerifier
No sourcepublic class iaik.security.ssl.ChainVerifier extends java.lang.Object {
    protected boolean checkServerName;
    protected java.util.Hashtable cachedCerts;
    protected boolean nullTrusted;
    protected java.util.Hashtable trustedCerts;
    protected boolean verifyServer(iaik.java.security.cert.X509Certificate[], iaik.security.ssl.SSLTransport);
    protected boolean verifyClient(iaik.java.security.cert.X509Certificate[], iaik.security.ssl.SSLTransport);
    public boolean verifyChain(iaik.java.security.cert.X509Certificate[], iaik.security.ssl.SSLTransport);
    protected boolean verifyCertificate(iaik.java.security.cert.X509Certificate, iaik.java.security.cert.X509Certificate) throws java.lang.Exception;
    public int size();
    public void setCheckServerName(boolean);
    public void removeTrustedCertificate(iaik.java.security.cert.X509Certificate);
    protected boolean isTrustedCertificate(iaik.java.security.cert.X509Certificate);
    protected boolean isCachedCertificate(iaik.java.security.cert.X509Certificate);
    public iaik.java.security.Principal getTrustedPrincipalsArray()[];
    public java.util.Enumeration getTrustedPrincipals();
    protected iaik.java.security.cert.X509Certificate getIssuerCertificate(iaik.java.security.cert.X509Certificate);
    public boolean getCheckServerName();
    public void clearTrustedCertificates();
    protected void clearCachedCertificates();
    protected void cacheCertificates(iaik.java.security.cert.X509Certificate[], int, int);
    protected void cacheCertificate(iaik.java.security.cert.X509Certificate);
    public void addTrustedCertificate(iaik.java.security.cert.X509Certificate);
    protected iaik.security.ssl.ChainVerifier(int);
    public iaik.security.ssl.ChainVerifier();
}
***************************************************************************
*                                                                         *
* IAIK S/MIME Mapper Security Info                                        *
* ===================================                                     *
*                                                                         *
* for message:                                                            *
*   From: "Andreas Sterbenz" <Andreas.Sterbenz@iaik.at>                   *
*   Date: Fri, 13 Oct 2000 14:41:06 +0200                                 *
*   Subject: Re: [iaik-ssl] Both iSaSiLk 3.01 and 3.02 Applet Editions have been packaged incorrectly*
*                                                                         *
* Message S/MIME properties:                                              *
*                                                                         *
*   Encrypted using:    not encrypted                                     *
*                                                                         *
*   Digitally signed:   yes                                               *
*   Signature valid:    yes                                               *
*   Signature trusted:  yes                                               *
*                                                                         *
*                                                                         *
* Compliance with policy for email addresses *@iaik.at:                   *
*                                                                         *
*   Encryption:         OK (None or better required)                      *
*                                                                         *
*   Digital Signature:  OK (digital signature required)                   *
*                                                                         *
***************************************************************************