Errata

Java Security

Errata for Java Security

Submit your own errata for this product.

The errata list is a list of errors and their corrections that were found after the product was released.

The following errata were submitted by our customers and have not yet been approved or disproved by the author or editor. They solely represent the opinion of the customer.

Color Key: Serious technical mistake Minor technical mistake Language or formatting error Typo Question Note Update

Version Location Description Submitted by Date submitted
Printed Page i
Cover

Ok, this is really picky, but I'm fairly sure that 'JSEE' doesn't exist. If I am assuming correctly, the banner on the corner should read 'Covers JAAS and JSSE'. Great book though!

 Anonymous   
Printed Page 34
2nd paragraph

... and all code is allowed to read the java.vendor system property.
should read:
... and all code is allowed to read the java.version system property.

 Anonymous   
Printed Page 93
description of the method: public abstract boolean implies(Permission p)

Checks to see if any permission in the collection implies the given permission.

should read

Checks to see if all permissions together in the collection implies the given permission.

 Anonymous   
Printed Page 108
3rd paragraph

The first sentence begins:

So protection domain can grant...

This should read:

So a protection domain can grant...

 Anonymous   
Printed Page 114
last paragraph

Let's assume that no class loader based package separation exists
-> 'no' should be omitted.

 Anonymous   
Printed Page 176
Code sample at bottom

The first line of generateKeyPair() is:

int rotValue = random.nextInt() % 25;

This gives us a value between 0 and 24 inclusive. For a rotation cipher, a value of 0
would have no effect. We really want a value between 1 and 25 inclusive. Therefore,
the first line of generateKeyPair() should be:

int rotValue = (random.nextInt() % 25) + 1;

 Anonymous   
Printed Page 176
code at the top of the page.

The getEncoded method appears to be transferring the rotValue field into an array of
four bytes. If that is the intended operation, then the rotValue field should be
shifted to the right, but instead it has been shifted to the left. Consequently, the
last three bytes of the array will always contain zero regardless of the contents of
the rotValue field. A similar error appears at the bottom of page 179.

The code bug is shown below.

public byte[] getEncoded() {
byte b[] = new byte[4];
b[3] = (byte) ((rotValue << 24) & 0xff);
b[2] = (byte) ((rotValue << 16) & 0xff);
b[1] = (byte) ((rotValue << 8) & 0xff);
b[0] = (byte) ((rotValue << 0) & 0xff);
return b;
}

Any value that is shifted to the left 24 bits and anded with 0xff will be zero. The
solution is to shift to the right.

 Anonymous   
Printed Page 179
Code sample at bottom

The XORKey class has a data member:

int rotValue;

The same name is used in the XYZKey class on p. 175. As XORKey does not represent a
"key" for a rotation cipher, it would be clearer to use a different name for this
value, to differentiate it from the previous example. Perhaps a name like "xorValue"
would be clearer.

 Anonymous   
Printed Page 180
Code sample

The method engineGenerateKey() calls the XORKey constructor with a byte argument,
rather than an int. While this would work, it uses only a fraction of the available
keyspace. The last three lines of engineGenerateKey() could be replaced with:

int n = sr.nextInt();
return new XORKey(n);

 Anonymous   
Printed Page 193
4th para

If the certificate is invalid, this method throws a SignatureException (and not a
CertificateException).

 Anonymous   
Printed Page 209
2nd paragraph

The first sentence of the paragraph reads:

Note that these CAs are the all from the same company.

The first instance of "the" in the sentence should be removed.

 Anonymous   
Printed Page 210
2nd definition and 4th definition

The definitions of "-keypass password" (2nd definition) and "-storepass password"
(4th definition) appear to be switched. Based on what I read later in the chapter,
it looks like -keypass is to specify the password for the particular entry's private
key (particular alias) and -storepass is to specify the password for the entire
(global) keystore.

-keypass for alias
-storepass for keystore

 Anonymous   
Printed Page 226
Example - KeyStoreHandler

In downloading the Examples, in the folder ch10 there is code for a KeyStoreHandler.java and KeyStoreLookup.java - these files are identical and reflect the KeyStoreHandler! There does not seem to be unique code in the examples for the KeyStoreLookup.java. Can you send me that code?

 Roy Pozarelli  Apr 15, 2010 
Printed Page 249
4th paragraph

Regarding the three overloaded doFinal() methods of the MAC class, the second
sentence states, "The last two methods allow you to specify the last data to include
in the MAC." Only the second method allows this; the third does not.

 Anonymous   
Printed Page 326
last line in the code SSLClientVerifier

X500Name class is a part of

com.sun.net.ssl.internal.ssl.* package

in import statement is missing for SSLClientVerifier.
Should be added:

import com.sun.net.ssl.internal.ssl.*

 Anonymous   
Printed Page 355
First paragraph, third sentence

I believe the third sentence should read "The policy _file_ lists the class..." rather than "The policy _flag_...".

 Andrew Hadenfeldt  Dec 02, 2010 
Printed Page 360
Top of page 360.

Near the top of page 360 the text is as follows.

On Microsoft Windows, the command looks like this:

C:files javac -classpath ......;actions CountFiles.java

End of Quote.

The above command line suggests that the javac command should be invoked from the
C:files directory. However, the command should be invoked from
C:filesjavasecsamplesch15.

 Anonymous