Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Help with required security policies to get J9 crypto providers to work

7 views
Skip to first unread message

pedr...@netcabo.pt

unread,
Sep 7, 2006, 12:04:27 PM9/7/06
to
Hello,

I'm developing a mobile application on top of a OSGi framework running with J9.

I'm using Knopflerfish as my osgi fw. My trouble begins when I decide to activate the security manager to knopflerfish, because by doing so I have to specify the policy with every permission needed for every bundle to run and what not.

The problem i'm facing is what permissions are needed for actually instancing the Ciphers given by the crypto providers. The IBM crypto providers are being found successfully but whenever I try Cipher.getInstance I get this:

java.security.NoSuchAlgorithmException: Cannot find any provider supporting DES/ECB/PKCS5Padding
at javax.crypto.Cipher.getInstance(Unknown Source)

If I do not use any Security Manager while starting the osgi framework all is well. So I would like to know what permissions have to be set in the policy for to be able to actually use those providers.

Can anyone point me in the right direction ?

Thanks in advance,
Pedro

pedr...@netcabo.pt

unread,
Sep 7, 2006, 12:23:08 PM9/7/06
to
just one more thing, if I force a specific provider which I know has that algorithm I get the folowing exception:


java.lang.SecurityException: attempt to add a Permission to a readonly Permissions object
at java.security.Permissions.add(Permissions.java:134)
at java.security.Policy.addStaticPerms(Policy.java:399)
at java.security.Policy.getPermissions(Policy.java:387)
at java.security.Policy.implies(Policy.java:436)
at java.security.ProtectionDomain.implies(ProtectionDomain.java:213)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java(Compiled Code))
at java.security.AccessController.checkPermission(AccessController.java:476)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:538)
at java.lang.Class.getProtectionDomain(Class.java:1517)
at com.ibm.crypto.provider.i.run(Unknown Source)
at java.security.AccessController.doPrivileged1(Native Method)
at java.security.AccessController.doPrivileged(AccessController.java:287)
at com.ibm.crypto.provider.IBMJCE.b(Unknown Source)
at com.ibm.crypto.provider.IBMJCE.a(Unknown Source)
at com.ibm.crypto.provider.AESCipher.<init>(Unknown Source)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:80)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:44)
at java.lang.reflect.Constructor.newInstance(Constructor.java:315)
at java.lang.Class.newInstance3(Class.java:367)
at java.lang.Class.newInstance(Class.java:305)
at javax.crypto.e.a(Unknown Source)
at javax.crypto.e.c(Unknown Source)
at javax.crypto.Cipher.a(Unknown Source)
at javax.crypto.Cipher.getInstance(Unknown Source)

0 new messages