harmony-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mark Spruiell (JIRA)" <j...@apache.org>
Subject [jira] Updated: (HARMONY-6047) SSLEngine fails when client certificate is requested
Date Mon, 15 Dec 2008 23:59:44 GMT

     [ https://issues.apache.org/jira/browse/HARMONY-6047?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Mark Spruiell updated HARMONY-6047:
-----------------------------------

    Attachment: example.tgz

This archive contains a client/server example that reproduces the problem.

> SSLEngine fails when client certificate is requested
> ----------------------------------------------------
>
>                 Key: HARMONY-6047
>                 URL: https://issues.apache.org/jira/browse/HARMONY-6047
>             Project: Harmony
>          Issue Type: Bug
>          Components: Classlib
>    Affects Versions: 5.0M8
>         Environment: Android & Linux (CentOS 5.2) x86 with Harmony 5.0M8
>            Reporter: Mark Spruiell
>         Attachments: example.tgz
>
>
> When using the SSLEngine in a server context, the SSL handshake fails if the
> engine is configured to request a certificate from a client. The handshake only
> succeeds in the following case:
> SSLEngine engine = ...
> engine.setWantClientAuth(false);
> engine.setNeedClientAuth(false);
> If true is passed to either method, handshaking fails and the server raises the
> following exception:
> javax.crypto.BadPaddingException: unknown block type
>         at org.bouncycastle.jce.provider.JCERSACipher.engineDoFinal(Unknown Source)
>         at javax.crypto.Cipher.doFinal(Cipher.java:660)
>         at org.apache.harmony.xnet.provider.jsse.DigitalSignature.verifySignature(DigitalSignature.java:216)
>         at org.apache.harmony.xnet.provider.jsse.ServerHandshakeImpl.unwrap(ServerHandshakeImpl.java:205)
>         at org.apache.harmony.xnet.provider.jsse.SSLRecordProtocol.unwrap(SSLRecordProtocol.java:419)
>         at org.apache.harmony.xnet.provider.jsse.SSLEngineImpl.unwrap(SSLEngineImpl.java:461)
>         at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:238)
>         at Handshaker.handshakeNonBlocking(Handshaker.java:113)
>         at Handshaker.initialize(Handshaker.java:37)
>         at Server.main(Server.java:63)
> javax.net.ssl.SSLHandshakeException: DECRYPT ERROR: CERTIFICATE_VERIFY incorrect signature
>         at org.apache.harmony.xnet.provider.jsse.HandshakeProtocol.fatalAlert(HandshakeProtocol.java:313)
>         at org.apache.harmony.xnet.provider.jsse.ServerHandshakeImpl.unwrap(ServerHandshakeImpl.java:206)
>         at org.apache.harmony.xnet.provider.jsse.SSLRecordProtocol.unwrap(SSLRecordProtocol.java:419)
>         at org.apache.harmony.xnet.provider.jsse.SSLEngineImpl.unwrap(SSLEngineImpl.java:461)
>         at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:238)
>         at Handshaker.handshakeNonBlocking(Handshaker.java:113)
>         at Handshaker.initialize(Handshaker.java:37)
>         at Server.main(Server.java:63)

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message