Policy.refresh()

Serafin Jose Estevez Andres (uov01955@correo.uniovi.es)
Wed, 9 Dec 1998 15:23:36 -0800

Your request was successfully processed.

Output from request:

Bug Id: 4196199
** Bug created!

--------------------------- Original Message ---------------------------
>From java-security@java Wed Dec 9 15:23:31 1998
Return-Path: <java-security@java>
Received: from Ebay.Sun.COM by ssattachments.EBay.Sun.COM (SMI-8.6/SMI-SVR4)
id PAA27192; Wed, 9 Dec 1998 15:23:31 -0800
From: java-security@java
Received: from ssbugtraq.EBay.Sun.COM by Ebay.Sun.COM (SMI-8.6/SMI-5.3)
id PAA23999; Wed, 9 Dec 1998 15:23:29 -0800
Received: from Ebay.Sun.COM by ssbugtraq.EBay.Sun.COM (SMI-8.6/SMI-SVR4)
id PAA25869; Wed, 9 Dec 1998 15:23:28 -0800
Received: from Eng.Sun.COM by Ebay.Sun.COM (SMI-8.6/SMI-5.3)
id PAA11583; Wed, 9 Dec 1998 15:23:28 -0800
Received: from shorter.eng.sun.com (shorter.Eng.Sun.COM [129.144.251.35])
by Eng.Sun.COM (SMI-8.6/SMI-5.3) with SMTP id PAA00334
for <bugsbymail@ssbugtraq.ebay>; Wed, 9 Dec 1998 15:23:29 -0800
Received: from crypto.Eng.Sun.COM by shorter.eng.sun.com (SMI-8.6/SMI-SVR4)
id PAA10919; Wed, 9 Dec 1998 15:23:26 -0800
Date: Wed, 9 Dec 1998 15:23:26 -0800
Message-Id: <199812092323.PAA10919@shorter.eng.sun.com>
To: bugsbymail@ssbugtraq.EBay.Sun.COM
Subject: create_bug
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Mailer: postEmail @(#) PostEmail.java 1.10 98/09/05 11:26:23
content-length: 3893

User: rs26595
Category: java
Subcategory: classes_security
Bug/rfe/eou: bug
Synopsis: Slow response on first digital signature attempt. Subsequent ones quicker
Keywords: webbug
Keywords: 1.2only
Severity Impact: 2
Severity Functionality: 2
Priority: 4
Description:
Run the following code. It performs digital signature three times. First takes about 30 seconds, other 2 seem instantaneous. Bug or problem on my end? Thanks!

/*
Helpful Links
=============
http://java.sun.com/products/jdk/1.2/docs/guide/security/CryptoSpec.html

Issues
======
Using DB versus text file
Throughput (asynch)
Usefulness in Servlets, EJBs
*/

/*
CREATE TABLE MASTERTRAN
( tran_id VARCHAR2(32),
tran_type VARCHAR2(32),
session_id VARCHAR2(32),
channel_type VARCHAR2(32),
channel_id VARCHAR2(32),
start_dttm DATE,
duration_ms NUMBER,
text_digest VARCHAR2(2000),
signature VARCHAR2(2000) );
*/

package com.huntington.util;

import java.security.*;

public class SignedLogFile {


public static void main( String[] args ) {

String msg = "Welcome to the Cosmocracy!";
byte[] data = msg.getBytes();
String msg2 = "Welcome Cosmo!";
byte[] data2 = msg2.getBytes();

try {
// Generate a message digest
System.out.print( "Generating message digest..." );
MessageDigest sha = MessageDigest.getInstance("SHA");
sha.update( data );
byte[] hash = sha.digest();
System.out.println( "done" );

// Generate a 512-bit public/private key pair
System.out.print( "Building 512-bit key pair..." );
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA");
SecureRandom random = SecureRandom.getInstance("SHA1PRNG", "SUN");
random.setSeed(292708770);
keyGen.initialize(512, random);
KeyPair pair = keyGen.generateKeyPair();
System.out.println( "done" );

Signature dsa = Signature.getInstance("SHA1withDSA");

/* Initializing the object with a private key */
PrivateKey priv = pair.getPrivate();
dsa.initSign(priv);

/* Update and sign the data */
System.out.print( "Generating digital signature..." );
dsa.update(data);
byte[] sig = dsa.sign();
System.out.println( "done");
System.out.print( "Generating digital signature..." );
dsa.update(data2);
byte[] sig2 = dsa.sign();
System.out.println( "done");
System.out.print( "Generating digital signature..." );
dsa.update(data2);
sig2 = dsa.sign();
System.out.println( "done");

// Verify signature
System.out.print( "Verifying signature..." );
/* Initializing the object with the public key */
PublicKey pub = pair.getPublic();
dsa.initVerify(pub);
/* Update and verify the data */
dsa.update(data);
boolean verifies = dsa.verify(sig);
System.out.println( "done" );
System.out.println("Signature1 verifies: " + verifies);
System.out.print( "Verifying signature..." );
/* Update and verify the data */
dsa.update(data2);
verifies = dsa.verify(sig2);
System.out.println( "done" );
System.out.println("Signature2 verifies: " + verifies);
System.out.print( "Verifying signature..." );
/* Update and verify the data */
dsa.update(data);
verifies = dsa.verify(sig2);
System.out.println( "done" );
System.out.println("Signature (faked) verifies: " + verifies);

System.out.println( "\nMessage: " + msg );
System.out.println( "Hash: " + (new String(hash)) );
System.out.println( "Signature: " + (new String(sig)) );
System.out.println( "Signature2: " + (new String(sig2)) );

} catch (Exception e) {
e.printStackTrace();
}
}
}
(Review ID: 43282)
Comments:
(company - Huntington Service Company , email - eric.kramer@huntington.com)
customer_rec: new
Company: other
Employee: Eric Kramer eric.kramer@huntington.com (other)
Release: 1.2RC2
Hardware version: i586
O/S version: win_95
User Role: D
User Type: E
Sun Contact: schemers
end_customer_rec: