This Bugzilla instance is a read-only archive of historic NetBeans bug reports. To report a bug in NetBeans please follow the project's instructions for reporting issues.
NetBeans uses mekeytool.exe utility for list, import and remove certificates from device's _main.ks file. External IMP-NG devices don't provide access to their filesystem and user can't execute any operations with device's certificate storage. I suggest to make changes in file src\org\netbeans\modules\mobility\project\security\MEKeyTool.java: public static KeyDetail[] listKeys(final J2MEPlatform.Device device) { final String toolString = getMEKeyToolPath(device); String ksPath = keystoreForDevice(device); if (toolString == null) return null; try { final BufferedReader br = execute(new String[] { toolString, "-list", "-MEkeystore", ksPath}); // NOI18N When toolString == null this method should try to use "-Xdevice:<device_name> option instead of "-MEkeystore".
Clear component field since this is RFE to Mobility plugin, not to ME SDK integration itself
Created attachment 134426 [details] Modified key listing I can't test it with device, please try following: 1. Close NetBeans 2. Backup {NETBEANS_INSTALLATION_FOLDER}\mobility\modules\org-netbeans-modules-mobility-project.jar 3. Copy jar from attachment and replace original module in {NETBEANS_INSTALLATION_FOLDER}\mobility\modules\org-netbeans-modules-mobility-project.jar 4. restart NetBeans 5. Please write here whether provided jar fixes the problem
Decreasing priority to P3, this doesn't seem to critical usability problem.
Roman, hi! Thank you for your changes! I followed by your scenario and discovered that we need the additional similar changes. In a lot of files I see code: final String toolString = getMEKeyToolPath(platform); if (toolString == null) return null; Please do the similar change: add -Xdevice:device_name and remove -MEKeystore instead of returning null. Files were I found this code are: MEKeyTool.java ExportPanel.java MEKeyToolTest.java Maybe I omit other files. With regards, Michael.
Can you please write mekeytool command with particular arguments which you are using from command line for your device? Thanks.
In case of external devices mekeytool command will use option -Xdevice:device_name and no option -MEkeystore. The simplest way is to add option -Xdevice:device_name in any case. Mekeytool implementation can recognize the type of device (external or not) and ignore this option in case of local device.
Roman, sorry, please add option -Xdevice... only in case of file with name after -mekeystore was not found. With regards, Michael.
final String toolString = getMEKeyToolPath(device); can't be null anyway, because it is a path to mekeytool.exe. So then from which Java ME platform mekeytool.exe should be used?
Sorry, ksPath instead of toolString
So then you mean something like: String[] arguments = new String[]{toolString, "-list", "-MEkeystore", ksPath};; if (ksPath == null) { arguments = new String[]{toolString, "-list", "-Xdevice:" + device.getName()}; } ... final BufferedReader br = execute(arguments);
Of course! -:)
Created attachment 134480 [details] Modified key listing - v2 In attachment is new jar. Please try it. If there are still issues, maybe the best option would be if you can clone NetBeans repository, modify mentioned classes, build it and try with your device. Because we can't test on a device. Then if it would work, you can attach a patch for review here. Thanks. http://wiki.netbeans.org/HgHowTos (you do not have to do everything, just clone repository and open project in NetBeans)
Roman, thank you for jour jar and link. Now I am cloning the "main" repository and not yet finished. While I follow your script with new jar I found no changes in behavior. I think NetBeans contain a bug: My scenario was: 1. Start NetBeans 2. Open any JavaMe project 3. Project properties -> platform -> select any device OTHER THAN JavaMEPhone1 4. Project properties -> build ->signing -> press button "Open keystores manager" 5. Button "Add keystore" - you could get any keystore file or j2se_test_keystore.bin from attachment 5. Unlock this keystore (password keystorepwd for attached keystore) 6. Select any key (in attached keystore - newdummica) 7. Press key "Export" and check the commandlines contains "mekeytool.exe" Result: for any devices key is exported to JavaMEPhone1 main.ks. I set breakpoints into MeKeyTool.exe and options always were: -MEkeystore, C:\Users\mb155108\javame-sdk\3.3\work\JavaMEPhone1\appdb\_main.ks Should I issue a new bug? With regards, Michael.
Created attachment 134524 [details] Example keystore Example keystore
I tried mentioned scenario and I was not able to reproduce mentioned issue. Export worked well in all cases and all devices. So there is no need for new issue, sice I would have to close it as WORKSFORME because it works for me.
I tried with both ME SDK 3.2 and 3.3. Thanks for understanding.
I used NetBeans IDE Dev (Build 201305132300) for reproducing. When I use not-development version replacing jar causes problems.
When I restore org-netbeans-modules-mobility-project.jar to original problem is still present. Could you please get me a link to NetBeans which compatible with attached jars and contain no this problem?
Try latest dev build and please also try to create a new keystore for exporting.
Roman, hi! I cloned main progect and able now set breakpoints in NetBeans sources. Could you please explain me one place in source code? ExportPanel.java: if (platform instanceof J2MEPlatform) { J2MEPlatform.Device[] dev = ((J2MEPlatform) platform).getDevices(); for (J2MEPlatform.Device device : dev) { if (null != MEKeyTool.keystoreForDevice(device)) { Why NetBeans searches keystore file in all devices? I think the device should be taken from current open project. With regards, Michael.
I am not the author of original code, so maybe there were more reasons, but anyway, keystore manager is independent from projects. You don't have to have project opened. You can access it from Tools > Keystores.
