visiting the page with security.provider.9 commented:
Looking for 0xb5f9a90c 0xb3f3cfb0 0xb5fb6bdc (document)
java version "1.6.0_18"
OpenJDK Runtime Environment (IcedTea6 1.8) (6b18~pre4-1ubuntu4~ppa1)
OpenJDK Server VM (build 16.0-b13, mixed mode)
java.lang.InterruptedException: sleep interrupted
at java.lang.Thread.sleep(Native Method)
at sun.applet.PluginAppletViewer.handleMessage(PluginAppletViewer.java:674)
at sun.applet.PluginAppletViewer.handleMessage(PluginAppletViewer.java:649)
at sun.applet.PluginStreamHandler.handleMessage(PluginStreamHandler.java:270)
at sun.applet.PluginMessageHandlerWorker.run(PluginMessageHandlerWorker.java:82)
java.lang.InterruptedException: sleep interrupted
at java.lang.Thread.sleep(Native Method)
at sun.applet.PluginAppletViewer.handleMessage(PluginAppletViewer.java:629)
at sun.applet.PluginStreamHandler.handleMessage(PluginStreamHandler.java:270)
at sun.applet.PluginMessageHandlerWorker.run(PluginMessageHandlerWorker.java:82)
java.lang.InterruptedException: sleep interrupted
at java.lang.Thread.sleep(Native Method)
at sun.applet.PluginAppletViewer.handleMessage(PluginAppletViewer.java:735)
at sun.applet.PluginAppletViewer.handleMessage(PluginAppletViewer.java:649)
at sun.applet.PluginStreamHandler.handleMessage(PluginStreamHandler.java:270)
at sun.applet.PluginMessageHandlerWorker.run(PluginMessageHandlerWorker.java:82)
visiting the page with security.provider.9 uncommented:
Looking for 0xb4178f4c 0xb3a58b20 0xb59fdbcc (document)
java version "1.6.0_18"
OpenJDK Runtime Environment (IcedTea6 1.8) (6b18~pre4-1ubuntu4~ppa1)
OpenJDK Server VM (build 16.0-b13, mixed mode)
java.security.ProviderException: Could not initialize NSS
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:201)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:103)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:532)
at sun.security.jca.ProviderConfig$3.run(ProviderConfig.java:262)
at sun.security.jca.ProviderConfig$3.run(ProviderConfig.java:244)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.jca.ProviderConfig.doLoadProvider(ProviderConfig.java:244)
at sun.security.jca.ProviderConfig.getProvider(ProviderConfig.java:224)
at sun.security.jca.ProviderList.getProvider(ProviderList.java:232)
at sun.security.jca.ProviderList.getService(ProviderList.java:330)
at sun.security.jca.GetInstance.getInstance(GetInstance.java:157)
at java.security.Security.getImpl(Security.java:696)
at java.security.AlgorithmParameters.getInstance(AlgorithmParameters.java:130)
at sun.security.x509.AlgorithmId.decodeParams(AlgorithmId.java:121)
at sun.security.x509.AlgorithmId.<init>(AlgorithmId.java:114)
at sun.security.x509.AlgorithmId.parse(AlgorithmId.java:381)
at sun.security.x509.X509Key.parse(X509Key.java:168)
at sun.security.x509.CertificateX509Key.<init>(CertificateX509Key.java:75)
at sun.security.x509.X509CertInfo.parse(X509CertInfo.java:705)
at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:169)
at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1747)
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:196)
at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:107)
at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:322)
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:763)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55)
at java.security.KeyStore.load(KeyStore.java:1201)
at sun.security.ssl.TrustManagerFactoryImpl.getCacertsKeyStore(TrustManagerFactoryImpl.java:221)
at sun.security.ssl.TrustManagerFactoryImpl.engineInit(TrustManagerFactoryImpl.java:51)
at javax.net.ssl.TrustManagerFactory.init(TrustManagerFactory.java:247)
at net.sourceforge.jnlp.security.VariableX509TrustManager.<init>(VariableX509TrustManager.java:100)
at net.sourceforge.jnlp.security.VariableX509TrustManager.getInstance(VariableX509TrustManager.java:282)
at sun.applet.PluginMain.init(PluginMain.java:217)
at sun.applet.PluginMain.<init>(PluginMain.java:147)
at sun.applet.PluginMain.main(PluginMain.java:116)
Caused by: java.io.IOException: An incompatible version of NSS is already loaded, 3.7 or later required
at sun.security.pkcs11.Secmod.isInitialized(Secmod.java:130)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:168)
... 37 more
NSS version on the system is 3.12.6.
Importing an SHA384withECDSA certificate with the same configuration does work, so the NSS security provider gets recognized in this case.
with a build from 20100411 head/1.8-branch I only see these hangs if security.provider.9 in java.security is uncommented.
a simpler applet showing the same behaviour: www.gurusheaven .de/security/ anonymitaets_ test.shtml
http://
visiting the page with security.provider.9 commented:
Looking for 0xb5f9a90c 0xb3f3cfb0 0xb5fb6bdc (document) 1ubuntu4~ ppa1) InterruptedExce ption: sleep interrupted Thread. sleep(Native Method) PluginAppletVie wer.handleMessa ge(PluginApplet Viewer. java:674) PluginAppletVie wer.handleMessa ge(PluginApplet Viewer. java:649) PluginStreamHan dler.handleMess age(PluginStrea mHandler. java:270) PluginMessageHa ndlerWorker. run(PluginMessa geHandlerWorker .java:82) InterruptedExce ption: sleep interrupted Thread. sleep(Native Method) PluginAppletVie wer.handleMessa ge(PluginApplet Viewer. java:629) PluginStreamHan dler.handleMess age(PluginStrea mHandler. java:270) PluginMessageHa ndlerWorker. run(PluginMessa geHandlerWorker .java:82) InterruptedExce ption: sleep interrupted Thread. sleep(Native Method) PluginAppletVie wer.handleMessa ge(PluginApplet Viewer. java:735) PluginAppletVie wer.handleMessa ge(PluginApplet Viewer. java:649) PluginStreamHan dler.handleMess age(PluginStrea mHandler. java:270) PluginMessageHa ndlerWorker. run(PluginMessa geHandlerWorker .java:82)
java version "1.6.0_18"
OpenJDK Runtime Environment (IcedTea6 1.8) (6b18~pre4-
OpenJDK Server VM (build 16.0-b13, mixed mode)
java.lang.
