RSA ECB jvm 1.4.2
This is a topic rewritten because i add the code tag :(
Hi, im trying to do a simple PKCS7 RSA encryption, i only
need that a String can be encripted using RSA and padding
with PKCS7 but, i cant. I read a lot of topic in this forum, but
no one aparently do just i need...
I read that bouncy castle, has a special support for get
a Cipher instance that use the RSA for encrypt and
PKCS7 for padding i read at the bouncy castle doc
something like that:
Security.addProvider(new BouncyCastleProvider());
cipher = Cipher.getInstance("RSA/EBC/PKCS7", "BC");After that i get a key instance, and i generate the
public key and the private key:
KeyPairGenerator kg = KeyPairGenerator.getInstance("RSA");
kg.initialize(512);
KeyPair key = kg.generateKeyPair();
Key publicKey = key.getPublic();
Key privateKey = key.getPrivate();And finally i do the encryption:
byte[] input = plainText.getBytes("UTF8");
Cipher cipher = getCipher();
cipher.init(Cipher.ENCRYPT_MODE, encriptationKey);
byte[] cry = cipher.doFinal(input);
byte[] encriptado = Base64.encode(cry);But when i run the method i see in the output console
this message:
java.lang.IllegalArgumentException: can't support mode EBC at org.bouncycastle.jce.provider.JCERSACipher.engineSetMode(JCERSACipher.java:112)
at javax.crypto.Cipher.a(DashoA6275)
at javax.crypto.Cipher.getInstance(DashoA6275)
at org.EncriptionService.getCipher(EncriptionService.java:20)
at org.EncriptionService.encript(EncriptionService.java:66)
at org.EncriptionService.main(EncriptionService.java:40)
java.lang.NullPointerException
at org.EncriptionService.encript(EncriptionService.java:68)
at org.EncriptionService.main(EncriptionService.java:40)Anyone can help me please ?? I read documentation at
the bouncy castle, but i find nothing... :(
Please if anyone has a little piece of code that encrypt a
String with RSA and PKCS7 please posted it.
thank you.
See my response to your other post.
Similar Messages
-
"Cannot find any provider supporting RSA/ECB/PKCS1Padding" in jdk5
i use SSLSocket, HttpsURLConnection in program , run well in jdk1.4 but
get wrong in jdk1.5.0_06, saying "Cannot find any provider supporting RSA/ECB/PKCS1Padding".
i also try to use the "Unlimited Strength Jurisdiction Policy Files 5.0", but still not work.
anyone knows why?
thanks.I need more info to tell you exactly. But here are some thngs that might not be working.
1st let me say I am assuming you are trying RSA encryption?
1) You have an external JCE provider which provides RSA support installed on your machine using the security properties file. An applet would use a different properties file if you are using either RAW applet or the plugin. You need to add the provider explictly. Aka Security.addProvider(new org.cryptix.jce.Criptix());
2) The external provider's jar file is not being downloaded with your applet code. Note that the Sun Java plugin does not use the same jre/lib/ext directory as does the JDK.
3) Some sort of security violation in the SecurityManager of the applet engine if you are not using the Sun Java Plugin.
Those are just guesses. but it might help if you were to inform us as to what RSA function youa re trying to do. AKA Signature or Cipher.
Signatures would be a bit more complicated as at least JDK 141 and above have the SunRsaSigner built in. Again if you are using RAW applets (netscape/IE engine) then that would be the problem. (aka no provider installed). -
Encrypt RSA/ECB/OAEPWithSHA1AndMGF1Padding
hi,
i have to encrypt a simple string with RSA/ECB/OAEPWithSHA1AndMGF1Padding but i have no idea how to start this in java. there are too much security and crypto classes :8
i hope sombody can help me.
Edited by: z3ky on Dec 6, 2007 3:17 PMFirst, make sure you have an adequate understanding of cryptography. Java cryptography classes will be hard to understand without it. For example, normally RSA is not used to encrypt (or sign) data directly. If you don't know this or don't know why, then you need to study cryptography more.
I guess the heart of the encryption classes is the Cipher class. Thus, you would start with with something like Cipher rsaCipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding");Next, you need to initialize the cipher object with a mode, a key, and possible other items like an IV, depending on the nature and mode of the encryption algorithm. Here is a sample that generates an RSA Keypair and then initializes the Cipher object: KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
KeyPair kp = kpg.generateKeyPair();
RSAPublicKey rsaPubkey = (RSAPublicKey) kp.getPublic();
RSAPrivateKey rsaPrivkey = (RSAPrivateKey) kp.getPrivate();
rsaCipher.init(Cipher.ENCRYPT_MODE, rsaPubkey);Next, you have to decode your string into a byte array, then encrypt the array, and finally do something with the encrypted data. String sample = "This is a short string";
byte[] sampleBytes = sample.getBytes("UTF-8");
byte[] sampleCipher = rsaCipher.doFinal(sampleBytes);
System.out.println(Arrays.toString(sampleCipher)); -
Problem with RSA/AES and the wrapped Key
Hallo!
For a server-client communications, I would like to use a hybrid encryption.
For this I create an object of a serializable class that contains several properties, including the data that are to be transferred from A to B (Object, encrypted by AES), and the AES key, but wrapped by RSA (byte []).
My basic problem is, that if I send the wrapped key, I get at the destination another byte array and thus the key can not be decoded:
java.security.InvalidKeyException: Invalid AES key length: 256 bytes
When I look at the string representation of the byte array before sending and immediate after receiving, the byte arrays are diffrent. Why?
Extract from the encrypt method:
TransportObject obj = new TransportObject();
KeyGenerator keygen = KeyGenerator.getInstance("AES");
SecureRandom random = new SecureRandom();
keygen.init(random);
Key key = keygen.generateKey();
Cipher cipher = Cipher.getInstance("RSA/ECB/NoPadding");
cipher.init(Cipher.WRAP_MODE, publicKey);
byte[] wrappedKey = cipher.wrap(key);
// Here I put the byte array in the object to be transmitted
obj.setKey(wrappedKey);Extract from the decrypt method:
/ / Here I read the byte array from the received object
byte[] wrappedKey = obj.getKey();
Cipher cipher = Cipher.getInstance("RSA/ECB/NoPadding");
cipher.init(Cipher.UNWRAP_MODE, privateKey);
Key key = cipher.unwrap(wrappedKey, "AES", Cipher.SECRET_KEY);Here is the class that is serialized:
import java.io.Serializable;
public class TransportObject implements Serializable {
private static final long serialVersionUID = 5044061539587999682L;
private byte[] key;
private String type;
private byte[] data;
public static final int STRING = 1;
public static final int INT = 2;
public static final int CHAR = 3;
public TransportObject() {}
public TransportObject(byte[] key, String type, byte[] data) {
this.key = key;
this.type = type;
this.data = data;
public byte[] getKey() {
return key;
public void setKey(byte[] key) {
this.key = key;
}Sending is done via:
TransportObject obj = rsa.encrypt(objectToSend, keys.getPublicKey());
ObjectOutputStream os =
new ObjectOutputStream(socket.getOutputStream());
os.writeObject(obj);
os.flush();Receiving via
ois = new ObjectInputStream(
new BufferedInputStream(socket.getInputStream()));
TransportObject obj = (TransportObject) ois.readObject();
Object receivedObject = rsa.decrypt(obj, keys.getPrivateKey());Somehow, I hang down here.
Do I overlook something? Do I have an error in reasoning?
Thanks for any help!
Best regards
Sebastian Gohres
Edited by: Spencer82 on Aug 7, 2010 9:06 AM
Edited by: Spencer82 on Aug 7, 2010 9:08 AMDo I overlook something? Do I have an error in reasoning?I think at least 2.
1. Don't do this. The general problem has been solved. The solution is called TLS, and Java provides a API called the JSSE for you to use.
2.If you insist on rolling your own, don't specify NoPadding. Use PKCS1Padding. If you are going to use NoPadding, then you must provide your own padding scheme, which you have not. -
Eror: RSA premaster secret error on JDK 1.5.0_07-b03, Solaris platform
I have received error "[javax.net.ssl.SSLKeyException: RSA premaster secret error]
caused by [java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/PKCS1Padding]"
when running the following code snippet from command line[b]:
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
// Install the all-trusting trust manager
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
URL url = new URL("https://svn.apache.org/repos/asf/");
BufferedReader in = new BufferedReader(
new InputStreamReader(
url.openStream()));
String inputLine;
while ((inputLine = in.readLine()) != null)
System.out.println(inputLine);
in.close();Specially, the error only occurs when using JDK 1.5.0_07-b03 on Solaris platform.
I have tried using other JDK versions (e.g: 1.4.2_09-b05, etc...) and NOT see the error.
This is very strangle! It may be a bug of this JDK version?!!!
The below is all providers available on this JDK; search among these providers
I've found out a unusual point that we see no any provider implementing RSA.
So I doubt that this missing can lead to error
[java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/PKCS1Padding]
------------------- All providers avaible on JDK 1.5.0_07-b03, Solaris platform ------------
SUN = SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom;
X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores)
SunRsaSign = Sun RSA signature provider
SunJSSE = Sun JSSE provider(PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
SunJCE = SunJCE Provider (implements DES, Triple DES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5, HMAC-SHA1)
SunJGSS = Sun (Kerberos v5)
SunSASL = Sun SASL provider(implements client mechanisms for: DIGEST-MD5, GSSAPI, EXTERNAL, PLAIN, CRAM-MD5; server mechanisms for: DIGEST-MD5, GSSAPI, CRAM-MD5)
For the other JDK versions, we can see "implements RSA" and then everything works fine!
------------------- All providers avaible on other JDK versions, Windows/Solaris platform ------------
SUN = SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores)
SunJSSE = Sun JSSE provider([b]implements RSA Signatures, PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
SunRsaSign = SUN's provider for RSA signatures
SunJCE = SunJCE Provider (implements DES, Triple DES, AES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5, HMAC-SHA1)
SunJGSS = Sun (Kerberos v5)
I have downloaded and installed the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files version 5.0
but the error still occurs!
Does anybody know how to fix this error? Please!!!
All debug logs:
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1156020880 bytes = { 193, 133, 1, 170, 144, 169, 140, 138, 68, 202, 209, 91, 45, 104, 239, 18, 165, 7, 109, 248, 198, 11, 33, 107, 142, 135, 120, 149 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 73
0000: 01 00 00 45 03 01 45 E7 7B 90 C1 85 01 AA 90 A9 ...E..E.........
0010: 8C 8A 44 CA D1 5B 2D 68 EF 12 A5 07 6D F8 C6 0B ..D..[-h....m...
0020: 21 6B 8E 87 78 95 00 00 1E 00 04 00 05 00 2F 00 !k..x........./.
0030: 33 00 32 00 0A 00 16 00 13 00 09 00 15 00 12 00 3.2.............
0040: 03 00 08 00 14 00 11 01 00 .........
main, WRITE: TLSv1 Handshake, length = 73
[write] MD5 and SHA1 hashes: len = 98
0000: 01 03 01 00 39 00 00 00 20 00 00 04 01 00 80 00 ....9... .......
0010: 00 05 00 00 2F 00 00 33 00 00 32 00 00 0A 07 00 ..../..3..2.....
0020: C0 00 00 16 00 00 13 00 00 09 06 00 40 00 00 15 ............@...
0030: 00 00 12 00 00 03 02 00 80 00 00 08 00 00 14 00 ................
0040: 00 11 45 E7 7B 90 C1 85 01 AA 90 A9 8C 8A 44 CA ..E...........D.
0050: D1 5B 2D 68 EF 12 A5 07 6D F8 C6 0B 21 6B 8E 87 .[-h....m...!k..
0060: 78 95 x.
main, WRITE: SSLv2 client hello message, length = 98
[Raw write]: length = 100
0000: 80 62 01 03 01 00 39 00 00 00 20 00 00 04 01 00 .b....9... .....
0010: 80 00 00 05 00 00 2F 00 00 33 00 00 32 00 00 0A ....../..3..2...
0020: 07 00 C0 00 00 16 00 00 13 00 00 09 06 00 40 00 ..............@.
0030: 00 15 00 00 12 00 00 03 02 00 80 00 00 08 00 00 ................
0040: 14 00 00 11 45 E7 7B 90 C1 85 01 AA 90 A9 8C 8A ....E...........
0050: 44 CA D1 5B 2D 68 EF 12 A5 07 6D F8 C6 0B 21 6B D..[-h....m...!k
0060: 8E 87 78 95 ..x.
[Raw read]: length = 5
0000: 16 03 01 00 4A ....J
[Raw read]: length = 74
0000: 02 00 00 46 03 01 45 E6 B7 07 AC 7B 34 BC 5A 65 ...F..E.....4.Ze
0010: 97 CE 8B B3 9C 11 39 7B CC D2 94 A5 8C A0 B5 B5 ......9.........
0020: FB CD 4E A2 A5 70 20 40 C1 0B 11 F0 83 F7 E4 80 ..N..p @........
0030: F0 77 83 34 24 D5 1A 70 B4 B2 C6 16 DF 36 AD 95 .w.4$..p.....6..
0040: EA 45 09 93 F0 7A 5E 00 04 00 .E...z^...
main, READ: TLSv1 Handshake, length = 74
*** ServerHello, TLSv1
RandomCookie: GMT: 1155905287 bytes = { 172, 123, 52, 188, 90, 101, 151, 206, 139, 179, 156, 17, 57, 123, 204, 210, 148, 165, 140, 160, 181, 181, 251, 205, 78, 162, 165, 112 }
Session ID: {64, 193, 11, 17, 240, 131, 247, 228, 128, 240, 119, 131, 52, 36, 213, 26, 112, 180, 178, 198, 22, 223, 54, 173, 149, 234, 69, 9, 147, 240, 122, 94}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
[read] MD5 and SHA1 hashes: len = 74
0000: 02 00 00 46 03 01 45 E6 B7 07 AC 7B 34 BC 5A 65 ...F..E.....4.Ze
0010: 97 CE 8B B3 9C 11 39 7B CC D2 94 A5 8C A0 B5 B5 ......9.........
0020: FB CD 4E A2 A5 70 20 40 C1 0B 11 F0 83 F7 E4 80 ..N..p @........
0030: F0 77 83 34 24 D5 1A 70 B4 B2 C6 16 DF 36 AD 95 .w.4$..p.....6..
0040: EA 45 09 93 F0 7A 5E 00 04 00 .E...z^...
[Raw read]: length = 5
0000: 16 03 01 08 EB .....
