There are a few places in the code (such as reading system properties) that should be wrapped in AccessController.doPrivileged blocks so that applications that normally would not have these permissions can generate and validate signatures when run with a SecurityManager enabled.