at java.lang.
at sun.applet.
at sun.applet.
at sun.applet.
at sun.applet.
java.lang.
at java.lang.
at sun.applet.
at sun.applet.
at sun.applet.
java.lang.
at java.lang.
at sun.applet.
at sun.applet.
at sun.applet.
at sun.applet.
visiting the page with security.provider.9 uncommented: 1ubuntu4~ ppa1) ProviderExcepti on: Could not initialize NSS pkcs11. SunPKCS11. <init>( SunPKCS11. java:201) pkcs11. SunPKCS11. <init>( SunPKCS11. java:103) NativeConstruct orAccessorImpl. newInstance0( Native Method) NativeConstruct orAccessorImpl. newInstance( NativeConstruct orAccessorImpl. java:57) DelegatingConst ructorAccessorI mpl.newInstance (DelegatingCons tructorAccessor Impl.java: 45) reflect. Constructor. newInstance( Constructor. java:532) jca.ProviderCon fig$3.run( ProviderConfig. java:262) jca.ProviderCon fig$3.run( ProviderConfig. java:244) AccessControlle r.doPrivileged( Native Method) jca.ProviderCon fig.doLoadProvi der(ProviderCon fig.java: 244) jca.ProviderCon fig.getProvider (ProviderConfig .java:224) jca.ProviderLis t.getProvider( ProviderList. java:232) jca.ProviderLis t.getService( ProviderList. java:330) jca.GetInstance .getInstance( GetInstance. java:157) Security. getImpl( Security. java:696) AlgorithmParame ters.getInstanc e(AlgorithmPara meters. java:130) x509.AlgorithmI d.decodeParams( AlgorithmId. java:121) x509.AlgorithmI d.<init> (AlgorithmId. java:114) x509.AlgorithmI d.parse( AlgorithmId. java:381) x509.X509Key. parse(X509Key. java:168) x509.Certificat eX509Key. <init>( CertificateX509 Key.java: 75) x509.X509CertIn fo.parse( X509CertInfo. java:705) x509.X509CertIn fo.<init> (X509CertInfo. java:169) x509.X509CertIm pl.parse( X509CertImpl. java:1747) x509.X509CertIm pl.<init> (X509CertImpl. java:196) provider. X509Factory. engineGenerateC ertificate( X509Factory. java:107) cert.Certificat eFactory. generateCertifi cate(Certificat eFactory. java:322) provider. JavaKeyStore. engineLoad( JavaKeyStore. java:763) provider. JavaKeyStore$ JKS.engineLoad( JavaKeyStore. java:55) KeyStore. load(KeyStore. java:1201) ssl.TrustManage rFactoryImpl. getCacertsKeySt ore(TrustManage rFactoryImpl. java:221) ssl.TrustManage rFactoryImpl. engineInit( TrustManagerFac toryImpl. java:51) ssl.TrustManage rFactory. init(TrustManag erFactory. java:247) .jnlp.security. VariableX509Tru stManager. <init>( VariableX509Tru stManager. java:100) .jnlp.security. VariableX509Tru stManager. getInstance( VariableX509Tru stManager. java:282) PluginMain. init(PluginMain .java:217) PluginMain. <init>( PluginMain. java:147) PluginMain. main(PluginMain .java:116) IOException: An incompatible version of NSS is already loaded, 3.7 or later required pkcs11. Secmod. isInitialized( Secmod. java:130) pkcs11. SunPKCS11. <init>( SunPKCS11. java:168)
Looking for 0xb4178f4c 0xb3a58b20 0xb59fdbcc (document)
java version "1.6.0_18"
OpenJDK Runtime Environment (IcedTea6 1.8) (6b18~pre4-
OpenJDK Server VM (build 16.0-b13, mixed mode)
java.security.
at sun.security.
at sun.security.
at sun.reflect.
at sun.reflect.
at sun.reflect.
at java.lang.
at sun.security.
at sun.security.
at java.security.
at sun.security.
at sun.security.
at sun.security.
at sun.security.
at sun.security.
at java.security.
at java.security.
at sun.security.
at sun.security.
at sun.security.
at sun.security.
at sun.security.
at sun.security.
at sun.security.
at sun.security.
at sun.security.
at sun.security.
at java.security.
at sun.security.
at sun.security.
at java.security.
at sun.security.
at sun.security.
at javax.net.
at net.sourceforge
at net.sourceforge
at sun.applet.
at sun.applet.
at sun.applet.
Caused by: java.io.
at sun.security.
at sun.security.
... 37 more
NSS version on the system is 3.12.6.
Importing an SHA384withECDSA certificate with the same configuration does work, so the NSS security provider gets recognized in this case.
running the applet in appletviewer works:
appletviewer -J-Djava. security. policy= polfile http:// www.gurusheaven .de/security/ anonymitaets_ test.shtml
with polfile: RuntimePermissi on "getenv.*";
grant {
permission java.lang.
};