The errata list is a list of errors and their corrections that were found after the product was released.
The following errata were submitted by our customers and have not yet been approved or disproved by the author or editor. They solely represent the opinion of the customer.
| Version |
Location |
Description |
Submitted By |
| Printed |
Page i
Cover |
Ok, this is really picky, but I'm fairly sure that 'JSEE' doesn't exist. If I am assuming correctly, the banner on the corner should read 'Covers JAAS and JSSE'. Great book though!
|
Anonymous |
| Printed |
Page 34
2nd paragraph |
... and all code is allowed to read the java.vendor system property.
should read:
... and all code is allowed to read the java.version system property.
|
Anonymous |
| Printed |
Page 93
description of the method: public abstract boolean implies(Permission p) |
Checks to see if any permission in the collection implies the given permission.
should read
Checks to see if all permissions together in the collection implies the given permission.
|
Anonymous |
| Printed |
Page 108
3rd paragraph |
The first sentence begins:
So protection domain can grant...
This should read:
So a protection domain can grant...
|
Anonymous |
| Printed |
Page 114
last paragraph |
Let's assume that no class loader based package separation exists
-> 'no' should be omitted.
|
Anonymous |
| Printed |
Page 176
Code sample at bottom |
The first line of generateKeyPair() is:
int rotValue = random.nextInt() % 25;
This gives us a value between 0 and 24 inclusive. For a rotation cipher, a value of 0
would have no effect. We really want a value between 1 and 25 inclusive. Therefore,
the first line of generateKeyPair() should be:
int rotValue = (random.nextInt() % 25) + 1;
|
Anonymous |
| Printed |
Page 176
code at the top of the page. |
The getEncoded method appears to be transferring the rotValue field into an array of
four bytes. If that is the intended operation, then the rotValue field should be
shifted to the right, but instead it has been shifted to the left. Consequently, the
last three bytes of the array will always contain zero regardless of the contents of
the rotValue field. A similar error appears at the bottom of page 179.
The code bug is shown below.
public byte[] getEncoded() {
byte b[] = new byte[4];
b[3] = (byte) ((rotValue << 24) & 0xff);
b[2] = (byte) ((rotValue << 16) & 0xff);
b[1] = (byte) ((rotValue << 8) & 0xff);
b[0] = (byte) ((rotValue << 0) & 0xff);
return b;
}
Any value that is shifted to the left 24 bits and anded with 0xff will be zero. The
solution is to shift to the right.
|
Anonymous |
| Printed |
Page 179
Code sample at bottom |
The XORKey class has a data member:
int rotValue;
The same name is used in the XYZKey class on p. 175. As XORKey does not represent a
"key" for a rotation cipher, it would be clearer to use a different name for this
value, to differentiate it from the previous example. Perhaps a name like "xorValue"
would be clearer.
|
Anonymous |
| Printed |
Page 180
Code sample |
The method engineGenerateKey() calls the XORKey constructor with a byte argument,
rather than an int. While this would work, it uses only a fraction of the available
keyspace. The last three lines of engineGenerateKey() could be replaced with:
int n = sr.nextInt();
return new XORKey(n);
|
Anonymous |
| Printed |
Page 193
4th para |
If the certificate is invalid, this method throws a SignatureException (and not a
CertificateException).
|
Anonymous |
| Printed |
Page 209
2nd paragraph |
The first sentence of the paragraph reads:
Note that these CAs are the all from the same company.
The first instance of "the" in the sentence should be removed.
|
Anonymous |
| Printed |
Page 210
2nd definition and 4th definition |
The definitions of "-keypass password" (2nd definition) and "-storepass password"
(4th definition) appear to be switched. Based on what I read later in the chapter,
it looks like -keypass is to specify the password for the particular entry's private
key (particular alias) and -storepass is to specify the password for the entire
(global) keystore.
-keypass for alias
-storepass for keystore
|
Anonymous |
| Printed |
Page 249
4th paragraph |
Regarding the three overloaded doFinal() methods of the MAC class, the second
sentence states, "The last two methods allow you to specify the last data to include
in the MAC." Only the second method allows this; the third does not.
|
Anonymous |
| Printed |
Page 326
last line in the code SSLClientVerifier |
X500Name class is a part of
com.sun.net.ssl.internal.ssl.* package
in import statement is missing for SSLClientVerifier.
Should be added:
import com.sun.net.ssl.internal.ssl.*
|
Anonymous |
| Printed |
Page 360
Top of page 360. |
Near the top of page 360 the text is as follows.
On Microsoft Windows, the command looks like this:
C:files javac -classpath ......;actions CountFiles.java
End of Quote.
The above command line suggests that the javac command should be invoked from the
C:files directory. However, the command should be invoked from
C:filesjavasecsamplesch15.
|
Anonymous |
