[Bug 1049] New: Extension jnlp's signed jar with the content of only META-INF/* is considered unsigned

bugzilla-daemon at icedtea.classpath.org bugzilla-daemon at icedtea.classpath.org
Mon Jun 18 16:12:24 PDT 2012 

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1049

          Priority: P3
            Bug ID: 1049
                CC: unassigned at icedtea.classpath.org
          Assignee: unassigned at icedtea.classpath.org
           Summary: Extension jnlp's signed jar with the content of only
                    META-INF/* is considered unsigned
          Severity: normal
    Classification: Unclassified
                OS: Linux
          Reporter: smohammad at redhat.com
          Hardware: x86_64
            Status: NEW
           Version: unspecified
         Component: General
           Product: IcedTea-Web

Created attachment 713
  --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=713&action=edit
Reproducer

I have attached the reproducer for this bug (please launch
ExtensionJnlp3.jnlp)[SignedJnlpResource.jar is the 'empty' jar].

If the resources of the launching jnlp file are the (signed) main jar and an
extension jnlp file which brings in an 'empty' signed jar, IcedTea-Web fails to
run the application. [An 'empty' signed jar is a jar with the content of only
META-INF/*]. When JarCertVerifier.isFullySignedByASingleCert() is called from
JNLPClassLoader, it always returns false because certs.keySet() has a size of
0.

* This ONLY happens when we bring in the 'empty' jar through an external jnlp
file

The following exception is shown when we launch the application:

netx: Initialization Error: Could not initialize application. (Fatal:
Application Error: Cannot grant permissions to unsigned jars. Application
requested security permissions, but jars are not signed.)
net.sourceforge.jnlp.LaunchException: Fatal: Initialization Error: Could not
initialize application. 
    at net.sourceforge.jnlp.Launcher.createApplication(Launcher.java:778)
    at net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:552)
    at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:889)
Caused by: net.sourceforge.jnlp.LaunchException: Fatal: Application Error:
Cannot grant permissions to unsigned jars. Application requested security
permissions, but jars are not signed.
    at
net.sourceforge.jnlp.runtime.JNLPClassLoader.setSecurity(JNLPClassLoader.java:291)
    at
net.sourceforge.jnlp.runtime.JNLPClassLoader.<init>(JNLPClassLoader.java:211)
    at
net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:325)
    at net.sourceforge.jnlp.Launcher.createApplication(Launcher.java:770)
    ... 2 more

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20120618/5fe522d2/attachment.html

More information about the distro-pkg-dev mailing list