[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [iaik-ssl] BadPaddingException





Nell Rehn wrote:
> 
> How can I tell whether I have the right public key to verifiy the
> certificate... since I am using my private key to sign the certificate,
> and the public key given to me by the server to try and verify it... I
> don't know what else to do, since I don't have a public key myself, only a
> private (limited) key.
> 
> Nell
> 

Nell,

I assume you need to check this in the TrustDecider for the Context. In
the isTrustedPeer() call you get an SSLCertificate veriable. This
variable contains a chain of certificates, whcih you can get using
getCertificateChain(). Normally this contains the whole chain, but some
servers only send the server cert and not the server cert and the CA
that signed it.

Normally you can assume that the cert at index [n] can be verified using
the public key embedded in the cert at index [i+1]. The all works ontill
you get to the last cert, which is normally self-signed, so you have to
verify the cert wih it's own public key (you can use verify() without
Params).

This is where the 'how can I turst the last in chain if it is self
signed' question comes into play. Well you don't. The only thing you can
do is either
1) Ask the user if he wants to accept this Root CA, or
2) Store a numbe of Root CA's in a KeyStore, or
3) imbed them in your code, so you can compare them. (This has the
problem that the imbdedded Root CA's could expire. You need to be able
to update the class (Download or something) in this case.

I am working on a project where I use a combination of 2) and 3). My
application should only connect to one of a number of predefined
servers. So I know what Root CA I should receive. So I imbed this in a
class. If I connect and I get another Root CA, I ask the user if he
wants to use this CA. (THis is if the CA has expired or changed on my
server). If So I keep the new CA in memory for the time that the
application is active. I also download a new version of the class that
included the new Root CA. So the next time the application connects, I
have the New Root CA imbedded.

Hop that helps.

Gil.

> -------------------------------------------------------------------------------------
> http://www.mcs.anl.gov/~rehn
> 
> On Wed, 22 Sep 1999, Andreas Sterbenz wrote:
> 
> > Most likely you are using an incorrect public key to verify the
> > certificate, i.e. not the one corresponding to the private key the
> > certificate was signed with.
> >
> >  Andreas Sterbenz              mailto:Andreas.Sterbenz@iaik.tu-graz.ac.at
> >
> > -----Ursprüngliche Nachricht-----
> > Von: Nell Rehn <nellrehn@midway.uchicago.edu>
> > An: <iaik-ssl@iaik.tu-graz.ac.at>
> > Gesendet: Montag, 20. September 1999 17:36
> > Betreff: [iaik-ssl] BadPaddingException
> >
> >
> > > Upon trying to read a certificate chain, I get the following exception:
> > >
> > > Connecting...
> > > Server certificate chain
> > > CN=limited proxy, OU=Mathematics and Computer Science Division,
> > O=Argonne
> > > National Laboratory, O=Globus, C=US
> > > java.security.SignatureException: javax.crypto.BadPaddingException:
> > > Invalid PKCS#1 padding: no leading zero!
> > >         at iaik.security.rsa.RSASignature.engineVerify(Compiled Code)
> > >         at java.security.Signature.verify(Compiled Code)
> > >         at iaik.x509.X509Certificate.verify(Compiled Code)
> > >         at iaik.x509.X509Certificate.verify(Compiled Code)
> > >         at
> > >
> > org.globus.security.GlobusClientTrustDecider.verifyCertificateChain(Compi
> > led
> > > Code)
> > >         at
> > > org.globus.security.GlobusClientTrustDecider.isTrustedPeer(Compiled
> > Code)
> > >         at iaik.security.ssl.x.d(Compiled Code)
> > >         at iaik.security.ssl.x.f(Compiled Code)
> > >         at iaik.security.ssl.r.c(Compiled Code)
> > >         at iaik.security.ssl.SSLSocket.startHandshake(Compiled Code)
> > >         at iaik.security.ssl.SSLSocket.getOutputStream(Compiled Code)
> > >         at org.globus.security.SSLConnection.connect(Compiled Code)
> > >         at org.globus.jgram.Client.doConnect(Compiled Code)
> > >         at org.globus.jgram.Client.status_poll(Compiled Code)
> > >         at Test.main(Compiled Code)
> > > iaik.security.ssl.SSLException: Untrusted Certificate!
> > >         at iaik.security.ssl.x.d(Compiled Code)
> > >         at iaik.security.ssl.x.f(Compiled Code)
> > >         at iaik.security.ssl.r.c(Compiled Code)
> > >         at iaik.security.ssl.SSLSocket.startHandshake(Compiled Code)
> > >         at iaik.security.ssl.SSLSocket.getOutputStream(Compiled Code)
> > >         at org.globus.security.SSLConnection.connect(Compiled Code)
> > >         at org.globus.jgram.Client.doConnect(Compiled Code)
> > >         at org.globus.jgram.Client.status_poll(Compiled Code)
> > >         at Test.main(Compiled Code)
> > >
> > > Now this certificate is one I have signed myself, with the following
> > code:
> > >
> > >    try {
> > > ncert.sign(AlgorithmID.md5WithRSAEncryption,upkey);
> > >       } catch (java.security.cert.CertificateException e4) {
> > > System.out.println("proxy_sign(): CertificateException: " +
> > >    e4.getMessage());
> > >       }
> > >
> > > What am I doing wrong?
> > >
> > > Thanks,
> > > Nell
> > >
> > > -----------------------------------------------------------------------
> > --------------
> > > http://www.mcs.anl.gov/~rehn
> > >
> > >
> > > --
> > > Mailinglist-archive at
> > http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-ssl/maillist.html
> > >
> > > To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the
> > folowing content: UNSUBSCRIBE iaik-ssl
> > >
> > >
> > >
> >
> >
> >
> 
> --
> Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-ssl/maillist.html
> 
> To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-ssl
> 

-- 
-----------------------------------------------------------------------
Remove the .NOSPAM (DOT included) from my EMail address before replying
-----------------------------------------------------------------------
Gil Peeters
-----------------------------------------------------------------------
Remove the .NOSPAM (DOT included) from my EMail address before replying
-----------------------------------------------------------------------
--
Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-ssl/maillist.html

To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-ssl