[Raw read]: length = 2283
0000: 0B 00 08 E7 00 08 E4 00 04 99 30 82 04 95 30 82 ..........0...0.
0010: 03 FE A0 03 02 01 02 02 03 3F 3E DD 30 0D 06 09 .........?>.0...
0020: 2A 86 48 86 F7 0D 01 01 05 05 00 30 81 EC 31 0B *.H........0..1.
0030: 30 09 06 03 55 04 06 13 02 55 53 31 10 30 0E 06 0...U....US1.0..
0040: 03 55 04 08 13 07 41 72 69 7A 6F 6E 61 31 13 30 .U....Arizona1.0
0050: 11 06 03 55 04 07 13 0A 53 63 6F 74 74 73 64 61 ...U....Scottsda
0060: 6C 65 31 25 30 23 06 03 55 04 0A 13 1C 53 74 61 le1%0#..U....Sta
0070: 72 66 69 65 6C 64 20 54 65 63 68 6E 6F 6C 6F 67 rfield Technolog
0080: 69 65 73 2C 20 49 6E 63 2E 31 30 30 2E 06 03 55 ies, Inc.100...U
0090: 04 0B 13 27 68 74 74 70 3A 2F 2F 77 77 77 2E 73 ...'http://www.s
00A0: 74 61 72 66 69 65 6C 64 74 65 63 68 2E 63 6F 6D tarfieldtech.com
00B0: 2F 72 65 70 6F 73 69 74 6F 72 79 31 31 30 2F 06 /repository110/.
00C0: 03 55 04 03 13 28 53 74 61 72 66 69 65 6C 64 20 .U...(Starfield
00D0: 53 65 63 75 72 65 20 43 65 72 74 69 66 69 63 61 Secure Certifica
00E0: 74 69 6F 6E 20 41 75 74 68 6F 72 69 74 79 31 2A tion Authority1*
00F0: 30 28 06 09 2A 86 48 86 F7 0D 01 09 01 16 1B 70 0(..*.H........p
0100: 72 61 63 74 69 63 65 73 40 73 74 61 72 66 69 65 ractices@starfie
0110: 6C 64 74 65 63 68 2E 63 6F 6D 30 1E 17 0D 30 37 ldtech.com0...07
0120: 30 31 32 36 31 34 31 38 35 35 5A 17 0D 30 39 30 0126141855Z..090
0130: 31 32 36 31 34 31 38 35 35 5A 30 55 31 17 30 15 126141855Z0U1.0.
0140: 06 03 55 04 0A 13 0E 73 76 6E 2E 61 70 61 63 68 ..U....svn.apach
0150: 65 2E 6F 72 67 31 21 30 1F 06 03 55 04 0B 13 18 e.org1!0...U....
0160: 44 6F 6D 61 69 6E 20 43 6F 6E 74 72 6F 6C 20 56 Domain Control V
0170: 61 6C 69 64 61 74 65 64 31 17 30 15 06 03 55 04 alidated1.0...U.
0180: 03 13 0E 73 76 6E 2E 61 70 61 63 68 65 2E 6F 72 ...svn.apache.or
0190: 67 30 81 9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 g0..0...*.H.....
01A0: 01 05 00 03 81 8D 00 30 81 89 02 81 81 00 FC 1F .......0........
01B0: 45 06 36 E7 1B D4 41 AD A5 FC 08 44 D2 9D C6 42 E.6...A....D...B
01C0: 2D CB 52 94 74 70 6C 56 5D 84 4D 48 F2 2E 25 BA -.R.tplV].MH..%.
01D0: 9A CC 79 39 60 61 82 11 DE E5 2B 2A 61 D8 23 BC ..y9`a....+*a.#.
01E0: 2C 5D BC AD 61 2B 7B 36 6B CA 08 45 D5 D0 D0 03 ,]..a+.6k..E....
01F0: A4 71 EB 06 93 9F 37 C9 D3 E8 71 25 C1 7A FF 82 .q....7...q%.z..
0200: 88 E2 79 24 64 51 E6 FF 58 E7 D3 2E 0A AE 9F 1C ..y$dQ..X.......
0210: 11 7E 9C 21 6F 4D D4 10 96 77 B5 FF 30 25 47 28 ...!oM...w..0%G(
0220: 5D 34 B1 CE 50 78 55 C4 E3 F7 39 82 72 15 02 03 ]4..PxU...9.r...
0230: 01 00 01 A3 82 01 D9 30 82 01 D5 30 09 06 03 55 .......0...0...U
0240: 1D 13 04 02 30 00 30 0B 06 03 55 1D 0F 04 04 03 ....0.0...U.....
0250: 02 05 A0 30 1D 06 03 55 1D 25 04 16 30 14 06 08 ...0...U.%..0...
0260: 2B 06 01 05 05 07 03 01 06 08 2B 06 01 05 05 07 +.........+.....
0270: 03 02 30 56 06 03 55 1D 1F 04 4F 30 4D 30 4B A0 ..0V..U...O0M0K.
0280: 49 A0 47 86 45 68 74 74 70 3A 2F 2F 63 65 72 74 I.G.Ehttp://cert
0290: 69 66 69 63 61 74 65 73 2E 73 74 61 72 66 69 65 ificates.starfie
02A0: 6C 64 74 65 63 68 2E 63 6F 6D 2F 72 65 70 6F 73 ldtech.com/repos
02B0: 69 74 6F 72 79 2F 73 74 61 72 66 69 65 6C 64 69 itory/starfieldi
02C0: 73 73 75 69 6E 67 2E 63 72 6C 30 52 06 03 55 1D ssuing.crl0R..U.
02D0: 20 04 4B 30 49 30 47 06 0B 60 86 48 01 86 FD 6D .K0I0G..`.H...m
02E0: 01 07 17 01 30 38 30 36 06 08 2B 06 01 05 05 07 ....0806..+.....
02F0: 02 01 16 2A 68 74 74 70 3A 2F 2F 63 65 72 74 69 ...*http://certi
0300: 66 69 63 61 74 65 73 2E 67 6F 64 61 64 64 79 2E ficates.godaddy.
0310: 63 6F 6D 2F 72 65 70 6F 73 69 74 6F 72 79 30 81 com/repository0.
0320: 80 06 08 2B 06 01 05 05 07 01 01 04 74 30 72 30 ...+........t0r0
0330: 29 06 08 2B 06 01 05 05 07 30 01 86 1D 68 74 74 )..+.....0...htt
0340: 70 3A 2F 2F 6F 63 73 70 2E 73 74 61 72 66 69 65 p://ocsp.starfie
0350: 6C 64 74 65 63 68 2E 63 6F 6D 30 45 06 08 2B 06 ldtech.com0E..+.
0360: 01 05 05 07 30 02 86 39 68 74 74 70 3A 2F 2F 63 ....0..9http://c
0370: 65 72 74 69 66 69 63 61 74 65 73 2E 67 6F 64 61 ertificates.goda
0380: 64 64 79 2E 63 6F 6D 2F 72 65 70 6F 73 69 74 6F ddy.com/reposito
0390: 72 79 2F 73 66 5F 69 73 73 75 69 6E 67 2E 63 72 ry/sf_issuing.cr
03A0: 74 30 1D 06 03 55 1D 0E 04 16 04 14 FF 43 49 DF t0...U.......CI.
03B0: 9A BF B2 B3 31 00 A9 59 4B D6 C7 60 69 5B C4 7C ....1..YK..`i[..
03C0: 30 1F 06 03 55 1D 23 04 18 30 16 80 14 AC 55 DE 0...U.#..0....U.
03D0: B7 EA 13 EB FC 98 68 E2 53 60 1E F1 25 3E 8C EE ......h.S`..%>..
03E0: E7 30 2D 06 03 55 1D 11 04 26 30 24 82 0E 73 76 .0-..U...&0$..sv
03F0: 6E 2E 61 70 61 63 68 65 2E 6F 72 67 82 12 77 77 n.apache.org..ww
0400: 77 2E 73 76 6E 2E 61 70 61 63 68 65 2E 6F 72 67 w.svn.apache.org
0410: 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 03 0...*.H.........
0420: 81 81 00 07 B3 BE 51 D0 EB 61 07 91 9B D7 3B 8B ......Q..a....;.
0430: 4F B1 CC 5E E0 E1 92 1B 70 69 9C 22 08 FB 9C 46 O..^....pi."...F
0440: 0D 98 31 8E F2 3E E4 15 74 85 54 EF 01 FB 9C 90 ..1..>..t.T.....
0450: 9F 35 66 37 E4 DC AE EA E8 5B E0 DF 72 4B E9 90 .5f7.....[..rK..
0460: 52 77 CB 43 CF A1 CD 1D CE 14 FD 22 48 DD 52 CF Rw.C......."H.R.
0470: B5 35 74 42 E6 68 6A B3 FD 36 88 5C 5B E8 D7 1B .5tB.hj..6.\[...
0480: 60 D6 4F 78 9B BF 96 81 DD 44 43 A4 21 38 69 39 `.Ox.....DC.!8i9
0490: C2 3C BC 59 07 FB 84 9A CE 6F 38 6C E1 14 8C 88 .<.Y.....o8l....
04A0: F6 92 B9 00 04 45 30 82 04 41 30 82 03 AA A0 03 .....E0..A0.....
04B0: 02 01 02 02 02 01 04 30 0D 06 09 2A 86 48 86 F7 .......0...*.H..
04C0: 0D 01 01 05 05 00 30 81 BB 31 24 30 22 06 03 55 ......0..1$0"..U
04D0: 04 07 13 1B 56 61 6C 69 43 65 72 74 20 56 61 6C ....ValiCert Val
04E0: 69 64 61 74 69 6F 6E 20 4E 65 74 77 6F 72 6B 31 idation Network1
04F0: 17 30 15 06 03 55 04 0A 13 0E 56 61 6C 69 43 65 .0...U....ValiCe
0500: 72 74 2C 20 49 6E 63 2E 31 35 30 33 06 03 55 04 rt, Inc.1503..U.
0510: 0B 13 2C 56 61 6C 69 43 65 72 74 20 43 6C 61 73 ..,ValiCert Clas
0520: 73 20 32 20 50 6F 6C 69 63 79 20 56 61 6C 69 64 s 2 Policy Valid
0530: 61 74 69 6F 6E 20 41 75 74 68 6F 72 69 74 79 31 ation Authority1
0540: 21 30 1F 06 03 55 04 03 13 18 68 74 74 70 3A 2F !0...U....http:/
0550: 2F 77 77 77 2E 76 61 6C 69 63 65 72 74 2E 63 6F /www.valicert.co
0560: 6D 2F 31 20 30 1E 06 09 2A 86 48 86 F7 0D 01 09 m/1 0...*.H.....
0570: 01 16 11 69 6E 66 6F 40 76 61 6C 69 63 65 72 74 ...info@valicert
0580: 2E 63 6F 6D 30 1E 17 0D 30 34 30 31 31 34 32 31 .com0...04011421
0590: 30 35 32 31 5A 17 0D 32 34 30 31 30 39 32 31 30 0521Z..240109210
05A0: 35 32 31 5A 30 81 EC 31 0B 30 09 06 03 55 04 06 521Z0..1.0...U..
05B0: 13 02 55 53 31 10 30 0E 06 03 55 04 08 13 07 41 ..US1.0...U....A
05C0: 72 69 7A 6F 6E 61 31 13 30 11 06 03 55 04 07 13 rizona1.0...U...
05D0: 0A 53 63 6F 74 74 73 64 61 6C 65 31 25 30 23 06 .Scottsdale1%0#.
05E0: 03 55 04 0A 13 1C 53 74 61 72 66 69 65 6C 64 20 .U....Starfield
05F0: 54 65 63 68 6E 6F 6C 6F 67 69 65 73 2C 20 49 6E Technologies, In
0600: 63 2E 31 30 30 2E 06 03 55 04 0B 13 27 68 74 74 c.100...U...'htt
0610: 70 3A 2F 2F 77 77 77 2E 73 74 61 72 66 69 65 6C p://www.starfiel
0620: 64 74 65 63 68 2E 63 6F 6D 2F 72 65 70 6F 73 69 dtech.com/reposi
0630: 74 6F 72 79 31 31 30 2F 06 03 55 04 03 13 28 53 tory110/..U...(S
0640: 74 61 72 66 69 65 6C 64 20 53 65 63 75 72 65 20 tarfield Secure
0650: 43 65 72 74 69 66 69 63 61 74 69 6F 6E 20 41 75 Certification Au
0660: 74 68 6F 72 69 74 79 31 2A 30 28 06 09 2A 86 48 thority1*0(..*.H
0670: 86 F7 0D 01 09 01 16 1B 70 72 61 63 74 69 63 65 ........practice
0680: 73 40 73 74 61 72 66 69 65 6C 64 74 65 63 68 2E s@starfieldtech.
0690: 63 6F 6D 30 81 9D 30 0D 06 09 2A 86 48 86 F7 0D com0..0...*.H...
06A0: 01 01 01 05 00 03 81 8B 00 30 81 87 02 81 81 00 .........0......
06B0: DB 11 43 6B DC D1 69 78 59 49 E8 6E 74 14 08 74 ..Ck..ixYI.nt..t
06C0: 11 6C 7E B7 2A A8 22 D8 42 3C 7A CF 9F 50 B2 46 .l..*.".B<z..P.F
06D0: AE A6 67 1A 23 22 BE 0F B3 34 FB AC AC 90 AA 5B ..g.#"...4.....[
06E0: 28 C2 70 F6 B6 8A 80 2A E0 9B 9C 52 E0 91 A8 72 (.p....*...R...r
06F0: A0 16 E1 C4 4E 7D 11 09 B3 9E B9 D4 F3 B2 50 C4 ....N.........P.
0700: 6D 48 08 BD BC 2A 97 0C 6D A3 8A 6A 3C 9A CF 4A mH...*..m..j<..J
0710: 34 DC 1E DE EA 5A 26 C0 A1 A2 82 A9 4A FB 86 22 4....Z&.....J.."
0720: 12 90 3A B2 82 D4 92 91 9F A9 45 9F C3 A4 DB FB ..:.......E.....
0730: 02 01 03 A3 82 01 21 30 82 01 1D 30 0C 06 03 55 ......!0...0...U
0740: 1D 13 04 05 30 03 01 01 FF 30 0B 06 03 55 1D 0F ....0....0...U..
