Security.addProvider with JDK 7 update 21

1006132

Hello,

as of JDK 7 update 21 the following method call throws a security exception when running inside of an applet.
The applet and bcprov.jar is signed with a valid certificate:

Security.addProvider(new BouncyCastleProvider());

With JDK 7 update 17 it still worked.

1006132

It seems that from update 21 of JRE 7 the following lines are necessary in jnlp file when adding a BC provider:

<security>

   <all-permissions/>

</security>

Anyway, it solves our problem...

gimbal2

In stead of posting that "A" security exception occurs, post the exact security exception that occurs including the full stacktrace.

1006132

Here's the stacktrace:

Match: digest selected JREDesc: JREDesc[version 1.5+, heap=-1--1, args=null, href=http://java.sun.com/products/autodl/j2se, sel=false, null, null], JREInfo: JREInfo for index 0:
platform is: 1.7
product is: 1.7.0_21
location is: http://java.sun.com/products/autodl/j2se
args is:
native platform is: Windows, x86 [ x86, 32bit ]
JavaFX runtime is: JavaFX 2.2.21 found at C:\Program Files\Java\jre7\
enabled is: true
registered is: true
system is: true

Match: ignoring maxHeap: -1
Match: ignoring InitHeap: -1
Match: digesting vmargs: null
Match: digested vmargs: [JVMParameters: isSecure: true, args: ]
Match: JVM args after accumulation: [JVMParameters: isSecure: true, args: ]
Match: digest LaunchDesc: null
Match: digest properties: []
Match: JVM args: [JVMParameters: isSecure: true, args: ]
Match: endTraversal ..
Match: JVM args final:
Match: Running JREInfo Version match: 1.7.0.21 == 1.7.0.21
Match: Running JVM args match: have:<> satisfy want:<>
java.lang.reflect.InvocationTargetException
at java.awt.EventQueue.invokeAndWait(Unknown Source)
at java.awt.EventQueue.invokeAndWait(Unknown Source)
at javax.swing.SwingUtilities.invokeAndWait(Unknown Source)
at com.sun.deploy.uitoolkit.impl.awt.AWTAppletAdapter.init(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.InternalError: cannot create instance of org.bouncycastle.jce.provider.symmetric.AESMappings : java.security.AccessControlException: access denied ("java.security.SecurityPermission" "putProviderProperty.BC")
at org.bouncycastle.jce.provider.BouncyCastleProvider.loadAlgorithms(Unknown Source)
at org.bouncycastle.jce.provider.BouncyCastleProvider.<init>(Unknown Source)
at java.awt.event.InvocationEvent.dispatch(Unknown Source)
at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
at java.awt.EventQueue.access$200(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)

472695

Fwiw, I'm experiencing the same problem since update 21 (same stack trace).

1006132

It seems that from update 21 of JRE 7 the following lines are necessary in jnlp file when adding a BC provider:

<security>

   <all-permissions/>

</security>

Anyway, it solves our problem...