[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: [iaik-ssl]cu|| appletedition (random and ssl problem)



Hello,

> uncaught exception: java.security.PrivilegedActionException:
> java.security.PrivilegedActionException:
> java.lang.reflect.InvocationTargetException
>
>
> Caused by: java.security.AccessControlException: access denied
> (java.util.PropertyPermission isasilk.send_empty_fragment read)
You are right. This may occur when the system property
"isasilk.send_empty_fragment" is accessed in iSaSiLk 3.05. We
will fix this. Thanks.

> BigInteger(int bits, SecureRandom rndSrc)
>
> the random source i've used is:  SecRandom.getDefault()
>
> the problem is that it doesn't generate the number with the number of
> bits i've asked for. sometimes it does but sometimes it doesn't. isn't
> it suppose to force the bit length? so, if i ask a 112 bit length number
> it returns a number of 112 bits?
BigInteger(int bits, SecureRandom rndSrc) constructs a randomly generated
BigInteger, uniformly distributed over the range 0 to (2^numBits - 1).
bitLength() may return different values, depending on the number of
leading zeros (they do not count) of the randomly generated number.
BigInteger(int bitLength, int certainty, Random rnd) will give the
same bitLength anytime (however, additionally checks if the number
is prime with a certain probability).

Regards,
Dieter Bratko


-----Ursprungliche Nachricht-----
Von: iaik-ssl-owner@iaik.at [mailto:iaik-ssl-owner@iaik.at]Im Auftrag
von Aleix Conchillo
Gesendet: Dienstag, 01. Oktober 2002 18:17
An: iaik-jce@iaik.at; iaik-ssl@iaik.at
Betreff: [iaik-ssl]cu|| appletedition (random and ssl problem)


hi!

i've a problem with iaik jce and isasilk appleteditions. the first
problem is when creating an SSLClientContext like this:

CipherSuite[] cs = new CipherSuite[] {
  CipherSuite.SSL_RSA_WITH_3DES_EDE_CBC_SHA
};

SSLClientContext context = new SSLClientContext();
context.setEnabledCipherSuites(cs);

the browsers throws a security exception, because it tries to read some
private properties, for example:

netscape 4.77:
  JavaScript Error: uncaught Java exception
  netscape/security/AppletSecurityException
  ("security.checkpropsaccess.key")

galeon:
uncaught exception: java.security.PrivilegedActionException:
java.security.PrivilegedActionException:
java.lang.reflect.InvocationTargetException


Caused by: java.security.AccessControlException: access denied
(java.util.PropertyPermission isasilk.send_empty_fragment read)


i've solved this problem in netscpae 4.77 by granting permisions to the
applet to read all properties. i've have used netscape specific classes
to do this using PrivilegeManager (more info in
http://developer.netscape.com/docs/manuals/signedobj/javadoc/netscape_securi
ty_PrivilegeManager.html)

do i have to do anything special?

the other problem is when generating randoms. i've used the BigInteger
contructor:

BigInteger(int bits, SecureRandom rndSrc)

the random source i've used is:  SecRandom.getDefault()

the problem is that it doesn't generate the number with the number of
bits i've asked for. sometimes it does but sometimes it doesn't. isn't
it suppose to force the bit length? so, if i ask a 112 bit length number
it returns a number of 112 bits?

any help would be appreciated.

best regards,

aleix
--
Mailinglist-archive at
http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content:
UNSUBSCRIBE iaik-ssl


--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl