Instantiating a SecureRandom object from an applet

[pyin@xxxxxxxxxxxx (Perry L. Yin)]

Vadim,

I did try using Netscape Capability API to enable "UniversalPropertyRead"
and "UniversalFileRead" for my signed applet.  "UniversalPropertyRead"
is needed so as to retrieve the value of "java.home" in order to locate the
security property file java.security (typically located in
$java.home/lib/security).
There are two problems I encountered then.  First of all, the "java.home"
property is not set by Communicator and it always returns null.  And then,
there is no java.security found as part of the Communicator installation.
I therefore enable "UniversalPropertyWrite" so as to reset "java.home"
to my normal jdk install.  After that the java.security property file was found
but the follwoing exception was thrown.  What really puzzle me is I did enable
"UniversalFileRead".

# Security Exception: checkread:Read of 'java\lib\security\java.security' not
permitted
netscape.security.AppletSecurityException: security.checkread: Read of
'java\lib\security\java.security' not permitted
  at netscape.security.AppletSecurity.checkRead(AppletSecurity.java:611)
  at netscape.security.AppletSecurity.checkRead(AppletSecurity.java:496)
  at java.lang.SecurityManager.checkRead(SecurityManager.java:545)
  at java.io.File.exists(File.java:288)
  at java.security.Security.initialize(Security.java:52)
  at java.security.Security.<clinit>(Security.java:43)
  at java.security.MessageDigest.getInstance(MessageDigest.java:138)
  at java.security.SecureRandom.<init>(SecureRandom.java:111)
  .....

java.lang.ExceptionInInitializerError:
netscape.security.AppletSecurityException: security.checkread: Read of
'java\lib\security\java.security' not permitted
#  UniversalFileRead privilege not enabled: Reading files stored in your
computer
  at java.security.MessageDigest.getInstance(MessageDigest.java:138)
  at java.security.SecureRandom.<init>(SecureRandom.java:111)
  at
progress.message.security.ProgressSecureRandom.<init>(ProgressSecureRandom.java:82)



Perry

"Shun, Vadim" wrote:

> Netscape has their own security domain model, it is not enough to use
> standard Java security with Navigator.
> (Explorer is more Java compliant, it works "by the book" regarding security
> )
> To enable security with Netscape, you need to use their API in addition to
> "normal" signing of your applet. Read their documentation on security, then
> you need to import their package and call it.
>
> Vadim Shun.
>
> -----Original Message-----
> From: Perry L. Yin [mailto:pyin@xxxxxxxxxxxx]
> Sent: Wednesday, September 29, 1999 10:12 AM
> To: advanced java
> Subject: Instantiating a SecureRandom object from an applet
>
> Instantiating a SecureRandom object from an applet in Communicator 4.6.1
>
> caused the following exception.  There's no error when running the
> applet in IE 5 however.
>
> java.lang.ExceptionInInitializerError:
> netscape.security.AppletSecurityException: security.checkpropsaccess.key
>
> #  UniversalPropertyRead privilege not enabled: Reading information
> stored in your computer, such as your user name
>   at java.security.MessageDigest.getInstance(MessageDigest.java:138)
>   at java.security.SecureRandom.<init>(SecureRandom.java:111)
>   at
> progress.message.security.ProgressSecureRandom.<init>(ProgressSecureRandom.j
> ava:82)
>
> .....
>
> The problem appears to be the applet has no permission to access the
> security property
> file java.security in order to find out which security provider has the
> SHA-1 implementation
> required for creating the SecureRandom object.   Any help is very much
> appreciated.
>
> Perry
>
> ---
> To unsubscribe, mail advanced-java-unsubscribe@xxxxxxxxxxxxxxxx
> To get help, mail advanced-java-help@xxxxxxxxxxxxxxxx


---
To unsubscribe, mail advanced-java-unsubscribe@xxxxxxxxxxxxxxxx
To get help, mail advanced-java-help@xxxxxxxxxxxxxxxx