0750: 04 04 03 02 01 06 30 4A 06 03 55 1D 1F 04 43 30 ......0J..U...C0
0760: 41 30 3F A0 3D A0 3B 86 39 68 74 74 70 3A 2F 2F A0?.=.;.9http://
0770: 63 65 72 74 69 66 69 63 61 74 65 73 2E 73 74 61 certificates.sta
0780: 72 66 69 65 6C 64 74 65 63 68 2E 63 6F 6D 2F 72 rfieldtech.com/r
0790: 65 70 6F 73 69 74 6F 72 79 2F 72 6F 6F 74 2E 63 epository/root.c
07A0: 72 6C 30 4F 06 03 55 1D 20 04 48 30 46 30 44 06 rl0O..U. .H0F0D.
07B0: 0B 60 86 48 01 86 F8 45 01 07 17 03 30 35 30 33 .`.H...E....0503
07C0: 06 08 2B 06 01 05 05 07 02 01 16 27 68 74 74 70 ..+........'http
07D0: 3A 2F 2F 77 77 77 2E 73 74 61 72 66 69 65 6C 64 ://www.starfield
07E0: 74 65 63 68 2E 63 6F 6D 2F 72 65 70 6F 73 69 74 tech.com/reposit
07F0: 6F 72 79 30 39 06 08 2B 06 01 05 05 07 01 01 04 ory09..+........
0800: 2D 30 2B 30 29 06 08 2B 06 01 05 05 07 30 01 86 -0+0)..+.....0..
0810: 1D 68 74 74 70 3A 2F 2F 6F 63 73 70 2E 73 74 61 .http://ocsp.sta
0820: 72 66 69 65 6C 64 74 65 63 68 2E 63 6F 6D 30 1D rfieldtech.com0.
0830: 06 03 55 1D 0E 04 16 04 14 AC 55 DE B7 EA 13 EB ..U.......U.....
0840: FC 98 68 E2 53 60 1E F1 25 3E 8C EE E7 30 09 06 ..h.S`..%>...0..
0850: 03 55 1D 23 04 02 30 00 30 0D 06 09 2A 86 48 86 .U.#..0.0...*.H.
0860: F7 0D 01 01 05 05 00 03 81 81 00 7E 1C 98 BE AD ................
0870: 03 8D 25 85 EE 7C 90 88 22 2B FE 27 F4 42 B2 EC ..%....."+.'.B..
0880: 7F B5 FC 72 68 05 A4 7D 91 EF 28 D1 7D 20 39 3B ...rh.....(.. 9;
0890: 79 08 37 68 18 52 D5 8F 03 D2 89 4F 1E 11 D1 E9 y.7h.R.....O....
08A0: A5 74 4B FC 5F 67 65 84 71 84 78 59 B7 D6 C9 D7 .tK._ge.q.xY....
08B0: D7 93 35 E6 13 AB 94 3C 8E 93 40 89 8C C0 D7 F2 ..5....<..@.....
08C0: E7 07 52 D1 70 8F 98 8C EB A0 6D D1 36 53 90 A0 ..R.p.....m.6S..
08D0: 8F 16 30 1E DE C3 BF 7F 46 A5 95 2A F9 C8 DE 3B ..0.....F..*...;
08E0: DB 77 F4 F2 32 B1 33 61 A2 30 35 .w..2.3a.05
main, READ: TLSv1 Handshake, length = 2283
*** Certificate chain
chain [0] = [
Version: V3
Subject: CN=svn.apache.org, OU=Domain Control Validated, O=svn.apache.org
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 177046192487125873479707395472231760712994023170823729107519357415283325331982921967730914213256528653757249574574965555061897079727590228489004259023952254673707171152878504377042389446926800477336348814644929883742996944532880480307810812469119330106553760163160996800432869396169888003096567731172086542869
public exponent: 65537
Validity: [From: Fri Jan 26 21:18:55 GMT+07:00 2007,
To: Mon Jan 26 21:18:55 GMT+07:00 2009]
Issuer: [email protected], CN=Starfield Secure Certification Authority, OU=http://www.starfieldtech.com/repository, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US
SerialNumber: [ 3f3edd]
Certificate Extensions: 9
[1]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
[DNSName: svn.apache.org, DNSName: www.svn.apache.org]]
[2]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[accessMethod: 1.3.6.1.5.5.7.48.1
accessLocation: URIName: http://ocsp.starfieldtech.com, accessMethod: 1.3.6.1.5.5.7.48.2
accessLocation: URIName: http://certificates.godaddy.com/repository/sf_issuing.crt]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: AC 55 DE B7 EA 13 EB FC 98 68 E2 53 60 1E F1 25 .U.......h.S`..%
0010: 3E 8C EE E7 >...
[4]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: FF 43 49 DF 9A BF B2 B3 31 00 A9 59 4B D6 C7 60 .CI.....1..YK..`
0010: 69 5B C4 7C i[..
[5]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.114413.1.7.23.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 2A 68 74 74 70 3A 2F 2F 63 65 72 74 69 66 69 .*http://certifi
0010: 63 61 74 65 73 2E 67 6F 64 61 64 64 79 2E 63 6F cates.godaddy.co
0020: 6D 2F 72 65 70 6F 73 69 74 6F 72 79 m/repository
[6]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
[7]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
[1.3.6.1.5.5.7.3.1, 1.3.6.1.5.5.7.3.2]]
[8]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://certificates.starfieldtech.com/repository/starfieldissuing.crl]
[9]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_Encipherment
Algorithm: [SHA1withRSA]
Signature:
0000: 07 B3 BE 51 D0 EB 61 07 91 9B D7 3B 8B 4F B1 CC ...Q..a....;.O..
0010: 5E E0 E1 92 1B 70 69 9C 22 08 FB 9C 46 0D 98 31 ^....pi."...F..1
0020: 8E F2 3E E4 15 74 85 54 EF 01 FB 9C 90 9F 35 66 ..>..t.T......5f
0030: 37 E4 DC AE EA E8 5B E0 DF 72 4B E9 90 52 77 CB 7.....[..rK..Rw.
0040: 43 CF A1 CD 1D CE 14 FD 22 48 DD 52 CF B5 35 74 C......."H.R..5t
0050: 42 E6 68 6A B3 FD 36 88 5C 5B E8 D7 1B 60 D6 4F B.hj..6.\[...`.O
0060: 78 9B BF 96 81 DD 44 43 A4 21 38 69 39 C2 3C BC x.....DC.!8i9.<.
0070: 59 07 FB 84 9A CE 6F 38 6C E1 14 8C 88 F6 92 B9 Y.....o8l.......
chain [1] = [
Version: V3
Subject: [email protected], CN=Starfield Secure Certification Authority, OU=http://www.starfieldtech.com/repository, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 153834384376450951242132342676627381305301509455009131953436945251656166351716579980793170359435953119090647821771205994017554233524628677596597325652224171754745353602402317658335611344705389502813919100965160981561608463541714784267134488000708910634129917477877983632663540633248439611336221142925273521147
public exponent: 3
Validity: [From: Thu Jan 15 04:05:21 GMT+07:00 2004,
To: Wed Jan 10 04:05:21 GMT+07:00 2024]
Issuer: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
SerialNumber: [ 0104]
Certificate Extensions: 7
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: AC 55 DE B7 EA 13 EB FC 98 68 E2 53 60 1E F1 25 .U.......h.S`..%
0010: 3E 8C EE E7 >...
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
[3]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://certificates.starfieldtech.com/repository/root.crl]
[4]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.113733.1.7.23.3]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 27 68 74 74 70 3A 2F 2F 77 77 77 2E 73 74 61 .'http://www.sta
0010: 72 66 69 65 6C 64 74 65 63 68 2E 63 6F 6D 2F 72 rfieldtech.com/r
0020: 65 70 6F 73 69 74 6F 72 79 epository
[5]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
Key_CertSign
Crl_Sign
[6]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[accessMethod: 1.3.6.1.5.5.7.48.1
accessLocation: URIName: http://ocsp.starfieldtech.com]
[7]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [SHA1withRSA]
Signature:
0000: 7E 1C 98 BE AD 03 8D 25 85 EE 7C 90 88 22 2B FE .......%....."+.
0010: 27 F4 42 B2 EC 7F B5 FC 72 68 05 A4 7D 91 EF 28 '.B.....rh.....(
0020: D1 7D 20 39 3B 79 08 37 68 18 52 D5 8F 03 D2 89 .. 9;y.7h.R.....
0030: 4F 1E 11 D1 E9 A5 74 4B FC 5F 67 65 84 71 84 78 O.....tK._ge.q.x
0040: 59 B7 D6 C9 D7 D7 93 35 E6 13 AB 94 3C 8E 93 40 Y......5....<..@
0050: 89 8C C0 D7 F2 E7 07 52 D1 70 8F 98 8C EB A0 6D .......R.p.....m
0060: D1 36 53 90 A0 8F 16 30 1E DE C3 BF 7F 46 A5 95 .6S....0.....F..
0070: 2A F9 C8 DE 3B DB 77 F4 F2 32 B1 33 61 A2 30 35 *...;.w..2.3a.05
[read] MD5 and SHA1 hashes: len = 2283
0000: 0B 00 08 E7 00 08 E4 00 04 99 30 82 04 95 30 82 ..........0...0.
0010: 03 FE A0 03 02 01 02 02 03 3F 3E DD 30 0D 06 09 .........?>.0...
0020: 2A 86 48 86 F7 0D 01 01 05 05 00 30 81 EC 31 0B *.H........0..1.
0030: 30 09 06 03 55 04 06 13 02 55 53 31 10 30 0E 06 0...U....US1.0..
0040: 03 55 04 08 13 07 41 72 69 7A 6F 6E 61 31 13 30 .U....Arizona1.0
0050: 11 06 03 55 04 07 13 0A 53 63 6F 74 74 73 64 61 ...U....Scottsda
0060: 6C 65 31 25 30 23 06 03 55 04 0A 13 1C 53 74 61 le1%0#..U....Sta
0070: 72 66 69 65 6C 64 20 54 65 63 68 6E 6F 6C 6F 67 rfield Technolog
0080: 69 65 73 2C 20 49 6E 63 2E 31 30 30 2E 06 03 55 ies, Inc.100...U
0090: 04 0B 13 27 68 74 74 70 3A 2F 2F 77 77 77 2E 73 ...'http://www.s
00A0: 74 61 72 66 69 65 6C 64 74 65 63 68 2E 63 6F 6D tarfieldtech.com
00B0: 2F 72 65 70 6F 73 69 74 6F 72 79 31 31 30 2F 06 /repository110/.
00C0: 03 55 04 03 13 28 53 74 61 72 66 69 65 6C 64 20 .U...(Starfield
00D0: 53 65 63 75 72 65 20 43 65 72 74 69 66 69 63 61 Secure Certifica
00E0: 74 69 6F 6E 20 41 75 74 68 6F 72 69 74 79 31 2A tion Authority1*
00F0: 30 28 06 09 2A 86 48 86 F7 0D 01 09 01 16 1B 70 0(..*.H........p
0100: 72 61 63 74 69 63 65 73 40 73 74 61 72 66 69 65 ractices@starfie
0110: 6C 64 74 65 63 68 2E 63 6F 6D 30 1E 17 0D 30 37 ldtech.com0...07
0120: 30 31 32 36 31 34 31 38 35 35 5A 17 0D 30 39 30 0126141855Z..090
0130: 31 32 36 31 34 31 38 35 35 5A 30 55 31 17 30 15 126141855Z0U1.0.
0140: 06 03 55 04 0A 13 0E 73 76 6E 2E 61 70 61 63 68 ..U....svn.apach
0150: 65 2E 6F 72 67 31 21 30 1F 06 03 55 04 0B 13 18 e.org1!0...U....
0160: 44 6F 6D 61 69 6E 20 43 6F 6E 74 72 6F 6C 20 56 Domain Control V
0170: 61 6C 69 64 61 74 65 64 31 17 30 15 06 03 55 04 alidated1.0...U.
0180: 03 13 0E 73 76 6E 2E 61 70 61 63 68 65 2E 6F 72 ...svn.apache.or
0190: 67 30 81 9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 g0..0...*.H.....
01A0: 01 05 00 03 81 8D 00 30 81 89 02 81 81 00 FC 1F .......0........
01B0: 45 06 36 E7 1B D4 41 AD A5 FC 08 44 D2 9D C6 42 E.6...A....D...B
01C0: 2D CB 52 94 74 70 6C 56 5D 84 4D 48 F2 2E 25 BA -.R.tplV].MH..%.
01D0: 9A CC 79 39 60 61 82 11 DE E5 2B 2A 61 D8 23 BC ..y9`a....+*a.#.
01E0: 2C 5D BC AD 61 2B 7B 36 6B CA 08 45 D5 D0 D0 03 ,]..a+.6k..E....
01F0: A4 71 EB 06 93 9F 37 C9 D3 E8 71 25 C1 7A FF 82 .q....7...q%.z..
0200: 88 E2 79 24 64 51 E6 FF 58 E7 D3 2E 0A AE 9F 1C ..y$dQ..X.......
0210: 11 7E 9C 21 6F 4D D4 10 96 77 B5 FF 30 25 47 28 ...!oM...w..0%G(
0220: 5D 34 B1 CE 50 78 55 C4 E3 F7 39 82 72 15 02 03 ]4..PxU...9.r...
0230: 01 00 01 A3 82 01 D9 30 82 01 D5 30 09 06 03 55 .......0...0...U
0240: 1D 13 04 02 30 00 30 0B 06 03 55 1D 0F 04 04 03 ....0.0...U.....
0250: 02 05 A0 30 1D 06 03 55 1D 25 04 16 30 14 06 08 ...0...U.%..0...
0260: 2B 06 01 05 05 07 03 01 06 08 2B 06 01 05 05 07 +.........+.....
0270: 03 02 30 56 06 03 55 1D 1F 04 4F 30 4D 30 4B A0 ..0V..U...O0M0K.
0280: 49 A0 47 86 45 68 74 74 70 3A 2F 2F 63 65 72 74 I.G.Ehttp://cert
0290: 69 66 69 63 61 74 65 73 2E 73 74 61 72 66 69 65 ificates.starfie
02A0: 6C 64 74 65 63 68 2E 63 6F 6D 2F 72 65 70 6F 73 ldtech.com/repos
02B0: 69 74 6F 72 79 2F 73 74 61 72 66 69 65 6C 64 69 itory/starfieldi
02C0: 73 73 75 69 6E 67 2E 63 72 6C 30 52 06 03 55 1D ssuing.crl0R..U.
