[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [iaik-ssl] BadPaddingException





Nell Rehn wrote:
> 
> ---8<---8<--- Snip Snip ---8<---8<---
>
> The client gets the user certificate, checks some information about it.
> Then it gets the public key from the CertificateRequest with
> req.getPublicKey().

So you go the Original Public Key from the 'user certificate(?). 
 
> ---8<---8<--- Snip Snip ---8<---8<---
> then the public key of the new cert is set to the public key of the
> request.  and I sign the cert with my private key.

Her e you say you set the pub Key in the Cert to that of the request. Is
this the and sign it with 'my private key'. Are the Pub and Private keys
mentioned here from the same KeyPair?

I think I am still a bit confused about what you are doing.

> But then immediately after this, if I try to verify the new cert with the
> public key (of the request), I get the BadPaddingException.

I would expecet a Verify type exception, but nor a BadPaddingException.
Hmm. V Strange.


-------------------------------------------------------------------------------------
> http://www.mcs.anl.gov/~rehn
> 
> >
> >
> > Nell Rehn wrote:
> > >
> > > How can I tell whether I have the right public key to verifiy the
> > > certificate... since I am using my private key to sign the certificate,
> > > and the public key given to me by the server to try and verify it... I
> > > don't know what else to do, since I don't have a public key myself, only a
> > > private (limited) key.
> > >
> > > Nell
> > >
> >
> > Nell,
> >
> > I assume you need to check this in the TrustDecider for the Context. In
> > the isTrustedPeer() call you get an SSLCertificate veriable. This
> > variable contains a chain of certificates, whcih you can get using
> > getCertificateChain(). Normally this contains the whole chain, but some
> > servers only send the server cert and not the server cert and the CA
> > that signed it.
> >
> > Normally you can assume that the cert at index [n] can be verified using
> > the public key embedded in the cert at index [i+1]. The all works ontill
> > you get to the last cert, which is normally self-signed, so you have to
> > verify the cert wih it's own public key (you can use verify() without
> > Params).
> >
> > This is where the 'how can I turst the last in chain if it is self
> > signed' question comes into play. Well you don't. The only thing you can
> > do is either
> > 1) Ask the user if he wants to accept this Root CA, or
> > 2) Store a numbe of Root CA's in a KeyStore, or
> > 3) imbed them in your code, so you can compare them. (This has the
> > problem that the imbdedded Root CA's could expire. You need to be able
> > to update the class (Download or something) in this case.
> >
> > I am working on a project where I use a combination of 2) and 3). My
> > application should only connect to one of a number of predefined
> > servers. So I know what Root CA I should receive. So I imbed this in a
> > class. If I connect and I get another Root CA, I ask the user if he
> > wants to use this CA. (THis is if the CA has expired or changed on my
> > server). If So I keep the new CA in memory for the time that the
> > application is active. I also download a new version of the class that
> > included the new Root CA. So the next time the application connects, I
> > have the New Root CA imbedded.
> >
> > Hop that helps.
> >
> > Gil.
> >
> > > -------------------------------------------------------------------------------------
> > > http://www.mcs.anl.gov/~rehn
> > >
> > > On Wed, 22 Sep 1999, Andreas Sterbenz wrote:
> > >
> > > > Most likely you are using an incorrect public key to verify the
> > > > certificate, i.e. not the one corresponding to the private key the
> > > > certificate was signed with.
> > > >
> > > >  Andreas Sterbenz              mailto:Andreas.Sterbenz@iaik.tu-graz.ac.at
> > > >
> > > > -----Ursprüngliche Nachricht-----
> > > > Von: Nell Rehn <nellrehn@midway.uchicago.edu>
> > > > An: <iaik-ssl@iaik.tu-graz.ac.at>
> > > > Gesendet: Montag, 20. September 1999 17:36
> > > > Betreff: [iaik-ssl] BadPaddingException
> > > >
> > > >
> > > > > Upon trying to read a certificate chain, I get the following exception:
> > > > >
> > > > > Connecting...
> > > > > Server certificate chain
> > > > > CN=limited proxy, OU=Mathematics and Computer Science Division,
