Closed
Description
a typical stacktrace is
"Ruby-0-Worker-28" daemon prio=10 tid=0x00007fc3c801f000 nid=0x5f6c runnable [0x00007fc4919cb000]
java.lang.Thread.State: RUNNABLE
at java.util.zip.ZipFile.read(Native Method)
at java.util.zip.ZipFile.access$1400(ZipFile.java:56)
at java.util.zip.ZipFile$ZipFileInputStream.read(ZipFile.java:679)
- locked <0x00000007a0182b48> (a sun.net.www.protocol.jar.URLJarFile)
at java.util.zip.ZipFile$ZipFileInflaterInputStream.fill(ZipFile.java:415)
at java.util.zip.InflaterInputStream.read(InflaterInputStream.java:158)
at java.io.BufferedInputStream.read1(BufferedInputStream.java:273)
at java.io.BufferedInputStream.read(BufferedInputStream.java:334)
- locked <0x000000077ce27470> (a java.io.BufferedInputStream)
at javax.crypto.JarVerifier.verifySingleJar(JarVerifier.java:429)
at javax.crypto.JarVerifier.verifyJars(JarVerifier.java:322)
at javax.crypto.JarVerifier.verify(JarVerifier.java:250)
at javax.crypto.JceSecurity.verifyProviderJar(JceSecurity.java:161)
at javax.crypto.JceSecurityManager.isCallerTrusted(JceSecurityManager.java:252)
at javax.crypto.Cipher.<init>(Cipher.java:252)
at sun.reflect.GeneratedConstructorAccessor22.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
at org.jruby.ext.openssl.SecurityHelper.newInstance(SecurityHelper.java:722)
at org.jruby.ext.openssl.SecurityHelper.getCipherInternal(SecurityHelper.java:434)
at org.jruby.ext.openssl.SecurityHelper.getCipher(SecurityHelper.java:383)
at org.jruby.ext.openssl.PKeyRSA.doCipherRSA(PKeyRSA.java:489)
at org.jruby.ext.openssl.PKeyRSA.private_decrypt(PKeyRSA.java:461)
at org.jruby.ext.openssl.PKeyRSA$INVOKER$i$0$0$private_decrypt.call(PKeyRSA$INVOKER$i$0$0$private_decrypt.gen)
at org.jruby.internal.runtime.methods.JavaMethod$JavaMethodN.call(JavaMethod.java:667)
at org.jruby.internal.runtime.methods.DynamicMethod.call(DynamicMethod.java:206)
at org.jruby.runtime.callsite.CachingCallSite.call(CachingCallSite.java:168)
at rubyjit.Module$$decode_ff1f0d61def2938e0677a96a15d546f2a81eb3461904542692.__file__(/some.jar!/gems/jwe-0.2.12/lib/jwe/base.rb:85)
at rubyjit.Module$$decode_ff1f0d61def2938e0677a96a15d546f2a81eb3461904542692.__file__(/some.jar!/gems/jwe-0.2.12/lib/jwe/base.rb)
at org.jruby.internal.runtime.methods.JittedMethod.call(JittedMethod.java:221)
an error occurs in javax.crypto.Cipher. and the SecurityHelper creates the Cipher without the isCallerTrusted(). the indication that the isCallerTrusted() fails is that the checks happens again and again but positiv results get cached by the JceSecurityManager.
reverse the order and first use the constructor without isCallerTrusted() first and fallback on the other constructor is OK. note both the constructors are protected or package private.
Metadata
Metadata
Assignees
Labels
No labels