02D0: 20 04 4B 30 49 30 47 06 0B 60 86 48 01 86 FD 6D .K0I0G..`.H...m
02E0: 01 07 17 01 30 38 30 36 06 08 2B 06 01 05 05 07 ....0806..+.....
02F0: 02 01 16 2A 68 74 74 70 3A 2F 2F 63 65 72 74 69 ...*http://certi
0300: 66 69 63 61 74 65 73 2E 67 6F 64 61 64 64 79 2E ficates.godaddy.
0310: 63 6F 6D 2F 72 65 70 6F 73 69 74 6F 72 79 30 81 com/repository0.
0320: 80 06 08 2B 06 01 05 05 07 01 01 04 74 30 72 30 ...+........t0r0
0330: 29 06 08 2B 06 01 05 05 07 30 01 86 1D 68 74 74 )..+.....0...htt
0340: 70 3A 2F 2F 6F 63 73 70 2E 73 74 61 72 66 69 65 p://ocsp.starfie
0350: 6C 64 74 65 63 68 2E 63 6F 6D 30 45 06 08 2B 06 ldtech.com0E..+.
0360: 01 05 05 07 30 02 86 39 68 74 74 70 3A 2F 2F 63 ....0..9http://c
0370: 65 72 74 69 66 69 63 61 74 65 73 2E 67 6F 64 61 ertificates.goda
0380: 64 64 79 2E 63 6F 6D 2F 72 65 70 6F 73 69 74 6F ddy.com/reposito
0390: 72 79 2F 73 66 5F 69 73 73 75 69 6E 67 2E 63 72 ry/sf_issuing.cr
03A0: 74 30 1D 06 03 55 1D 0E 04 16 04 14 FF 43 49 DF t0...U.......CI.
03B0: 9A BF B2 B3 31 00 A9 59 4B D6 C7 60 69 5B C4 7C ....1..YK..`i[..
03C0: 30 1F 06 03 55 1D 23 04 18 30 16 80 14 AC 55 DE 0...U.#..0....U.
03D0: B7 EA 13 EB FC 98 68 E2 53 60 1E F1 25 3E 8C EE ......h.S`..%>..
03E0: E7 30 2D 06 03 55 1D 11 04 26 30 24 82 0E 73 76 .0-..U...&0$..sv
03F0: 6E 2E 61 70 61 63 68 65 2E 6F 72 67 82 12 77 77 n.apache.org..ww
0400: 77 2E 73 76 6E 2E 61 70 61 63 68 65 2E 6F 72 67 w.svn.apache.org
0410: 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 03 0...*.H.........
0420: 81 81 00 07 B3 BE 51 D0 EB 61 07 91 9B D7 3B 8B ......Q..a....;.
0430: 4F B1 CC 5E E0 E1 92 1B 70 69 9C 22 08 FB 9C 46 O..^....pi."...F
0440: 0D 98 31 8E F2 3E E4 15 74 85 54 EF 01 FB 9C 90 ..1..>..t.T.....
0450: 9F 35 66 37 E4 DC AE EA E8 5B E0 DF 72 4B E9 90 .5f7.....[..rK..
0460: 52 77 CB 43 CF A1 CD 1D CE 14 FD 22 48 DD 52 CF Rw.C......."H.R.
0470: B5 35 74 42 E6 68 6A B3 FD 36 88 5C 5B E8 D7 1B .5tB.hj..6.\[...
0480: 60 D6 4F 78 9B BF 96 81 DD 44 43 A4 21 38 69 39 `.Ox.....DC.!8i9
0490: C2 3C BC 59 07 FB 84 9A CE 6F 38 6I have received error "[javax.net.ssl.SSLKeyException: RSA premaster secret error]
caused by [java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/PKCS1Padding]"
when running the following code snippet from command line[b]:
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
// Install the all-trusting trust manager
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
URL url = new URL("https://svn.apache.org/repos/asf/");
BufferedReader in = new BufferedReader(
new InputStreamReader(
url.openStream()));
String inputLine;
while ((inputLine = in.readLine()) != null)
System.out.println(inputLine);
in.close();Specially, the error only occurs when using JDK 1.5.0_07-b03 on Solaris platform.
I have tried using other JDK versions (e.g: 1.4.2_09-b05, etc...) and NOT see the error.
This is very strangle! It may be a bug of this JDK version?!!!
The below is all providers available on this JDK; search among these providers
I've found out a unusual point that we see no any provider implementing RSA.
So I doubt that this missing can lead to error
[java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/PKCS1Padding]
------------------- All providers avaible on JDK 1.5.0_07-b03, Solaris platform ------------
SUN = SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom;
X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores)
SunRsaSign = Sun RSA signature provider
SunJSSE = Sun JSSE provider(PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
SunJCE = SunJCE Provider (implements DES, Triple DES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5, HMAC-SHA1)
SunJGSS = Sun (Kerberos v5)
SunSASL = Sun SASL provider(implements client mechanisms for: DIGEST-MD5, GSSAPI, EXTERNAL, PLAIN, CRAM-MD5; server mechanisms for: DIGEST-MD5, GSSAPI, CRAM-MD5)
For the other JDK versions, we can see "implements RSA" and then everything works fine!
------------------- All providers avaible on other JDK versions, Windows/Solaris platform ------------
SUN = SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores)
SunJSSE = Sun JSSE provider([b]implements RSA Signatures, PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
SunRsaSign = SUN's provider for RSA signatures
SunJCE = SunJCE Provider (implements DES, Triple DES, AES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5, HMAC-SHA1)
SunJGSS = Sun (Kerberos v5)
I have downloaded and installed the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files version 5.0
but the error still occurs!
Does anybody know how to fix this error? Please!!!
All debug logs:
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1156020880 bytes = { 193, 133, 1, 170, 144, 169, 140, 138, 68, 202, 209, 91, 45, 104, 239, 18, 165, 7, 109, 248, 198, 11, 33, 107, 142, 135, 120, 149 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 73
0000: 01 00 00 45 03 01 45 E7 7B 90 C1 85 01 AA 90 A9 ...E..E.........
0010: 8C 8A 44 CA D1 5B 2D 68 EF 12 A5 07 6D F8 C6 0B ..D..[-h....m...
0020: 21 6B 8E 87 78 95 00 00 1E 00 04 00 05 00 2F 00 !k..x........./.
0030: 33 00 32 00 0A 00 16 00 13 00 09 00 15 00 12 00 3.2.............
0040: 03 00 08 00 14 00 11 01 00 .........
main, WRITE: TLSv1 Handshake, length = 73
[write] MD5 and SHA1 hashes: len = 98
0000: 01 03 01 00 39 00 00 00 20 00 00 04 01 00 80 00 ....9... .......
0010: 00 05 00 00 2F 00 00 33 00 00 32 00 00 0A 07 00 ..../..3..2.....
0020: C0 00 00 16 00 00 13 00 00 09 06 00 40 00 00 15 ............@...
0030: 00 00 12 00 00 03 02 00 80 00 00 08 00 00 14 00 ................
0040: 00 11 45 E7 7B 90 C1 85 01 AA 90 A9 8C 8A 44 CA ..E...........D.
0050: D1 5B 2D 68 EF 12 A5 07 6D F8 C6 0B 21 6B 8E 87 .[-h....m...!k..
0060: 78 95 x.
main, WRITE: SSLv2 client hello message, length = 98
[Raw write]: length = 100
0000: 80 62 01 03 01 00 39 00 00 00 20 00 00 04 01 00 .b....9... .....
0010: 80 00 00 05 00 00 2F 00 00 33 00 00 32 00 00 0A ....../..3..2...
0020: 07 00 C0 00 00 16 00 00 13 00 00 09 06 00 40 00 ..............@.
0030: 00 15 00 00 12 00 00 03 02 00 80 00 00 08 00 00 ................
0040: 14 00 00 11 45 E7 7B 90 C1 85 01 AA 90 A9 8C 8A ....E...........
0050: 44 CA D1 5B 2D 68 EF 12 A5 07 6D F8 C6 0B 21 6B D..[-h....m...!k
0060: 8E 87 78 95 ..x.
[Raw read]: length = 5
0000: 16 03 01 00 4A ....J
[Raw read]: length = 74
0000: 02 00 00 46 03 01 45 E6 B7 07 AC 7B 34 BC 5A 65 ...F..E.....4.Ze
0010: 97 CE 8B B3 9C 11 39 7B CC D2 94 A5 8C A0 B5 B5 ......9.........
0020: FB CD 4E A2 A5 70 20 40 C1 0B 11 F0 83 F7 E4 80 ..N..p @........
0030: F0 77 83 34 24 D5 1A 70 B4 B2 C6 16 DF 36 AD 95 .w.4$..p.....6..
0040: EA 45 09 93 F0 7A 5E 00 04 00 .E...z^...
main, READ: TLSv1 Handshake, length = 74
*** ServerHello, TLSv1
RandomCookie: GMT: 1155905287 bytes = { 172, 123, 52, 188, 90, 101, 151, 206, 139, 179, 156, 17, 57, 123, 204, 210, 148, 165, 140, 160, 181, 181, 251, 205, 78, 162, 165, 112 }
Session ID: {64, 193, 11, 17, 240, 131, 247, 228, 128, 240, 119, 131, 52, 36, 213, 26, 112, 180, 178, 198, 22, 223, 54, 173, 149, 234, 69, 9, 147, 240, 122, 94}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
[read] MD5 and SHA1 hashes: len = 74
0000: 02 00 00 46 03 01 45 E6 B7 07 AC 7B 34 BC 5A 65 ...F..E.....4.Ze
0010: 97 CE 8B B3 9C 11 39 7B CC D2 94 A5 8C A0 B5 B5 ......9.........
0020: FB CD 4E A2 A5 70 20 40 C1 0B 11 F0 83 F7 E4 80 ..N..p @........
0030: F0 77 83 34 24 D5 1A 70 B4 B2 C6 16 DF 36 AD 95 .w.4$..p.....6..
0040: EA 45 09 93 F0 7A 5E 00 04 00 .E...z^...
[Raw read]: length = 5
0000: 16 03 01 08 EB .....
[Raw read]: length = 2283
0000: 0B 00 08 E7 00 08 E4 00 04 99 30 82 04 95 30 82 ..........0...0.
0010: 03 FE A0 03 02 01 02 02 03 3F 3E DD 30 0D 06 09 .........?>.0...
0020: 2A 86 48 86 F7 0D 01 01 05 05 00 30 81 EC 31 0B *.H........0..1.
0030: 30 09 06 03 55 04 06 13 02 55 53 31 10 30 0E 06 0...U....US1.0..
0040: 03 55 04 08 13 07 41 72 69 7A 6F 6E 61 31 13 30 .U....Arizona1.0
0050: 11 06 03 55 04 07 13 0A 53 63 6F 74 74 73 64 61 ...U....Scottsda
0060: 6C 65 31 25 30 23 06 03 55 04 0A 13 1C 53 74 61 le1%0#..U....Sta
0070: 72 66 69 65 6C 64 20 54 65 63 68 6E 6F 6C 6F 67 rfield Technolog
0080: 69 65 73 2C 20 49 6E 63 2E 31 30 30 2E 06 03 55 ies, Inc.100...U
0090: 04 0B 13 27 68 74 74 70 3A 2F 2F 77 77 77 2E 73 ...'http://www.s
00A0: 74 61 72 66 69 65 6C 64 74 65 63 68 2E 63 6F 6D tarfieldtech.com
00B0: 2F 72 65 70 6F 73 69 74 6F 72 79 31 31 30 2F 06 /repository110/.
00C0: 03 55 04 03 13 28 53 74 61 72 66 69 65 6C 64 20 .U...(Starfield
00D0: 53 65 63 75 72 65 20 43 65 72 74 69 66 69 63 61 Secure Certifica
00E0: 74 69 6F 6E 20 41 75 74 68 6F 72 69 74 79 31 2A tion Authority1*
00F0: 30 28 06 09 2A 86 48 86 F7 0D 01 09 01 16 1B 70 0(..*.H........p
0100: 72 61 63 74 69 63 65 73 40 73 74 61 72 66 69 65 ractices@starfie
0110: 6C 64 74 65 63 68 2E 63 6F 6D 30 1E 17 0D 30 37 ldtech.com0...07
0120: 30 31 32 36 31 34 31 38 35 35 5A 17 0D 30 39 30 0126141855Z..090
0130: 31 32 36 31 34 31 38 35 35 5A 30 55 31 17 30 15 126141855Z0U1.0.
0140: 06 03 55 04 0A 13 0E 73 76 6E 2E 61 70 61 63 68 ..U....svn.apach
0150: 65 2E 6F 72 67 31 21 30 1F 06 03 55 04 0B 13 18 e.org1!0...U....
0160: 44 6F 6D 61 69 6E 20 43 6F 6E 74 72 6F 6C 20 56 Domain Control V
0170: 61 6C 69 64 61 74 65 64 31 17 30 15 06 03 55 04 alidated1.0...U.
0180: 03 13 0E 73 76 6E 2E 61 70 61 63 68 65 2E 6F 72 ...svn.apache.or
0190: 67 30 81 9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 g0..0...*.H.....
01A0: 01 05 00 03 81 8D 00 30 81 89 02 81 81 00 FC 1F .......0........
01B0: 45 06 36 E7 1B D4 41 AD A5 FC 08 44 D2 9D C6 42 E.6...A....D...B
01C0: 2D CB 52 94 74 70 6C 56 5D 84 4D 48 F2 2E 25 BA -.R.tplV].MH..%.
01D0: 9A CC 79 39 60 61 82 11 DE E5 2B 2A 61 D8 23 BC ..y9`a....+*a.#.
01E0: 2C 5D BC AD 61 2B 7B 36 6B CA 08 45 D5 D0 D0 03 ,]..a+.6k..E....
01F0: A4 71 EB 06 93 9F 37 C9 D3 E8 71 25 C1 7A FF 82 .q....7...q%.z..
0200: 88 E2 79 24 64 51 E6 FF 58 E7 D3 2E 0A AE 9F 1C ..y$dQ..X.......
0210: 11 7E 9C 21 6F 4D D4 10 96 77 B5 FF 30 25 47 28 ...!oM...w..0%G(
0220: 5D 34 B1 CE 50 78 55 C4 E3 F7 39 82 72 15 02 03 ]4..PxU...9.r...
0230: 01 00 01 A3 82 01 D9 30 82 01 D5 30 09 06 03 55 .......0...0...U
0240: 1D 13 04 02 30 00 30 0B 06 03 55 1D 0F 04 04 03 ....0.0...U.....
