[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] IAIK-JCE internal Error



Folks,

I got a spurious exception when signing a certificate:

iaik.utils.InternalErrorException
  java.lang.Throwable()
  java.lang.Exception()
  java.lang.RuntimeException()
  iaik.utils.InternalErrorException(java.lang.Exception)
  iaik.asn1.ASN1Object iaik.asn1.structures.AVA.toASN1Object()
  iaik.asn1.ASN1Object iaik.asn1.structures.RDN.toASN1Object()
  iaik.asn1.ASN1Object iaik.asn1.structures.Name.toASN1Object()
  void iaik.x509.X509Certificate.a()
  void iaik.x509.X509Certificate.sign(iaik.asn1.structures.AlgorithmID,
                                      iaik.java.security.PrivateKey)
  void unicore.pki.CertifcateFactory.generateCertificate()
  void unicore.pki.CertifcateFactory.connEtoC7(java.awt.event.ActionEvent)
  void unicore.pki.CertifcateFactory.actionPerformed(java.awt.event.ActionEvent)
  [... normal event queue following ...]
  
IAIK doc sais that if this kind of exception is thrown, an internal error or bug 
has shown up - and was not the fault of the user (?).

The error occurs with 
- IAIK-JCE2.5 Applet Edition
- IBM Visual Age for Java Personal Edition

Creating a self-signed certificate works fine, but any other certificate type will 
fail. For Subject and Issuer, I use the RDNs [ObjectID.]commonName, emailAddress, 
organizationalUnit, organization, location, country, uniqueIdentifier.

Since the certificates should work with Netscape, the following extensions were 
used:
For the self signed Ca certificate:
- BasicConstraints (cA=true, plc=3)
- KeyUsage         (keyCertSign)

For the CA certificate (for being signed with the self-signed one):
- BasicConstraints (cA=true, plc=2)
- KeyUsage         (keyCertSign)
- NetscapeCertType (SSL_CA, SMIME_CA, OBJECT_SIGNING_CA)

All extensions were flagged as being critical.
In all cases RSA keypairs with a "strength" of 512 bits are used.

Any help would be greatly appreciated.
Michel Drescher
// pallas  GmbH  ............  Michel Drescher  .........
   Hermuelheimer Str. 10       Analyst                   
   D-50321 Bruehl, Germany     drescher@pallas.com        
   fax +49-(0)2232-1896-29     phone  +49-(0)2232-1896-0 
   http://www.pallas.de        direct +49-(0)2232-1896-30
.........................................................


--
Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-jce/maillist.html

To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-jce