Created attachment 134573 [details] Diff for commit Roman, hi! Please review and commit my suggested changes from attachment. I built NetBeance on my workplace and checked new diff. Befor changes when any device contained no _main.ks (such as external board), NetBeans displayed deys from first device only and doesn't prompt any other devices. Now the export panel suggest any device for user but on selecting an external one the error is displayed. When MEKeyTool.exe will support external devices this error will be eliminated. With regards, Michael.
Thanks, changes in your diff are exactly same as in second jar + few lines commented from ExportPanel's constructor, to include all results in combo box. But mekeytool.exe doesn't support -Xdevice:{device_name}, right?
Right :-) It still not support but it will be support.
Also, note that in ME8 the security model was significantly changed. As the result there is no security domains anymore. So, please remove combo box with selection of security domain in the keystore import dialog.
(In reply to alexander.burdukov from comment
(In reply to alexander.burdukov from comment #25) > Also, note that in ME8 the security model was significantly changed. As the > result there is no security domains anymore. > So, please remove combo box with selection of security domain in the > keystore import dialog. Could you please write more information about the changes? Will there be some replacement for security domains, or something completely new (except above already mentioned external devices)? Thanks!
> Could you please write more information about the changes? Will there be > some replacement for security domains, or something completely new (except > above already mentioned external devices)? Briefly, in MEEP the security model is completely changed in the following way: 1. No domains and mapping of domains to certificates anymore. 2. Instead, the certificates is the separate feature that is not connected directly to security model. Imported certificates can be used for SSL support and indirectly for security model (see below). 3. Instead of domains following is introduced 1) Security client, who defines permissions for an application (similar to security domain in MIDP) 2) Security Policy Provider. It is responsible to map particular security client to an application. 4. The set of security clients and security provider are implementation specific and can vary from device to device. ME SDK will include default security provider that will map imported certificates to security clients. So, since this mapping is implementation specific. it cannot be a part of NetBeans functionality and will be covered on ME SDK plugins side specific to ME SDK. That's why for MEEP devices you should provide only certificates importing feature without binding them to a domain/client. Full info about new security model can be found in MEEP spec (JSR 361).
Alexander, thank you for info. And one more question regarding ME SDK 8: In ME8 only MEEP profile will be supported? Or it would be possible also to use older profiles, like IMP-NG (which have "old" security model)? Based on that we should completely remove security domains from IDE, or just disable them in MEEP case.
(In reply to Roman Svitanic from comment #29) > Alexander, thank you for info. And one more question regarding ME SDK 8: In > ME8 only MEEP profile will be supported? Or it would be possible also to use > older profiles, like IMP-NG (which have "old" security model)? Based on that > we should completely remove security domains from IDE, or just disable them > in MEEP case. This is interesting question. We will support IMP-NG for backward compatibility, but security model will be new in this case as well. I guess if a device supports MEEP, you should rely on new security model regardless if IMP-NG supported or not, but if device supports only IMP-NG you should rely on the old security model.
Security domains in Keystores Manager are now available only for ME3.x devices, not for ME8. Listing of the keys for ME8 devices is handled via -list -Xdevice:<device name>. Changeset: http://hg.netbeans.org/jet-main/rev/745fb77017c6 I have one question regarding the import of new keys into the device: Command: mekeytool.exe -import -Xdevice:<device name> -keystore <path to keystore> -storepass <password> -alias <alias> is not working in ME SDK b29 (oracle_java_me_sdk-8_0-rr-bin-b29-win-28_nov_2013.zip 28-Nov-2013 16:47). Will it be fixed or this form of import is outdated? If it's outdated, what's current and correct one? Thanks!
(In reply to Roman Svitanic from comment #31) > Security domains in Keystores Manager are now available only for ME3.x > devices, not for ME8. Listing of the keys for ME8 devices is handled via > -list -Xdevice:<device name>. > > Changeset: > http://hg.netbeans.org/jet-main/rev/745fb77017c6 > > I have one question regarding the import of new keys into the device: > Command: > > mekeytool.exe -import -Xdevice:<device name> -keystore <path to keystore> > -storepass <password> -alias <alias> > > is not working in ME SDK b29 > (oracle_java_me_sdk-8_0-rr-bin-b29-win-28_nov_2013.zip 28-Nov-2013 16:47). > Will it be fixed or this form of import is outdated? If it's outdated, > what's current and correct one? Thanks! Fixed since ME SDK b31
(In reply to bregmanm1 from comment #32) > (In reply to Roman Svitanic from comment #31) > > Security domains in Keystores Manager are now available only for ME3.x > > devices, not for ME8. Listing of the keys for ME8 devices is handled via > > -list -Xdevice:<device name>. > > > > Changeset: > > http://hg.netbeans.org/jet-main/rev/745fb77017c6 > > > > I have one question regarding the import of new keys into the device: > > Command: > > > > mekeytool.exe -import -Xdevice:<device name> -keystore <path to keystore> > > -storepass <password> -alias <alias> > > > > is not working in ME SDK b29 > > (oracle_java_me_sdk-8_0-rr-bin-b29-win-28_nov_2013.zip 28-Nov-2013 16:47). > > Will it be fixed or this form of import is outdated? If it's outdated, > > what's current and correct one? Thanks! > > Fixed since ME SDK b31 Sorry, b30
(In reply to bregmanm1 from comment #33) > Sorry, b30 In build b30-1312011605 mekeytool.exe does not work. See https://javafx-jira.kenai.com/browse/MESDK-2103?focusedCommentId=372417&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-372417
Please, wait next nightly b30 build (it will be done tonight). The problem was fixed a couple of minutes ago. In our build system build number is changed only after promotion (usualy once per week).
OK, thanks for info.
Kestores manager now supports Java ME 8 devices. Implemented in: http://hg.netbeans.org/jet-main/rev/745fb77017c6 http://hg.netbeans.org/jet-main/rev/96056f84c5f7