0250: 02 05 A0 30 1D 06 03 55 1D 25 04 16 30 14 06 08 ...0...U.%..0...
0260: 2B 06 01 05 05 07 03 01 06 08 2B 06 01 05 05 07 +.........+.....
0270: 03 02 30 56 06 03 55 1D 1F 04 4F 30 4D 30 4B A0 ..0V..U...O0M0K.
0280: 49 A0 47 86 45 68 74 74 70 3A 2F 2F 63 65 72 74 I.G.Ehttp://cert
0290: 69 66 69 63 61 74 65 73 2E 73 74 61 72 66 69 65 ificates.starfie
02A0: 6C 64 74 65 63 68 2E 63 6F 6D 2F 72 65 70 6F 73 ldtech.com/repos
02B0: 69 74 6F 72 79 2F 73 74 61 72 66 69 65 6C 64 69 itory/starfieldi
02C0: 73 73 75 69 6E 67 2E 63 72 6C 30 52 06 03 55 1D ssuing.crl0R..U.
02D0: 20 04 4B 30 49 30 47 06 0B 60 86 48 01 86 FD 6D .K0I0G..`.H...m
02E0: 01 07 17 01 30 38 30 36 06 08 2B 06 01 05 05 07 ....0806..+.....
02F0: 02 01 16 2A 68 74 74 70 3A 2F 2F 63 65 72 74 69 ...*http://certi
0300: 66 69 63 61 74 65 73 2E 67 6F 64 61 64 64 79 2E ficates.godaddy.
0310: 63 6F 6D 2F 72 65 70 6F 73 69 74 6F 72 79 30 81 com/repository0.
0320: 80 06 08 2B 06 01 05 05 07 01 01 04 74 30 72 30 ...+........t0r0
0330: 29 06 08 2B 06 01 05 05 07 30 01 86 1D 68 74 74 )..+.....0...htt
0340: 70 3A 2F 2F 6F 63 73 70 2E 73 74 61 72 66 69 65 p://ocsp.starfie
0350: 6C 64 74 65 63 68 2E 63 6F 6D 30 45 06 08 2B 06 ldtech.com0E..+.
0360: 01 05 05 07 30 02 86 39 68 74 74 70 3A 2F 2F 63 ....0..9http://c
0370: 65 72 74 69 66 69 63 61 74 65 73 2E 67 6F 64 61 ertificates.goda
0380: 64 64 79 2E 63 6F 6D 2F 72 65 70 6F 73 69 74 6F ddy.com/reposito
0390: 72 79 2F 73 66 5F 69 73 73 75 69 6E 67 2E 63 72 ry/sf_issuing.cr
03A0: 74 30 1D 06 03 55 1D 0E 04 16 04 14 FF 43 49 DF t0...U.......CI.
03B0: 9A BF B2 B3 31 00 A9 59 4B D6 C7 60 69 5B C4 7C ....1..YK..`i[..
03C0: 30 1F 06 03 55 1D 23 04 18 30 16 80 14 AC 55 DE 0...U.#..0....U.
03D0: B7 EA 13 EB FC 98 68 E2 53 60 1E F1 25 3E 8C EE ......h.S`..%>..
03E0: E7 30 2D 06 03 55 1D 11 04 26 30 24 82 0E 73 76 .0-..U...&0$..sv
03F0: 6E 2E 61 70 61 63 68 65 2E 6F 72 67 82 12 77 77 n.apache.org..ww
0400: 77 2E 73 76 6E 2E 61 70 61 63 68 65 2E 6F 72 67 w.svn.apache.org
0410: 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 03 0...*.H.........
0420: 81 81 00 07 B3 BE 51 D0 EB 61 07 91 9B D7 3B 8B ......Q..a....;.
0430: 4F B1 CC 5E E0 E1 92 1B 70 69 9C 22 08 FB 9C 46 O..^....pi."...F
0440: 0D 98 31 8E F2 3E E4 15 74 85 54 EF 01 FB 9C 90 ..1..>..t.T.....
0450: 9F 35 66 37 E4 DC AE EA E8 5B E0 DF 72 4B E9 90 .5f7.....[..rK..
0460: 52 77 CB 43 CF A1 CD 1D CE 14 FD 22 48 DD 52 CF Rw.C......."H.R.
0470: B5 35 74 42 E6 68 6A B3 FD 36 88 5C 5B E8 D7 1B .5tB.hj..6.\[...
0480: 60 D6 4F 78 9B BF 96 81 DD 44 43 A4 21 38 69 39 `.Ox.....DC.!8i9
0490: C2 3C BC 59 07 FB 84 9A CE 6F 38 6C E1 14 8C 88 .<.Y.....o8l....
04A0: F6 92 B9 00 04 45 30 82 04 41 30 82 03 AA A0 03 .....E0..A0.....
04B0: 02 01 02 02 02 01 04 30 0D 06 09 2A 86 48 86 F7 .......0...*.H..
04C0: 0D 01 01 05 05 00 30 81 BB 31 24 30 22 06 03 55 ......0..1$0"..U
04D0: 04 07 13 1B 56 61 6C 69 43 65 72 74 20 56 61 6C ....ValiCert Val
04E0: 69 64 61 74 69 6F 6E 20 4E 65 74 77 6F 72 6B 31 idation Network1
04F0: 17 30 15 06 03 55 04 0A 13 0E 56 61 6C 69 43 65 .0...U....ValiCe
0500: 72 74 2C 20 49 6E 63 2E 31 35 30 33 06 03 55 04 rt, Inc.1503..U.
0510: 0B 13 2C 56 61 6C 69 43 65 72 74 20 43 6C 61 73 ..,ValiCert Clas
0520: 73 20 32 20 50 6F 6C 69 63 79 20 56 61 6C 69 64 s 2 Policy Valid
0530: 61 74 69 6F 6E 20 41 75 74 68 6F 72 69 74 79 31 ation Authority1
0540: 21 30 1F 06 03 55 04 03 13 18 68 74 74 70 3A 2F !0...U....http:/
0550: 2F 77 77 77 2E 76 61 6C 69 63 65 72 74 2E 63 6F /www.valicert.co
0560: 6D 2F 31 20 30 1E 06 09 2A 86 48 86 F7 0D 01 09 m/1 0...*.H.....
0570: 01 16 11 69 6E 66 6F 40 76 61 6C 69 63 65 72 74 ...info@valicert
0580: 2E 63 6F 6D 30 1E 17 0D 30 34 30 31 31 34 32 31 .com0...04011421
0590: 30 35 32 31 5A 17 0D 32 34 30 31 30 39 32 31 30 0521Z..240109210
05A0: 35 32 31 5A 30 81 EC 31 0B 30 09 06 03 55 04 06 521Z0..1.0...U..
05B0: 13 02 55 53 31 10 30 0E 06 03 55 04 08 13 07 41 ..US1.0...U....A
05C0: 72 69 7A 6F 6E 61 31 13 30 11 06 03 55 04 07 13 rizona1.0...U...
05D0: 0A 53 63 6F 74 74 73 64 61 6C 65 31 25 30 23 06 .Scottsdale1%0#.
05E0: 03 55 04 0A 13 1C 53 74 61 72 66 69 65 6C 64 20 .U....Starfield
05F0: 54 65 63 68 6E 6F 6C 6F 67 69 65 73 2C 20 49 6E Technologies, In
0600: 63 2E 31 30 30 2E 06 03 55 04 0B 13 27 68 74 74 c.100...U...'htt
0610: 70 3A 2F 2F 77 77 77 2E 73 74 61 72 66 69 65 6C p://www.starfiel
0620: 64 74 65 63 68 2E 63 6F 6D 2F 72 65 70 6F 73 69 dtech.com/reposi
0630: 74 6F 72 79 31 31 30 2F 06 03 55 04 03 13 28 53 tory110/..U...(S
0640: 74 61 72 66 69 65 6C 64 20 53 65 63 75 72 65 20 tarfield Secure
0650: 43 65 72 74 69 66 69 63 61 74 69 6F 6E 20 41 75 Certification Au
0660: 74 68 6F 72 69 74 79 31 2A 30 28 06 09 2A 86 48 thority1*0(..*.H
0670: 86 F7 0D 01 09 01 16 1B 70 72 61 63 74 69 63 65 ........practice
0680: 73 40 73 74 61 72 66 69 65 6C 64 74 65 63 68 2E s@starfieldtech.
0690: 63 6F 6D 30 81 9D 30 0D 06 09 2A 86 48 86 F7 0D com0..0...*.H...
06A0: 01 01 01 05 00 03 81 8B 00 30 81 87 02 81 81 00 .........0......
06B0: DB 11 43 6B DC D1 69 78 59 49 E8 6E 74 14 08 74 ..Ck..ixYI.nt..t
06C0: 11 6C 7E B7 2A A8 22 D8 42 3C 7A CF 9F 50 B2 46 .l..*.".B<z..P.F
06D0: AE A6 67 1A 23 22 BE 0F B3 34 FB AC AC 90 AA 5B ..g.#"...4.....[
06E0: 28 C2 70 F6 B6 8A 80 2A E0 9B 9C 52 E0 91 A8 72 (.p....*...R...r
06F0: A0 16 E1 C4 4E 7D 11 09 B3 9E B9 D4 F3 B2 50 C4 ....N.........P.
0700: 6D 48 08 BD BC 2A 97 0C 6D A3 8A 6A 3C 9A CF 4A mH...*..m..j<..J
0710: 34 DC 1E DE EA 5A 26 C0 A1 A2 82 A9 4A FB 86 22 4....Z&.....J.."
0720: 12 90 3A B2 82 D4 92 91 9F A9 45 9F C3 A4 DB FB ..:.......E.....
0730: 02 01 03 A3 82 01 21 30 82 01 1D 30 0C 06 03 55 ......!0...0...U
0740: 1D 13 04 05 30 03 01 01 FF 30 0B 06 03 55 1D 0F ....0....0...U..
0750: 04 04 03 02 01 06 30 4A 06 03 55 1D 1F 04 43 30 ......0J..U...C0
0760: 41 30 3F A0 3D A0 3B 86 39 68 74 74 70 3A 2F 2F A0?.=.;.9http://
0770: 63 65 72 74 69 66 69 63 61 74 65 73 2E 73 74 61 certificates.sta
0780: 72 66 69 65 6C 64 74 65 63 68 2E 63 6F 6D 2F 72 rfieldtech.com/r
0790: 65 70 6F 73 69 74 6F 72 79 2F 72 6F 6F 74 2E 63 epository/root.c
07A0: 72 6C 30 4F 06 03 55 1D 20 04 48 30 46 30 44 06 rl0O..U. .H0F0D.
07B0: 0B 60 86 48 01 86 F8 45 01 07 17 03 30 35 30 33 .`.H...E....0503
07C0: 06 08 2B 06 01 05 05 07 02 01 16 27 68 74 74 70 ..+........'http
07D0: 3A 2F 2F 77 77 77 2E 73 74 61 72 66 69 65 6C 64 ://www.starfield
07E0: 74 65 63 68 2E 63 6F 6D 2F 72 65 70 6F 73 69 74 tech.com/reposit
07F0: 6F 72 79 30 39 06 08 2B 06 01 05 05 07 01 01 04 ory09..+........
0800: 2D 30 2B 30 29 06 08 2B 06 01 05 05 07 30 01 86 -0+0)..+.....0..
0810: 1D 68 74 74 70 3A 2F 2F 6F 63 73 70 2E 73 74 61 .http://ocsp.sta
0820: 72 66 69 65 6C 64 74 65 63 68 2E 63 6F 6D 30 1D rfieldtech.com0.
0830: 06 03 55 1D 0E 04 16 04 14 AC 55 DE B7 EA 13 EB ..U.......U.....
0840: FC 98 68 E2 53 60 1E F1 25 3E 8C EE E7 30 09 06 ..h.S`..%>...0..
0850: 03 55 1D 23 04 02 30 00 30 0D 06 09 2A 86 48 86 .U.#..0.0...*.H.
0860: F7 0D 01 01 05 05 00 03 81 81 00 7E 1C 98 BE AD ................
0870: 03 8D 25 85 EE 7C 90 88 22 2B FE 27 F4 42 B2 EC ..%....."+.'.B..
0880: 7F B5 FC 72 68 05 A4 7D 91 EF 28 D1 7D 20 39 3B ...rh.....(.. 9;
0890: 79 08 37 68 18 52 D5 8F 03 D2 89 4F 1E 11 D1 E9 y.7h.R.....O....
08A0: A5 74 4B FC 5F 67 65 84 71 84 78 59 B7 D6 C9 D7 .tK._ge.q.xY....
08B0: D7 93 35 E6 13 AB 94 3C 8E 93 40 89 8C C0 D7 F2 ..5....<..@.....
08C0: E7 07 52 D1 70 8F 98 8C EB A0 6D D1 36 53 90 A0 ..R.p.....m.6S..
08D0: 8F 16 30 1E DE C3 BF 7F 46 A5 95 2A F9 C8 DE 3B ..0.....F..*...;
08E0: DB 77 F4 F2 32 B1 33 61 A2 30 35 .w..2.3a.05
main, READ: TLSv1 Handshake, length = 2283
*** Certificate chain
chain [0] = [
Version: V3
Subject: CN=svn.apache.org, OU=Domain Control Validated, O=svn.apache.org
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 177046192487125873479707395472231760712994023170823729107519357415283325331982921967730914213256528653757249574574965555061897079727590228489004259023952254673707171152878504377042389446926800477336348814644929883742996944532880480307810812469119330106553760163160996800432869396169888003096567731172086542869
public exponent: 65537
Validity: [From: Fri Jan 26 21:18:55 GMT+07:00 2007,
To: Mon Jan 26 21:18:55 GMT+07:00 2009]
Issuer: [email protected], CN=Starfield Secure Certification Authority, OU=http://www.starfieldtech.com/repository, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US
SerialNumber: [ 3f3edd]
Certificate Extensions: 9
[1]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
[DNSName: svn.apache.org, DNSName: www.svn.apache.org]]
[2]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[accessMethod: 1.3.6.1.5.5.7.48.1
accessLocation: URIName: http://ocsp.starfieldtech.com, accessMethod: 1.3.6.1.5.5.7.48.2
accessLocation: URIName: http://certificates.godaddy.com/repository/sf_issuing.crt]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: AC 55 DE B7 EA 13 EB FC 98 68 E2 53 60 1E F1 25 .U.......h.S`..%
0010: 3E 8C EE E7 >...