> > > > O=Argonne
> > > > > National Laboratory, O=Globus, C=US
> > > > > java.security.SignatureException: javax.crypto.BadPaddingException:
> > > > > Invalid PKCS#1 padding: no leading zero!
> > > > >         at iaik.security.rsa.RSASignature.engineVerify(Compiled Code)
> > > > >         at java.security.Signature.verify(Compiled Code)
> > > > >         at iaik.x509.X509Certificate.verify(Compiled Code)
> > > > >         at iaik.x509.X509Certificate.verify(Compiled Code)
> > > > >         at
> > > > >
> > > > org.globus.security.GlobusClientTrustDecider.verifyCertificateChain(Compi
> > > > led
> > > > > Code)
> > > > >         at
> > > > > org.globus.security.GlobusClientTrustDecider.isTrustedPeer(Compiled
> > > > Code)
> > > > >         at iaik.security.ssl.x.d(Compiled Code)
> > > > >         at iaik.security.ssl.x.f(Compiled Code)
> > > > >         at iaik.security.ssl.r.c(Compiled Code)
> > > > >         at iaik.security.ssl.SSLSocket.startHandshake(Compiled Code)
> > > > >         at iaik.security.ssl.SSLSocket.getOutputStream(Compiled Code)
> > > > >         at org.globus.security.SSLConnection.connect(Compiled Code)
> > > > >         at org.globus.jgram.Client.doConnect(Compiled Code)
> > > > >         at org.globus.jgram.Client.status_poll(Compiled Code)
> > > > >         at Test.main(Compiled Code)
> > > > > iaik.security.ssl.SSLException: Untrusted Certificate!
> > > > >         at iaik.security.ssl.x.d(Compiled Code)
> > > > >         at iaik.security.ssl.x.f(Compiled Code)
> > > > >         at iaik.security.ssl.r.c(Compiled Code)
> > > > >         at iaik.security.ssl.SSLSocket.startHandshake(Compiled Code)
> > > > >         at iaik.security.ssl.SSLSocket.getOutputStream(Compiled Code)
> > > > >         at org.globus.security.SSLConnection.connect(Compiled Code)
> > > > >         at org.globus.jgram.Client.doConnect(Compiled Code)
> > > > >         at org.globus.jgram.Client.status_poll(Compiled Code)
> > > > >         at Test.main(Compiled Code)
> > > > >
> > > > > Now this certificate is one I have signed myself, with the following
> > > > code:
> > > > >
> > > > >    try {
> > > > > ncert.sign(AlgorithmID.md5WithRSAEncryption,upkey);
> > > > >       } catch (java.security.cert.CertificateException e4) {
> > > > > System.out.println("proxy_sign(): CertificateException: " +
> > > > >    e4.getMessage());
> > > > >       }
> > > > >
> > > > > What am I doing wrong?
> > > > >
> > > > > Thanks,
> > > > > Nell
> > > > >
> > > > > -----------------------------------------------------------------------
> > > > --------------
> > > > > http://www.mcs.anl.gov/~rehn
> > > > >
> > > > >
> > > > > --
> > > > > Mailinglist-archive at
> > > > http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-ssl/maillist.html
> > > > >
> > > > > To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the
> > > > folowing content: UNSUBSCRIBE iaik-ssl
> > > > >
> > > > >
> > > > >
> > > >
> > > >
> > > >
> > >
> > > --
> > > Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-ssl/maillist.html
> > >
> > > To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-ssl
> > >
> >
> > --
> > -----------------------------------------------------------------------
> > Remove the .NOSPAM (DOT included) from my EMail address before replying
> > -----------------------------------------------------------------------
> > Gil Peeters
> > -----------------------------------------------------------------------
> > Remove the .NOSPAM (DOT included) from my EMail address before replying
> > -----------------------------------------------------------------------
> >
> 
> --
> Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-ssl/maillist.html
> 
> To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-ssl
> 

-- 
-----------------------------------------------------------------------
Remove the .NOSPAM (DOT included) from my EMail address before replying
-----------------------------------------------------------------------
Gil Peeters
-----------------------------------------------------------------------
Remove the .NOSPAM (DOT included) from my EMail address before replying
-----------------------------------------------------------------------
--
Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-ssl/maillist.html

To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-ssl