[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [iaik-ssl] BadPaddingException



Most likely you are using an incorrect public key to verify the
certificate, i.e. not the one corresponding to the private key the
certificate was signed with.

 Andreas Sterbenz              mailto:Andreas.Sterbenz@iaik.tu-graz.ac.at

-----Ursprüngliche Nachricht-----
Von: Nell Rehn <nellrehn@midway.uchicago.edu>
An: <iaik-ssl@iaik.tu-graz.ac.at>
Gesendet: Montag, 20. September 1999 17:36
Betreff: [iaik-ssl] BadPaddingException


> Upon trying to read a certificate chain, I get the following exception:
>
> Connecting...
> Server certificate chain
> CN=limited proxy, OU=Mathematics and Computer Science Division,
O=Argonne
> National Laboratory, O=Globus, C=US
> java.security.SignatureException: javax.crypto.BadPaddingException:
> Invalid PKCS#1 padding: no leading zero!
>         at iaik.security.rsa.RSASignature.engineVerify(Compiled Code)
>         at java.security.Signature.verify(Compiled Code)
>         at iaik.x509.X509Certificate.verify(Compiled Code)
>         at iaik.x509.X509Certificate.verify(Compiled Code)
>         at
>
org.globus.security.GlobusClientTrustDecider.verifyCertificateChain(Compi
led
> Code)
>         at
> org.globus.security.GlobusClientTrustDecider.isTrustedPeer(Compiled
Code)
>         at iaik.security.ssl.x.d(Compiled Code)
>         at iaik.security.ssl.x.f(Compiled Code)
>         at iaik.security.ssl.r.c(Compiled Code)
>         at iaik.security.ssl.SSLSocket.startHandshake(Compiled Code)
>         at iaik.security.ssl.SSLSocket.getOutputStream(Compiled Code)
>         at org.globus.security.SSLConnection.connect(Compiled Code)
>         at org.globus.jgram.Client.doConnect(Compiled Code)
>         at org.globus.jgram.Client.status_poll(Compiled Code)
>         at Test.main(Compiled Code)
> iaik.security.ssl.SSLException: Untrusted Certificate!
>         at iaik.security.ssl.x.d(Compiled Code)
>         at iaik.security.ssl.x.f(Compiled Code)
>         at iaik.security.ssl.r.c(Compiled Code)
>         at iaik.security.ssl.SSLSocket.startHandshake(Compiled Code)
>         at iaik.security.ssl.SSLSocket.getOutputStream(Compiled Code)
>         at org.globus.security.SSLConnection.connect(Compiled Code)
>         at org.globus.jgram.Client.doConnect(Compiled Code)
>         at org.globus.jgram.Client.status_poll(Compiled Code)
>         at Test.main(Compiled Code)
>
> Now this certificate is one I have signed myself, with the following
code:
>
>    try {
> ncert.sign(AlgorithmID.md5WithRSAEncryption,upkey);
>       } catch (java.security.cert.CertificateException e4) {
> System.out.println("proxy_sign(): CertificateException: " +
>    e4.getMessage());
>       }
>
> What am I doing wrong?
>
> Thanks,
> Nell
>
> -----------------------------------------------------------------------
--------------
> http://www.mcs.anl.gov/~rehn
>
>
> --
> Mailinglist-archive at
http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-ssl/maillist.html
>
> To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the
folowing content: UNSUBSCRIBE iaik-ssl
>
>
>


smime.p7s