[4]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: FF 43 49 DF 9A BF B2 B3 31 00 A9 59 4B D6 C7 60 .CI.....1..YK..`
0010: 69 5B C4 7C i[..
[5]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.114413.1.7.23.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 2A 68 74 74 70 3A 2F 2F 63 65 72 74 69 66 69 .*http://certifi
0010: 63 61 74 65 73 2E 67 6F 64 61 64 64 79 2E 63 6F cates.godaddy.co
0020: 6D 2F 72 65 70 6F 73 69 74 6F 72 79 m/repository
[6]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
[7]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
[1.3.6.1.5.5.7.3.1, 1.3.6.1.5.5.7.3.2]]
[8]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://certificates.starfieldtech.com/repository/starfieldissuing.crl]
[9]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_Encipherment
Algorithm: [SHA1withRSA]
Signature:
0000: 07 B3 BE 51 D0 EB 61 07 91 9B D7 3B 8B 4F B1 CC ...Q..a....;.O..
0010: 5E E0 E1 92 1B 70 69 9C 22 08 FB 9C 46 0D 98 31 ^....pi."...F..1
0020: 8E F2 3E E4 15 74 85 54 EF 01 FB 9C 90 9F 35 66 ..>..t.T......5f
0030: 37 E4 DC AE EA E8 5B E0 DF 72 4B E9 90 52 77 CB 7.....[..rK..Rw.
0040: 43 CF A1 CD 1D CE 14 FD 22 48 DD 52 CF B5 35 74 C......."H.R..5t
0050: 42 E6 68 6A B3 FD 36 88 5C 5B E8 D7 1B 60 D6 4F B.hj..6.\[...`.O
0060: 78 9B BF 96 81 DD 44 43 A4 21 38 69 39 C2 3C BC x.....DC.!8i9.<.
0070: 59 07 FB 84 9A CE 6F 38 6C E1 14 8C 88 F6 92 B9 Y.....o8l.......
chain [1] = [
Version: V3
Subject: [email protected], CN=Starfield Secure Certification Authority, OU=http://www.starfieldtech.com/repository, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 153834384376450951242132342676627381305301509455009131953436945251656166351716579980793170359435953119090647821771205994017554233524628677596597325652224171754745353602402317658335611344705389502813919100965160981561608463541714784267134488000708910634129917477877983632663540633248439611336221142925273521147
public exponent: 3
Validity: [From: Thu Jan 15 04:05:21 GMT+07:00 2004,
To: Wed Jan 10 04:05:21 GMT+07:00 2024]
Issuer: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
SerialNumber: [ 0104]
Certificate Extensions: 7
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: AC 55 DE B7 EA 13 EB FC 98 68 E2 53 60 1E F1 25 .U.......h.S`..%
0010: 3E 8C EE E7 >...
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
[3]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://certificates.starfieldtech.com/repository/root.crl]
[4]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.113733.1.7.23.3]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 27 68 74 74 70 3A 2F 2F 77 77 77 2E 73 74 61 .'http://www.sta
0010: 72 66 69 65 6C 64 74 65 63 68 2E 63 6F 6D 2F 72 rfieldtech.com/r
0020: 65 70 6F 73 69 74 6F 72 79 epository
[5]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
Key_CertSign
Crl_Sign
[6]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[accessMethod: 1.3.6.1.5.5.7.48.1
accessLocation: URIName: http://ocsp.starfieldtech.com]
[7]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [SHA1withRSA]
Signature:
0000: 7E 1C 98 BE AD 03 8D 25 85 EE 7C 90 88 22 2B FE .......%....."+.
0010: 27 F4 42 B2 EC 7F B5 FC 72 68 05 A4 7D 91 EF 28 '.B.....rh.....(
0020: D1 7D 20 39 3B 79 08 37 68 18 52 D5 8F 03 D2 89 .. 9;y.7h.R.....
0030: 4F 1E 11 D1 E9 A5 74 4B FC 5F 67 65 84 71 84 78 O.....tK._ge.q.x
0040: 59 B7 D6 C9 D7 D7 93 35 E6 13 AB 94 3C 8E 93 40 Y......5....<..@
0050: 89 8C C0 D7 F2 E7 07 52 D1 70 8F 98 8C EB A0 6D .......R.p.....m
0060: D1 36 53 90 A0 8F 16 30 1E DE C3 BF 7F 46 A5 95 .6S....0.....F..
0070: 2A F9 C8 DE 3B DB 77 F4 F2 32 B1 33 61 A2 30 35 *...;.w..2.3a.05
[read] MD5 and SHA1 hashes: len = 2283
0000: 0B 00 08 E7 00 08 E4 00 04 99 30 82 04 95 30 82 ..........0...0.
0010: 03 FE A0 03 02 01 02 02 03 3F 3E DD 30 0D 06 09 .........?>.0...
0020: 2A 86 48 86 F7 0D 01 01 05 05 00 30 81 EC 31 0B *.H........0..1.
0030: 30 09 06 03 55 04 06 13 02 55 53 31 10 30 0E 06 0...U....US1.0..
0040: 03 55 04 08 13 07 41 72 69 7A 6F 6E 61 31 13 30 .U....Arizona1.0
0050: 11 06 03 55 04 07 13 0A 53 63 6F 74 74 73 64 61 ...U....Scottsda
0060: 6C 65 31 25 30 23 06 03 55 04 0A 13 1C 53 74 61 le1%0#..U....Sta
0070: 72 66 69 65 6C 64 20 54 65 63 68 6E 6F 6C 6F 67 rfield Technolog
0080: 69 65 73 2C 20 49 6E 63 2E 31 30 30 2E 06 03 55 ies, Inc.100...U
0090: 04 0B 13 27 68 74 74 70 3A 2F 2F 77 77 77 2E 73 ...'http://www.s
00A0: 74 61 72 66 69 65 6C 64 74 65 63 68 2E 63 6F 6D tarfieldtech.com
00B0: 2F 72 65 70 6F 73 69 74 6F 72 79 31 31 30 2F 06 /repository110/.
00C0: 03 55 04 03 13 28 53 74 61 72 66 69 65 6C 64 20 .U...(Starfield
00D0: 53 65 63 75 72 65 20 43 65 72 74 69 66 69 63 61 Secure Certifica
00E0: 74 69 6F 6E 20 41 75 74 68 6F 72 69 74 79 31 2A tion Authority1*
00F0: 30 28 06 09 2A 86 48 86 F7 0D 01 09 01 16 1B 70 0(..*.H........p
0100: 72 61 63 74 69 63 65 73 40 73 74 61 72 66 69 65 ractices@starfie
0110: 6C 64 74 65 63 68 2E 63 6F 6D 30 1E 17 0D 30 37 ldtech.com0...07
0120: 30 31 32 36 31 34 31 38 35 35 5A 17 0D 30 39 30 0126141855Z..090
0130: 31 32 36 31 34 31 38 35 35 5A 30 55 31 17 30 15 126141855Z0U1.0.
0140: 06 03 55 04 0A 13 0E 73 76 6E 2E 61 70 61 63 68 ..U....svn.apach
0150: 65 2E 6F 72 67 31 21 30 1F 06 03 55 04 0B 13 18 e.org1!0...U....
0160: 44 6F 6D 61 69 6E 20 43 6F 6E 74 72 6F 6C 20 56 Domain Control V
0170: 61 6C 69 64 61 74 65 64 31 17 30 15 06 03 55 04 alidated1.0...U.
0180: 03 13 0E 73 76 6E 2E 61 70 61 63 68 65 2E 6F 72 ...svn.apache.or
0190: 67 30 81 9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 g0..0...*.H.....
01A0: 01 05 00 03 81 8D 00 30 81 89 02 81 81 00 FC 1F .......0........
01B0: 45 06 36 E7 1B D4 41 AD A5 FC 08 44 D2 9D C6 42 E.6...A....D...B
01C0: 2D CB 52 94 74 70 6C 56 5D 84 4D 48 F2 2E 25 BA -.R.tplV].MH..%.
01D0: 9A CC 79 39 60 61 82 11 DE E5 2B 2A 61 D8 23 BC ..y9`a....+*a.#.
01E0: 2C 5D BC AD 61 2B 7B 36 6B CA 08 45 D5 D0 D0 03 ,]..a+.6k..E....
01F0: A4 71 EB 06 93 9F 37 C9 D3 E8 71 25 C1 7A FF 82 .q....7...q%.z..
0200: 88 E2 79 24 64 51 E6 FF 58 E7 D3 2E 0A AE 9F 1C ..y$dQ..X.......
0210: 11 7E 9C 21 6F 4D D4 10 96 77 B5 FF 30 25 47 28 ...!oM...w..0%G(
0220: 5D 34 B1 CE 50 78 55 C4 E3 F7 39 82 72 15 02 03 ]4..PxU...9.r...
0230: 01 00 01 A3 82 01 D9 30 82 01 D5 30 09 06 03 55 .......0...0...U
0240: 1D 13 04 02 30 00 30 0B 06 03 55 1D 0F 04 04 03 ....0.0...U.....
0250: 02 05 A0 30 1D 06 03 55 1D 25 04 16 30 14 06 08 ...0...U.%..0...
0260: 2B 06 01 05 05 07 03 01 06 08 2B 06 01 05 05 07 +.........+.....
0270: 03 02 30 56 06 03 55 1D 1F 04 4F 30 4D 30 4B A0 ..0V..U...O0M0K.
0280: 49 A0 47 86 45 68 74 74 70 3A 2F 2F 63 65 72 74 I.G.Ehttp://cert
0290: 69 66 69 63 61 74 65 73 2E 73 74 61 72 66 69 65 ificates.starfie
02A0: 6C 64 74 65 63 68 2E 63 6F 6D 2F 72 65 70 6F 73 ldtech.com/repos
02B0: 69 74 6F 72 79 2F 73 74 61 72 66 69 65 6C 64 69 itory/starfieldi
02C0: 73 73 75 69 6E 67 2E 63 72 6C 30 52 06 03 55 1D ssuing.crl0R..U.
02D0: 20 04 4B 30 49 30 47 06 0B 60 86 48 01 86 FD 6D .K0I0G..`.H...m
02E0: 01 07 17 01 30 38 30 36 06 08 2B 06 01 05 05 07 ....0806..+.....
02F0: 02 01 16 2A 68 74 74 70 3A 2F 2F 63 65 72 74 69 ...*http://certi
0300: 66 69 63 61 74 65 73 2E 67 6F 64 61 64 64 79 2E ficates.godaddy.
0310: 63 6F 6D 2F 72 65 70 6F 73 69 74 6F 72 79 30 81 com/repository0.
0320: 80 06 08 2B 06 01 05 05 07 01 01 04 74 30 72 30 ...+........t0r0
0330: 29 06 08 2B 06 01 05 05 07 30 01 86 1D 68 74 74 )..+.....0...htt
0340: 70 3A 2F 2F 6F 63 73 70 2E 73 74 61 72 66 69 65 p://ocsp.starfie
0350: 6C 64 74 65 63 68 2E 63 6F 6D 30 45 06 08 2B 06 ldtech.com0E..+.
0360: 01 05 05 07 30 02 86 39 68 74 74 70 3A 2F 2F 63 ....0..9http://c
0370: 65 72 74 69 66 69 63 61 74 65 73 2E 67 6F 64 61 ertificates.goda
0380: 64 64 79 2E 63 6F 6D 2F 72 65 70 6F 73 69 74 6F ddy.com/reposito
0390: 72 79 2F 73 66 5F 69 73 73 75 69 6E 67 2E 63 72 ry/sf_issuing.cr
03A0: 74 30 1D 06 03 55 1D 0E 04 16 04 14 FF 43 49 DF t0...U.......CI.
03B0: 9A BF B2 B3 31 00 A9 59 4B D6 C7 60 69 5B C4 7C ....1..YK..`i[..
03C0: 30 1F 06 03 55 1D 23 04 18 30 16 80 14 AC 55 DE 0...U.#..0....U.
03D0: B7 EA 13 EB FC 98 68 E2 53 60 1E F1 25 3E 8C EE ......h.S`..%>..
03E0: E7 30 2D 06 03 55 1D 11 04 26 30 24 82 0E 73 76 .0-..U...&0$..sv
03F0: 6E 2E 61 70 61 63 68 65 2E 6F 72 67 82 12 77 77 n.apache.org..ww
0400: 77 2E 73 76 6E 2E 61 70 61 63 68 65 2E 6F 72 67 w.svn.apache.org
0410: 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 03 0...*.H.........
0420: 81 81 00 07 B3 BE 51 D0 EB 61 07 91 9B D7 3B 8B ......Q..a....;.
0430: 4F B1 CC 5E E0 E1 92 1B 70 69 9C 22 08 FB 9C 46 O..^....pi."...F
0440: 0D 98 31 8E F2 3E E4 15 74 85 54 EF 01 FB 9C 90 ..1..>..t.T.....
0450: 9F 35 66 37 E4 DC AE EA E8 5B E0 DF 72 4B E9 90 .5f7.....[..rK..
0460: 52 77 CB 43 CF A1 CD 1D CE 14 FD 22 48 DD 52 CF Rw.C......."H.R.
0470: B5 35 74 42 E6 68 6A B3 FD 36 88 5C 5B E8 D7 1B .5tB.hj..6.\[...
0480: 60 D6 4F 78 9B BF 96 81 DD 44 43 A4 21 38 69 39 `.Ox.....DC.!8i9
0490: C2 3C BC 59 07 FB 84 9A CE 6F 38 6 -
RSA with Cryptix: can encrypt but not decrypt? Please help.. :)
Hi all,
I've been trying to do RSA encryption/decryption using a pair of keys created with keytool. I've been able to encrypt some bytes, but when I attempt to decrypt the results immediately using the private key, I received the following exception:
IllegalBlockSizeException: RSA: Cipher in DECRYPT state with an incomplete final block
Please can anyone save me out of my misery and shed some light on this problem? Thanks a great deal in advance.
