RXOP

Hello,

We have a customer observing a strange behavior on some of their devices. When our custom authentication application is deployed to the device, the admin doing the deployment has the option to allow the built-in Scan application to be accessible to non-authenticated (guest) users.

To accomplish this, we set the USER_AUTHENTICATION__SCANNER SP mode value to 1:OFF using RXSP. This works without issue on all of the devices we have tested.

However, the customer noticed on their IM C400, under the "General Settings" for the Scanner, the "Print & Delete Scanner Records" field was being changed to "Print and Delete All". See image attached.

Despite this change, the SP mode value setting still works and does show the Scanner application to a user if they don't authenticate. So, no complaints there.

We have been unable to reproduce this behavior on our IM C2000 and our IM 550. However, I was able to reproduce the issue on our IM C300. The value was set to "Do not Print: Delete Oldest". After deploying and setting the SCANNER SP mode value to 1:OFF, the "Print & Delete Scanner Records" value was changed to "Print and Delete All".

I am attaching the deployment log and the device tracelog for the IM C400 from the customer. I can get more details easily from our IM C300 if we need them since I can reproduce it.

Regards
Bryan

Hi RiDP support,

When we use RXOP to call getAppInfo on MPC4503 device, RXOP return this error:

ricoh.rxop.rxcommon.RxopException: -- init -- SDK/J not found on device.
    at ricoh.rxop.rxinst.RicohJavaDevice.h(RicohJavaDevice.java)
    at ricoh.rxop.rxinst.RicohJavaDevice.e(RicohJavaDevice.java)
    at ricoh.rxop.rxinst.RicohJavaDevice.access$000(RicohJavaDevice.java)
    at ricoh.rxop.rxinst.al.run(al.java)
    at ricoh.rxop.rxinst.bB.run(bB.java)
    at java.lang.Thread.run(Thread.java:748)

We attached rlog.

Please advise.

Thanks.

Hello,

When I deploy our Print/Scan solution to our IM C2000 device in our lab (version 1.4.5), it deploys just fine.
When I deploy our Print/Scan solution to our IM C2000 device in our lab (version 1.4.7), it also deploys just fine.

But, if the device has 1.4.5 deployed and I attempt to deploy 1.4.7 over the top of 1.4.5, I get the following error:

ricoh.rxop.rxcommon.RxopException: -- install -- ERR_SOP_INSTALL_UNINSTALL_FAILED :: ApkInstaller internal error. :: :: ::
at ricoh.rxop.rxinst.RicohJavaDevice.c(RicohJavaDevice.java)
at ricoh.rxop.rxinst.RicohJavaDevice.a(RicohJavaDevice.java)
at ricoh.rxop.rxinst.RicohJavaDevice.install(RicohJavaDevice.java)
at ricoh.rxop.rxinst.RicohJavaDevice.install(RicohJavaDevice.java)
at ricohdeployment.RdCommon.installApps(Unknown Source)
at ricohdeployment.RdAndroid.deploy(Unknown Source)
at ricohdeployment.RdMain.processDeployment(Unknown Source)
at ricohdeployment.RdMain.executeAction(Unknown Source)
at ricohdeployment.RdMain.<init>(Unknown Source)
at ricohdeployment.RdMain.main(Unknown Source)
Caused by: ricoh.rxop.rxinst.g: ERR_SOP_INSTALL_UNINSTALL_FAILED :: ApkInstaller internal error. :: :: ::
at ricoh.rxop.rxinst.RicohJavaDevice.a(RicohJavaDevice.java)

This hasn't happened with any other versions of our software that I am aware of, only this latest one that we most recently got a maintenance signature for (1.4.7).

This has also happened on other devices we have tested, so it isn't only a problem with the IM C2000.

I am attaching the debug RXOP logs and the device tracelogs from our IM C2000.

Any ideas on what might be causing this?

Regards
Bryan

Hi RiDP support,

RXOP use  bcprov-jdk14-1.69.jar, which has CVE-2023-33201 security issue.

Please tell us how to resolve this issue?

When do you release next RXOP version which resolve this issue?

Do we have any workaround? Please advise.

Thanks.

Hi RiDP support,

I use rxop to set card reader information to MP C2004 device.

When using the User tool to view Pid/Vid settings, an error occurs: "Unfortunately, Setting 2 has stopped," and card reader information cannot be viewed. (as attached image001.png).

I attached machine log.

Please advise.

Thanks.

Using RXOP, what API can I use to determine if a device is full native or hybrid?

Hi

Regarding a recently incident
Subject: Get BouncyCastle issue with RXOP lib bcprov-jdk14-169.jar on Windows 10
Incident ID#: 4914

Kofax, we are able to provide a new RegisterAndroidRicohClient version to CIBC, using a workaround overriding java.security.properties in the scope of RegisterAndroidRicohClient, without change the java.security (attached)

But unfortunately, the customer has rejected the workarounds provided by Ricoh as their security policies prevent them from removing the security restrictions introduced by the latest Oracle Java updates.  The customer also stated that downgrading to a previous version of Oracle Java is not an option for them.

The customer, CIBC, is requesting the vendor - RiDP (Ricoh Development) to update their RXOP with a version of the BouncyCastle library that is signed using SHA-256 and that we release a new version of the Ricoh Android Registration Utility that is built using the requested updated version of RXOP to prevent this issue.

Could you please help to have a newer RXOP lib or a plan to fix the issue in the scope of RXOP lib?

Kind Regards

Ngoc

Hi RiDP support,

We have this security issue Vulnerability Id CVE-2021-37533 - commons-net-3.6.jar.

Please create new RXOP version to upgrade commons-net-3.6.jar to commons-net-3.9.0-rar (latest) and tell us when there is new RXOP version.

While we are waiting new RXOP version, RXOP can work with commons-net-3.9.0-rar so we can manually upgrade commons-net-3.6.jar to commons-net-3.9.0-rar?

Thanks.

Hi

We have a RegisterAndroidRicohClient tool which is using RXOP v3.8.3, and upgraded to newest RXOP v3.8.8 recently, both get the same issue, it cannot register our smartSDK application to Ricoh device.

The issue happens on Windows 10 on customer side only.

The log shows here, you can see further in the attached file.

Caused by: java.lang.SecurityException: JCE cannot authenticate the provider BC
    at javax.crypto.Cipher.getInstance(Cipher.java:664)
    at javax.crypto.Cipher.getInstance(Cipher.java:599)
    at ricoh.rxop.rxcommon.t.a(t.java)
    at ricoh.rxop.rxcommon.r.a(r.java)
    at ricoh.rxop.rxcommon.r.<init>(r.java)
    at ricoh.rxop.rxcommon.DeviceInfoList.<init>(DeviceInfoList.java)
    at ricoh.rxop.rxcommon.DeviceInfoList.getInstance(DeviceInfoList.java)
    ... 5 more
Caused by: java.util.jar.JarException: file:/D:/Shared/Case%20Files/KofaxRicohAndroidRegistration_6.0.1.2/libs/bcprov-jdk14-169.jar has unsigned entries - org/bouncycastle/LICENSE.class
    at javax.crypto.JarVerifier.verifySingleJar(JarVerifier.java:510)

Do you have any workaround or next release of RXOP without this issue?

Kind Regards

Ngoc

Hi,

We are developing a application to change service program (SP) setting of our client device using rxsp library. For that we need Access Control List (ACL) file to access SPManager to set spValue.

Kindly find ARC_ACL.txt from attachment for our required Service Program and permission. Kindly provide ACL file as per our requirement.

Thanks