JDK-6232513 : RMI interoperability issue with DSAPublicKey obj between JDK1.4 & JDK1.5
  • Type: Bug
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 5.0
  • Priority: P2
  • Status: Resolved
  • Resolution: Fixed
  • OS: solaris_10
  • CPU: generic
  • Submitted: 2005-02-24
  • Updated: 2017-05-16
  • Resolved: 2005-04-15
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
Other JDK 6
5.0u4Fixed 6 betaFixed
Description
StreamCorruptedException is reported when trying to
do RMI between a 1.5 JVM (RMI Server) and 1.4 JVM (RMI
client).

This occurrs when the Object being returned via the RMI
calls is DSAPublicKey or contains an object of type 
DSAPublicKey.

This happens when stubs are generated with/without using 
"-vcompat" flag. The RMI call works if we remove the 
DSAPublicKey field from the Object or set it to null.

The exact stack trace is 

java.rmi.UnmarshalException: error unmarshalling return; nested
exception is:
	java.io.StreamCorruptedException
	at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:164)
	at PKServiceServer_Stub.getPK(Unknown Source)
	at PKServiceClient.main(PKServiceClient.java:31)
Caused by: java.io.StreamCorruptedException
	at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1301)
	at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:1845)
	at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1769)
	at
java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1646)
	at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1274)
	at java.io.ObjectInputStream.readObject(ObjectInputStream.java:324)
	at sun.rmi.server.UnicastRef.unmarshalValue(UnicastRef.java:297)
	at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:146)
	... 2 more


###@###.### 2005-2-24 05:34:09 GMT
Comments
EVALUATION This looks like a duplicate of 4938410, which was closed by the submitter after its root cause was explained (essentially, the serialized form of Key classes was standardized for 5.0, as 4532506, but a pre-5.0 VM cannot deserialize the new, standard serialized format). ###@###.### 2005-2-24 06:34:27 GMT To clarify the implication of the above note: because this CR is effectively a duplicate of 4938410 (although I am hesitant to mark it as such without further feedback, because 4938410 was closed by its submitter), the following excerpt of 4938410's evaluation applies: [snip] > In light of this explanation, it seems to me that 4938410 no longer > belongs in the java/rmi category, and further evaluation of this bug > should be worked out between the SMC team and the J2SE security team. > > It seems to me that a fundamental question here is: is this test's > requirement of passing a java.security.PublicKey instance from a 1.5 VM > to a 1.4 VM just an artifact of the test and the (current) test > environment, or is it (currently) a requirement of the final SMC > product? In particular, this bug is not a general RMI interoperability issue, so I am recategorizing it to java/classes_security for now, but I will remain on the interest list to participate in discussion as necessary. ###@###.### 2005-03-04 16:39:51 GMT This is not just for the testcase, but is verymuch required for communicating SMC between JDK1.5 and JDK1.4 ###@###.### 2005-03-14 14:00:46 GMT
24-02-2005
SUGGESTED FIX introduce a system property that will revert DSA public key serialization back to the pre-JDK 5.0 form. by default this property is not set. ###@###.### 2005-03-31 00:57:58 GMT
24-02-2005