0 Replies Latest reply on Apr 27, 2013 8:48 PM by 1005917

    Signed Java Code not acting as signed after 7.0 21 update

      I have scoured the web and tried numerous things and nothing works. First, I am not a Java guru but I have done my homework here and all seems like it is signed correctly and should be working. The app was developed by someone else but we have the code and it was working fine up until the latest Java release. Now it throws an error that eludes to it being unsigned. We have a GoDaddy certificate that we use to sign the code using signjar in the build.xml (we are using Netbeans).
      There are two projects. One that access serial ports to talk to a Scale (RXTXMyComm) and another that does the data calculations, etc. (CWML). The RXTXSerial Dlls are also included in a jar called rxtxSerial.native.jar.

      First, we compile and build the RXTX project with the following build.xml (parital to show how it is signed):

      <project name="RXTXCommMY" default="default" basedir=".">
      <description>Builds, tests, and runs the project RXTXCommMY.</description>
      <import file="nbproject/build-impl.xml"/>

      <target name="-post-jar">
      <jar destfile="dist/rxtxSerial.native.jar">
      <fileset dir="lib/win32" includes="rxtxSerial.32.dll" />
      <fileset dir="lib/win64" includes="rxtxSerial.64.dll" />
      <signjar jar="dist/rxtxSerial.native.jar" storetype="pkcs12" storepass="MYPASS" alias="cwml's godaddy.com, inc. id" keystore="../CERTNAME.p12" signedjar="dist/rxtxSerial.native.signed.jar" />
      <delete file="dist/rxtxSerial.native.jar" />

      <signjar jar="${dist.jar}" storetype="pkcs12" storepass="MYPASS" alias="cwml's godaddy.com, inc. id" keystore="../CERTNAME.p12" signedjar="dist/RXTXCommMY.signed.jar" />
      <delete file="${dist.jar}" />


      These jars are then included in the CWML project and it is built as follows:

      <target name="-post-jar">
      <format property="build.timestamp" pattern="yyyyMd_HmsS" />

      <filter token="build.timestamp" value="${build.timestamp}" />

      <basename property="jarFilename" file="${dist.jar}" suffix=".jar" />
      <signjar jar="${dist.jar}" storetype="pkcs12" storepass="MYPASS" alias="CWML's godaddy.com, inc. id" keystore="../CERTNAME.p12" signedjar="dist/${jarFilename}_v${build.timestamp}.jar" />
      <delete file="${dist.jar}" />

      <copy file="index.html" todir="dist" filtering="true" />
      <copy file="cwml.jnlp" todir="dist" filtering="true" />


      The jnlp looks as follows:

      <?xml version="1.0" encoding="UTF-8"?>
      <title>Scale Applet</title>
      <vendor>Scale Applet</vendor>

      <all-permissions />

      <j2se version="1.7+" />
      <jar href="CWML_v2013427_153155832.jar" main="true" />
      <jar href="lib/RXTXCommMY.signed.jar?v=2013427_153155832" />
      <nativelib href="lib/rxtxSerial.native.signed.jar?v=2013427_153155832" />

      <applet-desc name="ScaleApplet" main-class="cwml.ScaleApplet" width="200" height="40">


      I did run it through the Janela verifier and it is fine.

      It runs and works in Netbeans and it worked fine prior to update 21. I have also discovered if I remove the <security> tags from the jnlp it works in IE with Java 7.0 21 but it will not work in Chrome. When I run Java console in Chrome I get the following:


      java.lang.ExceptionInInitializerError thrown while loading gnu.io.RXTXCommDriver
      Exception in thread "Thread-15" java.lang.ExceptionInInitializerError
           at cmwl.ioport.PortHelper.getAvailablePorts(PortHelper.java:49)
           at cmwl.ioport.PortHelper.connectSerialPorts(PortHelper.java:64)
           at cmwl.ioport.PortHelper.run(PortHelper.java:42)
      Caused by: java.security.AccessControlException: access denied ("java.util.PropertyPermission" "sun.arch.data.model" "read")
           at java.security.AccessControlContext.checkPermission(Unknown Source)
           at java.security.AccessController.checkPermission(Unknown Source)
           at java.lang.SecurityManager.checkPermission(Unknown Source)
           at sun.plugin2.applet.AWTAppletSecurityManager.checkPermission(Unknown Source)
           at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
           at java.lang.System.getProperty(Unknown Source)
           at gnu.io.CommPortIdentifier.<clinit>(CommPortIdentifier.java:123)
           ... 3 more

      I ran a much more detailed trace and it showed the Certs being verified for all three jars. I am at a loss as this is causing us big problems. Line 123 that is being called is:

      System.loadLibrary( "rxtxSerial." + System.getProperty("sun.arch.data.model") );

      I have also tried adding Trusted-Library:True to the manifest and all it does is then give me a "Sandbox" error.
      Any help at all will be greatly appreciated. As I said I am not a Java guy at all and only inherited this application.