Best Regards,
Kenshin
Here are the code snippets:
// 1. imported APIs:
import javax.net.ssl.*;
import java.io.*;
import java.security.*;
import java.security.interfaces.*;
import java.security.spec.*;
import java.security.cert.*;
import java.security.cert.Certificate;
import javax.crypto.*;
import javax.crypto.spec.*;
import cryptix.provider.Cryptix;
import xjava.security.Cipher;
import xjava.security.CipherInputStream;
import xjava.security.CipherOutputStream;
import xjava.security.interfaces.*;
import cryptix.provider.rsa.*;
// 2. Getting the Public Key from the created cert:
File certFile = new File("c:/keystore/jbossSSL.cer");
FileInputStream certFileInStream = new FileInputStream(certFile);
CertificateFactory cf = CertificateFactory.getInstance("X509");
Certificate cert = (Certificate)cf.generateCertificate(certFileInStream);
RSAPublicKey serverPublicKey = (RSAPublicKey)cert.getPublicKey();
// 3. Doing the encryption:
Security.addProvider( new cryptix.provider.Cryptix());
Cipher cipherInstance = Cipher.getInstance("RSA/ECB/PKCS7", "Cryptix");
CryptixRSAPublicKey vCryptixRSAPubKey = (CryptixRSAPublicKey) new RawRSAPublicKey(serverPublicKey.getPublicExponent());
cipherInstance.initEncrypt(vCryptixRSAPubKey);
System.out.println("String to be encypted: " + sRandomString);
// Sample of what is printed: String to be encypted: 2201162506010696613
ByteArrayInputStream clearTextInStream = new ByteArrayInputStream(sRandomString.getBytes());
CipherInputStream cInStream = new CipherInputStream(clearTextInStream, cipherInstance);
ByteArrayOutputStream cipherTextOutStream = new ByteArrayOutputStream();
CipherOutputStream cOutStream = new CipherOutputStream(cipherTextOutStream, cipherInstance);
byte[] buffer = new byte[8192];
int length;
while((length= cInStream.read(buffer))!=-1)
cOutStream.write(buffer, 0, length);
cOutStream.close();
cInStream.close();
cipherTextOutStream.close();
clearTextInStream.close();
String sEncodedString = new String(cipherTextOutStream.toByteArray());
System.out.println("String encrpted: " + sEncodedString);
// Sample of what is printed: String to encrpted: 2 2 01 1 6 25 0 6 01 0 6 96 6 1 3☺ ☻☻
// 4. Getting the Private key from the keystore
FileInputStream in = new FileInputStream("C:/keystore/jbossSSL.keystore");
KeyStore catalinaKeyStore = KeyStore.getInstance("jks");
catalinaKeyStore.load(in, "jbossSSL".toCharArray());
RSAPrivateKey privateK = (RSAPrivateKey)catalinaKeyStore.getKey("jbossSSL", "jbossSSL".toCharArray());
CryptixRSAPrivateKey vCryptixRSAPriKey = (CryptixRSAPrivateKey) new RawRSAPrivateKey(privateK.getPrivateExponent(), privateK.getModulus());
cipherInstance.initDecrypt(vCryptixRSAPriKey);
// 5. Doing the decryption:
ByteArrayInputStream cipherTextInStream = new ByteArrayInputStream(sEncodedString.getBytes());
cInStream = new CipherInputStream(cipherTextInStream,cipherInstance);
ByteArrayOutputStream clearTextOutStream = new ByteArrayOutputStream();
cOutStream = new CipherOutputStream(clearTextOutStream,cipherInstance);
while((length= cInStream.read(buffer))!=-1)
cOutStream.write(buffer, 0, length); >> exception thrown here
cOutStream.close();
cInStream.close();
clearTextOutStream.close();
cipherTextInStream.close();
String sDecodedString = new String(clearTextOutStream.toByteArray());
System.out.println("Stringdecrpted: " + sDecodedString);Here is working RSA example Maybe will help you. (may has a few typing errors becosu I rmoved some confidential data ;) )
import java.util.*;
import javax.swing.*;
import java.io.*;
import java.security.*;
import javax.crypto.Cipher;
import xjava.security.*;
import cryptix.provider.Cryptix;
import xjava.security.interfaces.CryptixRSAPublicKey;
import xjava.security.interfaces.CryptixRSAPrivateKey;
import xjava.security.KeyGenerator;
import xjava.security.SecretKey;
public class testcipher extends javax.swing.JFrame{
/** Creates new test */
public testcipher() throws Exception {
* @param args the command line arguments
public static void main(String [] args) throws Exception {
Provider pd = new cryptix.provider.Cryptix();
Security.addProvider(pd);
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", "Cryptix");
kpg.initialize(1024, new java.security.SecureRandom());
System.out.println("Generating key pair...");
KeyPair kp = kpg.genKeyPair();
System.out.println("Key pair generated...");
xjava.security.Cipher cp = xjava.security.Cipher.getInstance("RSA/ECB/PKCS7", "Cryptix");
cp.initEncrypt(kp.getPublic());
FileInputStream fis = new FileInputStream("c:\\temp\\b2b\\index.htm");
CipherInputStream cin = new CipherInputStream(fis, cp);
FileOutputStream fout = new FileOutputStream("C:\\temp\\b2b\\enc.htm");
CipherOutputStream cout = new CipherOutputStream(fout, cp);
byte[] buffer = new byte[8192];
int length;
while((length=cin.read(buffer))!=-1)
cout.write(buffer, 0, length);
cout.close();
cin.close();
fout.close();
fis.close();
cp.initDecrypt(kp.getPrivate());
fis = new FileInputStream("c:\\temp\\b2b\\enc.htm");
cin = new CipherInputStream(fis, cp);
fout = new FileOutputStream("C:\\temp\\b2b\\dec.htm");
cout = new CipherOutputStream(fout, cp);
while((length=cin.read(buffer))!=-1)
cout.write(buffer, 0, length);
cout.close();
cin.close();
fout.close();
fis.close();
} -
No luck with RSA and existing cert
I want to encrypt data in my software, data which will be sent to me by the user, in such a way that only I can decrypt it. This seems to call for asymmetric encryption (only the public key would be embedded in the software), so I am trying to use RSA.
Specifically I am trying to encrypt and decrypt data using the key pairs found in a cert that we bought from a cert authority. The cert says that key is a "Sun RSA public key, 1024 bits". In the following test, I encrypt using the cert's public key and decrypt using the same, for want of a method to return the private key but the results are the same if I initialize the cipher for decryption with the cert itself (which presumably contains the private key).
Key key = cert.getPublicKey();
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] enc = cipher.doFinal(test.getBytes());
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] dec = cipher.doFinal(enc);but at the decyrption stage I get the following error:
Exception in thread "main" javax.crypto.BadPaddingException: Data must start with zero.which I don't know what to make of. It seems to me that I am following the (rather scant) instructions to the letter. If I specify "RSA/ECB/NoPadding" as the transformation I don't get the above error but the roundtrip fails to recreate the original string.
Furthermore, as I said before, I wanted to use public key encryption because I must include the encryption key in the software and I do not want it to be sufficient to decrypt the cipher. I was hoping that with RSA you'd encrypt using the public key but that you'd need either the secret key or the whole cert to decrypt. However the Javadocs do not say so explicitely and I am left unsure as to how this works exactly. Can anyone shed some light?I agree, the documentation is inadequate. Have you also looked at the JCE reference (http://java.sun.com/j2se/1.5.0/docs/guide/security/jce/JCERefGuide.html)? This expands a lot on the javadocs for the classes. It might also help to learn more about cryptography; one book that others recommend is "Practical Cryptography" by Ferguson and Schneier.
I think the one key misunderstanding you have is what is in a certificate. A certificate contains only the public key, some information about the identity of the owner of the private key, and a digital signature over this public key and identifying information. The private key is not in the certificate! Nor should it be. If it were, it would no longer be private and the security of the system would fall apart.
The location of the private key depends entirely on the application that created the key pair. java's keytool, for example, stores the private key in a password protected file.
The error you are seeing makes sense once you understand that , for an RSA cipher, the type of key, public or private, as well as the mode Cipher.ENCRYPT_MODE or Cipher.DECRYPT_MODE, determine the interpretation of the subsequent update or doFinal method calls.
Thus in your example, your first call to cipher.doFinal gives the RSA encryption of the data, which is what you wanted. Your second, however, attempts to decrypt this encrypted data with the public key, which makes no sense in this context. It checks to see if the result is has the proper padding, which it does not. If you tell it to assume no padding, you won't get an exception but the result still won't make any sense. You need to init the cipher with the private key for the second part. -
RSA decryption Error: Data must start with zero
Because of some reasons, I tried to use RSA as a block cipher to encrypt/decrypt a large file. When I debug my program, there some errors are shown as below:
javax.crypto.BadPaddingException: Data must start with zero
at sun.security.rsa.RSAPadding.unpadV15(Unknown Source)
at sun.security.rsa.RSAPadding.unpad(Unknown Source)
at com.sun.crypto.provider.RSACipher.doFinal(RSACipher.java:356)
at com.sun.crypto.provider.RSACipher.engineDoFinal(RSACipher.java:394)
at javax.crypto.Cipher.doFinal(Cipher.java:2299)
at RSA.RRSSA.main(RRSSA.java:114)
From breakpoint, I think the problem is the decrypt operation, and Cipher.doFinal() can not be operated correctly.
I searched this problem from google, many people met the same problem with me, but most of them didn't got an answer.
The source code is :
Key generation:
package RSA;
import java.io.FileOutputStream;
import java.io.ObjectOutputStream;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.logging.Level;
import java.util.logging.Logger;
public class GenKey {
* @param args
* @author tang
public static void main(String[] args) {
// TODO Auto-generated method stub
try {
KeyPairGenerator KPG = KeyPairGenerator.getInstance("RSA");
KPG.initialize(1024);
KeyPair KP=KPG.genKeyPair();
PublicKey pbKey=KP.getPublic();
PrivateKey prKey=KP.getPrivate();
//byte[] publickey = decryptBASE64(pbKey);
//save public key
FileOutputStream out=new FileOutputStream("RSAPublic.dat");
ObjectOutputStream fileOut=new ObjectOutputStream(out);
fileOut.writeObject(pbKey);
//save private key
FileOutputStream outPrivate=new FileOutputStream("RSAPrivate.dat");
ObjectOutputStream privateOut=new ObjectOutputStream(outPrivate);
privateOut.writeObject(prKey)
}Encrypte / Decrypt
package RSA;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.ObjectInputStream;
import java.security.Key;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.Cipher;
//import sun.misc.BASE64Decoder;
//import sun.misc.BASE64Encoder;
public class RRSSA {
* @param args
public static void main(String[] argv) {
// TODO Auto-generated method stub
//File used to encrypt/decrypt
String dataFileName = argv[0];
//encrypt/decrypt: operation mode
String opMode = argv[1];
String keyFileName = null;
//Key file
if (opMode.equalsIgnoreCase("encrypt")) {
keyFileName = "RSAPublic.dat";
} else {
keyFileName = "RSAPrivate.dat";
try {
FileInputStream keyFIS = new FileInputStream(keyFileName);
ObjectInputStream OIS = new ObjectInputStream(keyFIS);
Key key = (Key) OIS.readObject();
Cipher cp = Cipher.getInstance("RSA/ECB/PKCS1Padding");//
if (opMode.equalsIgnoreCase("encrypt")) {
cp.init(Cipher.ENCRYPT_MODE, key);
} else if (opMode.equalsIgnoreCase("decrypt")) {
cp.init(Cipher.DECRYPT_MODE, key);
} else {
return;
FileInputStream dataFIS = new FileInputStream(dataFileName);
int size = dataFIS.available();
byte[] encryptByte = new byte[size];
dataFIS.read(encryptByte);
if (opMode.equalsIgnoreCase("encrypt")) {
FileOutputStream FOS = new FileOutputStream("cipher.txt");
//RSA Block size
//int blockSize = cp.getBlockSize();
int blockSize = 64 ;
int outputBlockSize = cp.getOutputSize(encryptByte.length);
/*if (blockSize == 0)
System.out.println("BLOCK SIZE ERROR!");
}else
int leavedSize = encryptByte.length % blockSize;
int blocksNum = leavedSize == 0 ? encryptByte.length / blockSize
: encryptByte.length / blockSize + 1;
byte[] cipherData = new byte[outputBlockSize*blocksNum];
//encrypt each block
for (int i = 0; i < blocksNum; i++) {
if ((encryptByte.length - i * blockSize) > blockSize) {
cp.doFinal(encryptByte, i * blockSize, blockSize, cipherData, i * outputBlockSize);
} else {
cp.doFinal(encryptByte, i * blockSize, encryptByte.length - i * blockSize, cipherData, i * outputBlockSize);
//byte[] cipherData = cp.doFinal(encryptByte);
//BASE64Encoder encoder = new BASE64Encoder();
//String encryptedData = encoder.encode(cipherData);
//cipherData = encryptedData.getBytes();
FOS.write(cipherData);
FOS.close();
} else {
FileOutputStream FOS = new FileOutputStream("plaintext.txt");
//int blockSize = cp.getBlockSize();
int blockSize = 64;
//int j = 0;
//BASE64Decoder decoder = new BASE64Decoder();
//String encryptedData = convert(encryptByte);
//encryptByte = decoder.decodeBuffer(encryptedData);
int outputBlockSize = cp.getOutputSize(encryptByte.length);
int leavedSize = encryptByte.length % blockSize;
int blocksNum = leavedSize == 0 ? encryptByte.length / blockSize
: encryptByte.length / blockSize + 1;
byte[] plaintextData = new byte[outputBlockSize*blocksNum];
for (int j = 0; j < blocksNum; j++) {
if ((encryptByte.length - j * blockSize) > blockSize) {
cp.doFinal(encryptByte, j * blockSize, blockSize, plaintextData, j * outputBlockSize);
} else {
cp.doFinal(encryptByte, j * blockSize, encryptByte.length - j * blockSize, plaintextData, j * outputBlockSize);
FOS.write(plaintextData);
//FOS.write(cp.doFinal(encryptByte));
FOS.close();
}Edited by: sabre150 on Aug 3, 2012 6:43 AM
Moderator action : added [ code] tags so as to make the code readable. Please do this yourself in the future.
Edited by: 949003 on 2012-8-3 上午5:311) Why are you not closing the streams when writing the keys to the file?
2) Each block of RSA encrypted data has size equal to the key modulus (in bytes). This means that for a key size of 1024 bits you need to read 128 bytes and not 64 bytes at a time when decrypting ( this is probably the cause of your 'Data must start with zero exception'). Since the input block size depends on the key modulus you cannot hard code this. Note - PKCS1 padding has at least 11 bytes of padding so on encrypting one can process a maximum of the key modulus in bytes less 11. Currently you have hard coded the encryption block at 64 bytes which is OK for your 1024 bits keys but will fail for keys of modulus less than about 936 bits.
3) int size = dataFIS.available(); is not a reliable way to get the size of an input stream. If you check the Javadoc for InputStream.available() you will see that it returns the number of bytes that can be read without blocking and not the stream size.
