[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-ssl]cu|| appletedition (random and ssl problem)



hi!

i've a problem with iaik jce and isasilk appleteditions. the first
problem is when creating an SSLClientContext like this:

CipherSuite[] cs = new CipherSuite[] {
  CipherSuite.SSL_RSA_WITH_3DES_EDE_CBC_SHA
};

SSLClientContext context = new SSLClientContext();
context.setEnabledCipherSuites(cs);

the browsers throws a security exception, because it tries to read some
private properties, for example:

netscape 4.77:
  JavaScript Error: uncaught Java exception
  netscape/security/AppletSecurityException
  ("security.checkpropsaccess.key") 

galeon:
uncaught exception: java.security.PrivilegedActionException:
java.security.PrivilegedActionException:
java.lang.reflect.InvocationTargetException


Caused by: java.security.AccessControlException: access denied
(java.util.PropertyPermission isasilk.send_empty_fragment read)


i've solved this problem in netscpae 4.77 by granting permisions to the
applet to read all properties. i've have used netscape specific classes
to do this using PrivilegeManager (more info in
http://developer.netscape.com/docs/manuals/signedobj/javadoc/netscape_security_PrivilegeManager.html)

do i have to do anything special?

the other problem is when generating randoms. i've used the BigInteger
contructor:

BigInteger(int bits, SecureRandom rndSrc)

the random source i've used is:  SecRandom.getDefault()

the problem is that it doesn't generate the number with the number of
bits i've asked for. sometimes it does but sometimes it doesn't. isn't
it suppose to force the bit length? so, if i ask a 112 bit length number
it returns a number of 112 bits?

any help would be appreciated.

best regards,

aleix
--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl