harmony-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alexander Kleymenov (JIRA)" <j...@apache.org>
Subject [jira] Updated: (HARMONY-2029) [classlib][x-net] JSSE Provider fails while communicating with 3rd party TLS server
Date Wed, 01 Nov 2006 09:21:55 GMT
     [ http://issues.apache.org/jira/browse/HARMONY-2029?page=all ]

Alexander Kleymenov updated HARMONY-2029:

    Attachment: patch-ds.txt

Currently the certificate_verify message for client's certificate with RSA keys is signed
with the cipher obtained by Cipher.getInstance("RSA"). Bouncy Castle Crypto provider (used
with Harmony) for "RSA" transformation returns cipher corresponding to "RSA/ECB/NoPadding"
transformation while TLS specification demands using of "RSA/ECB/PKCS1Padding". (BTW: JCE
for "RSA" returns cipher corresponding to "RSA/ECB/PKCS1Padding"). So the problem is in ambiguous
transformation string used for cipher creation. It should be more detailed.

Attached patch fixes this problem.

> [classlib][x-net] JSSE Provider fails while communicating with 3rd party TLS server
> -----------------------------------------------------------------------------------
>                 Key: HARMONY-2029
>                 URL: http://issues.apache.org/jira/browse/HARMONY-2029
>             Project: Harmony
>          Issue Type: Bug
>          Components: Classlib
>            Reporter: Alexander Kleymenov
>         Attachments: patch-ds.txt
> JSSE Provider fails while communicating with 3rd party TLS server demanding mutual authentication.
> The failure is reproducible if the client's certificate contains RSA key. Stack trace
for failure is:
> K0319javax.net.ssl.SSLException: Fatal alert received bad_certificate
>         at org.apache.harmony.xnet.provider.jsse.SSLSocketImpl.processAlert(SSLSocketImpl.java:791)
>         at org.apache.harmony.xnet.provider.jsse.SSLSocketImpl.doHandshake(SSLSocketImpl.java:732)
>         at org.apache.harmony.xnet.provider.jsse.SSLSocketImpl.startHandshake(SSLSocketImpl.java:438)

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


View raw message