Java Security API in Applets
Nathan Crause
I am having a rather peculiar problem. I have coded a KeyPair generator, and
have placed it inside a signer JAR file. Tested, and works 100%.
Now, I am making an applet, which registers the "Provider" AS THE FIRST LINE
OF CODE (so that I can use KeyPairGenerator.getInstance(algorithm,
provider) method). When I now try to CALL this KeyPairGenerator, I am
getting a plugin error thus:
java.lang.IllegalStateException: zip file closed
at java.util.zip.ZipFile.getEntry(ZipFile.java:143)
at java.util.jar.JarFile.getEntry(JarFile.java:184)
at sun.plugin.cache.CachedJarFile.getEntry(CachedJarFile.java:73)
at java.util.jar.JarFile.getJarEntry(JarFile.java:171)
at sun.misc.URLClassPath$JarLoader.getResource(URLClassPath.java:669)
at sun.misc.URLClassPath.getResource(URLClassPath.java:156)
at java.net.URLClassLoader$1.run(URLClassLoader.java:190)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:186)
at sun.applet.AppletClassLoader.findClass(AppletClassLoader.java:134)
at sun.plugin.security.PluginClassLoader.findClass(PluginClassLoader.java:168)
at java.lang.ClassLoader.loadClass(ClassLoader.java:299)
at sun.applet.AppletClassLoader.loadClass(AppletClassLoader.java:114)
at java.lang.ClassLoader.loadClass(ClassLoader.java:255)
at java.security.Security.doGetImpl(Security.java:1122)
at java.security.Security.doGetImpl(Security.java:1083)
at java.security.Security.getImpl(Security.java:1044)
at java.security.KeyPairGenerator.getInstance(KeyPairGenerator.java:195)
at YYYPrivateKey.generateInstance(YYYPrivateKey.java:87)
at XXX(XXX.java:284)
Now just what the HECK is going on here???
Is the plugin arbitraryily closing the JAR file(s)? Note that I get this
error EVEN IF I PLACE BOTH PACKAGES in the SAME signed JAR file.
Very strange. I'm thinking that the Java Security API wasn't really well
worked on for Applets which may use independently developed providers.
Nathan Crause
Bit of a cluster-f**k, actually.