4) InputStream.read(byte[]) does not guarantee to read all the bytes and returns the number of bytes actually read. This means that your code to read the content of the file into an array may fail. Again check the Javadoc. To be safe you should used DataInputStream.readFully() to read a block of bytes.
5) Reading the whole of the cleartext or ciphertext file into memory does not scale and with very large files you will run out of memory. There is no need to do this since you can use a "read a block, write the transformed block" approach.
RSA is a very very very slow algorithm and it is not normal to encrypt the whole of a file using it. The standard approach is to perform the encryption of the file content using a symmetric algorithm such as AES using a random session key and use RSA to encrypt the session key. One then writes to the ciphertext file the RSA encrypted session key followed by the symmetric encrypted data. To make it more secure one should actually follow the extended procedure outlined in section 13.6 of Practical Cryptography by Ferguson and Schneier. -
Issue with configuring RSA 9.1 connector
Oracle Web logic Version 10.3.0.0
JDK JDK160_10
Oracle Identity Manager 9.1.0.2 bp11
OIM OS Windows 2003-R2-sp2-64bit
Processor AMD
RSA OS Windows 2003-R2-sp2-64bit
Processor AMD
JDK JDK150_04
RSA Auth manager 7.1
Could not communicate with the target system. javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
These are the SSL logs from xel-log when I try to run a schedule task RSA recon.
2010-10-06 08:21:18,118 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.usermgmt.tasks.RSALookupRecon : init():: STARTED
2010-10-06 08:21:18,118 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.vo.ITResource : ITResource:: STARTED
2010-10-06 08:21:18,149 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.vo.ITResource : ITResource : IT Resource Key :142
2010-10-06 08:21:18,165 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.vo.ITResource : ITResource:: FINISHED
2010-10-06 08:21:18,196 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.dao.OIMUtil : OIMUtil():: STARTED
2010-10-06 08:21:18,212 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.dao.OIMUtil : OIMUtil():: FINISHED
2010-10-06 08:21:18,212 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.dao.OIMUtil : getLookUpMap():: STARTED
2010-10-06 08:21:18,212 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.dao.OIMUtil : getLookUpMap() : LookUpName : Lookup.RSA.AuthManager.Configuration
2010-10-06 08:21:18,243 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.dao.OIMUtil : getLookUpMap():: FINISHED
2010-10-06 08:21:18,243 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.dao.OIMUtil : getLookUpMap():: STARTED
2010-10-06 08:21:18,243 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.dao.OIMUtil : getLookUpMap() : LookUpName : Lookup.RSA.AuthManager.LookupReconMapping
2010-10-06 08:21:18,259 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.dao.OIMUtil : getLookUpMap():: FINISHED
2010-10-06 08:21:18,259 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.dao.OIMUtil : getLookUpMap():: STARTED
2010-10-06 08:21:18,259 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.dao.OIMUtil : getLookUpMap() : LookUpName : Lookup.RSA.AuthManager.Constants
2010-10-06 08:21:18,274 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.dao.OIMUtil : getLookUpMap():: FINISHED
2010-10-06 08:21:18,274 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.dao.OIMUtil : getLookUpMap():: STARTED
2010-10-06 08:21:18,274 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.dao.OIMUtil : getLookUpMap() : LookUpName : Lookup.RSA.AuthManager.ITResourceMapping
2010-10-06 08:21:18,290 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.dao.OIMUtil : getLookUpMap():: FINISHED
2010-10-06 08:21:18,290 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.vo.ScheduledTask : getScheduledTaskDetails():: STARTED
2010-10-06 08:21:18,306 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.vo.ScheduledTask : getScheduleTaskKey():: STARTED
2010-10-06 08:21:18,337 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.vo.ScheduledTask : getScheduleTaskKey():: FINISHED
2010-10-06 08:21:18,352 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.vo.ScheduledTask : getScheduledTaskDetails():: FINISHED
2010-10-06 08:21:18,352 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.vo.ScheduledTask : validateMandatoryTaskAttrs():: STARTED
2010-10-06 08:21:18,352 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.vo.ScheduledTask : validateMandatoryTaskAttrs():: FINISHED
2010-10-06 08:21:18,352 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.dao.OIMUtil : getITResourceKey():: STARTED
2010-10-06 08:21:18,352 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.dao.OIMUtil : getITResourceKey() : ITResource Name = RSA Server Instance
2010-10-06 08:21:18,368 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.dao.OIMUtil : getITResourceKey() : tcresultSet.getRowCount() = 1
2010-10-06 08:21:18,368 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.dao.OIMUtil : getITResourceKey():: FINISHED
2010-10-06 08:21:18,368 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.vo.ITResource : validateMandatoryITResource():: STARTED
2010-10-06 08:21:18,368 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.vo.ITResource : validateMandatoryITResource():: FINISHED
2010-10-06 08:21:18,368 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.usermgmt.tasks.RSALookupRecon : execute():: STARTED
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : createConnection():: STARTED
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : createConnection() : Setting connection properties...
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : createConnection() : Bean Method: SecurityPrincipal
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.util.Util : getMethodName:: STARTED
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.util.Util : getMethodName:: FINISHED
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : createConnection() : Method name: setSecurityPrincipal
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : createConnection() : Bean Method: SecurityCredentials
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.util.Util : getMethodName:: STARTED
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.util.Util : getMethodName:: FINISHED
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : createConnection() : Method name: setSecurityCredentials
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : createConnection() : Bean Method: InitialContextFactory
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.util.Util : getMethodName:: STARTED
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.util.Util : getMethodName:: FINISHED
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : createConnection() : Method name: setInitialContextFactory
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : createConnection() : Bean Method: ProviderURL
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.util.Util : getMethodName:: STARTED
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.util.Util : getMethodName:: FINISHED
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : createConnection() : Method name: setProviderURL
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : createConnection() : Bean Method: TargetClass
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.util.Util : getMethodName:: STARTED
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.common.util.Util : getMethodName:: FINISHED
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : createConnection() : Method name: setTargetClass
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : getITRCustomProperties():: STARTED
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : getITRCustomProperties() : Lookup code value: Command Client Password
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : getITRCustomProperties() : Lookup decode value: SecurityCredentials
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : getITRCustomProperties() : Lookup code value: Command Client UserID
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : getITRCustomProperties() : Lookup decode value: SecurityPrincipal
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : getITRCustomProperties() : Lookup code value: Provider URL
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : getITRCustomProperties() : Lookup decode value: ProviderURL
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : getITRCustomProperties() : Lookup code value: JNDI Factory Class
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : getITRCustomProperties() : Lookup decode value: InitialContextFactory
2010-10-06 08:21:18,384 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : getITRCustomProperties():: FINISHED
2010-10-06 08:21:18,805 | DEBUG | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : createConnection() : CommandTarget initialized...
2010-10-06 08:21:23,194 | ERROR | QuartzWorkerThread-1 | OIMCP.RSAM | ====================================================
2010-10-06 08:21:23,194 | ERROR | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : createConnection() : javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
2010-10-06 08:21:23,194 | ERROR | QuartzWorkerThread-1 | OIMCP.RSAM | ====================================================
2010-10-06 08:21:23,194 | ERROR | QuartzWorkerThread-1 | OIMCP.RSAM | ================= Start Stack Trace =======================
2010-10-06 08:21:23,194 | ERROR | QuartzWorkerThread-1 | OIMCP.RSAM | oracle.iam.connectors.rsaauthmgr.common.connection.RSAConnection : createConnection()
2010-10-06 08:21:23,194 | ERROR | QuartzWorkerThread-1 | OIMCP.RSAM | javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
2010-10-06 08:21:23,194 | ERROR | QuartzWorkerThread-1 | OIMCP.RSAM | Description : javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
2010-10-06 08:21:23,194 | ERROR | QuartzWorkerThread-1 | OIMCP.RSAM | com.rsa.common.SystemException: javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
2010-10-06 08:21:23,194 | ERROR | QuartzWorkerThread-1 | OIMCP.RSAM | ================= End Stack Trace =======================
Edited by: 800558 on Oct 6, 2010 12:02 PMThese are the server logs
####<Oct 6, 2010 9:14:39 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <> <main> <> <> <> <1286374479421> <BEA-000000> <Enabled muxing IO for SSL in server>
weblogic.debug.DebugSecuritySSL = true
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612532> <BEA-000000> <SSLContextManager: initializing SSL context for channel DefaultSecure>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612532> <BEA-000000> <Use Certicom SSL with Domestic strength>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612547> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612547> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612547> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612547> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612610> <BEA-000000> <Ignoring not supported JCE KeyAgreement: SunJCE version 1.6 for algorithm DiffieHellman>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612610> <BEA-000000> <Will use default KeyAgreement for algorithm DiffieHellman>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612610> <BEA-000000> <Will use default KeyAgreement for algorithm ECDH>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612625> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm DESede/CBC/NoPadding>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612625> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm DES/CBC/NoPadding>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612625> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm AES/CBC/NoPadding>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612625> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612625> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612625> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA/ECB/NoPadding>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612641> <BEA-000000> <SSL Session TTL :90000>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612641> <BEA-000000> <DefaultHostnameVerifier: allowReverseDNS=false>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612641> <BEA-000000> <SSL enableUnencryptedNullCipher= false>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612641> <BEA-000000> <SSLContextManager: loading server SSL identity>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612657> <BEA-000000> <Loaded public identity certificate chain:>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612657> <BEA-000000> <Subject: CN=S02AOIMD03, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US; Issuer: CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612657> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA/ECB/NoPadding>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612719> <BEA-000000> <SSLContextManager: loaded 4 trusted CAs from D:\bea\WLSERV~1.3\server\lib\DemoTrust.jks>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1286374612953> <BEA-000000> <SSLContextManager: reusing SSL context of channel DefaultSecure>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure[1]]> <<WLS Kernel>> <> <> <1286374612953> <BEA-000000> <DynamicSSLListenThread[DefaultSecure[1]] 21 cipher suites enabled:>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1286374612953> <BEA-000000> <DynamicSSLListenThread[DefaultSecure] 21 cipher suites enabled:>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure[1]]> <<WLS Kernel>> <> <> <1286374612953> <BEA-000000> <TLS_RSA_WITH_RC4_128_MD5>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1286374612953> <BEA-000000> <TLS_RSA_WITH_RC4_128_MD5>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure[1]]> <<WLS Kernel>> <> <> <1286374612969> <BEA-000000> <TLS_RSA_WITH_RC4_128_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1286374612969> <BEA-000000> <TLS_RSA_WITH_RC4_128_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure[1]]> <<WLS Kernel>> <> <> <1286374612969> <BEA-000000> <TLS_RSA_WITH_AES_128_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1286374612969> <BEA-000000> <TLS_RSA_WITH_AES_128_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure[1]]> <<WLS Kernel>> <> <> <1286374612969> <BEA-000000> <TLS_RSA_WITH_AES_256_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1286374612969> <BEA-000000> <TLS_RSA_WITH_AES_256_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure[1]]> <<WLS Kernel>> <> <> <1286374612969> <BEA-000000> <TLS_RSA_WITH_3DES_EDE_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1286374612969> <BEA-000000> <TLS_RSA_WITH_3DES_EDE_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure[1]]> <<WLS Kernel>> <> <> <1286374612969> <BEA-000000> <TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1286374612969> <BEA-000000> <TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure[1]]> <<WLS Kernel>> <> <> <1286374612969> <BEA-000000> <TLS_RSA_WITH_DES_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1286374612969> <BEA-000000> <TLS_RSA_WITH_DES_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure[1]]> <<WLS Kernel>> <> <> <1286374612969> <BEA-000000> <TLS_DHE_RSA_WITH_DES_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1286374612969> <BEA-000000> <TLS_DHE_RSA_WITH_DES_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure[1]]> <<WLS Kernel>> <> <> <1286374612969> <BEA-000000> <TLS_RSA_EXPORT1024_WITH_RC4_56_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1286374612969> <BEA-000000> <TLS_RSA_EXPORT1024_WITH_RC4_56_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure[1]]> <<WLS Kernel>> <> <> <1286374612969> <BEA-000000> <TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1286374612969> <BEA-000000> <TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure[1]]> <<WLS Kernel>> <> <> <1286374612969> <BEA-000000> <TLS_RSA_EXPORT_WITH_RC4_40_MD5>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1286374612969> <BEA-000000> <TLS_RSA_EXPORT_WITH_RC4_40_MD5>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure[1]]> <<WLS Kernel>> <> <> <1286374612969> <BEA-000000> <TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1286374612985> <BEA-000000> <TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure[1]]> <<WLS Kernel>> <> <> <1286374612985> <BEA-000000> <TLS_RSA_EXPORT_WITH_DES40_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1286374612985> <BEA-000000> <TLS_RSA_EXPORT_WITH_DES40_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure[1]]> <<WLS Kernel>> <> <> <1286374612985> <BEA-000000> <TLS_DH_anon_WITH_3DES_EDE_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1286374612985> <BEA-000000> <TLS_DH_anon_WITH_3DES_EDE_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure[1]]> <<WLS Kernel>> <> <> <1286374612985> <BEA-000000> <TLS_DH_anon_WITH_RC4_128_MD5>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1286374612985> <BEA-000000> <TLS_DH_anon_WITH_RC4_128_MD5>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure[1]]> <<WLS Kernel>> <> <> <1286374612985> <BEA-000000> <TLS_DH_anon_WITH_DES_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1286374612985> <BEA-000000> <TLS_DH_anon_WITH_DES_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure[1]]> <<WLS Kernel>> <> <> <1286374612985> <BEA-000000> <TLS_DH_anon_EXPORT_WITH_RC4_40_MD5>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1286374612985> <BEA-000000> <TLS_DH_anon_EXPORT_WITH_RC4_40_MD5>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure[1]]> <<WLS Kernel>> <> <> <1286374612985> <BEA-000000> <TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1286374612985> <BEA-000000> <TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure[1]]> <<WLS Kernel>> <> <> <1286374612985> <BEA-000000> <TLS_DHE_RSA_EXPORT_WITH_DES_40_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1286374612985> <BEA-000000> <TLS_DHE_RSA_EXPORT_WITH_DES_40_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure[1]]> <<WLS Kernel>> <> <> <1286374612985> <BEA-000000> <TLS_RSA_EXPORT_WITH_DES_40_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1286374612985> <BEA-000000> <TLS_RSA_EXPORT_WITH_DES_40_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure[1]]> <<WLS Kernel>> <> <> <1286374612985> <BEA-000000> <TLS_DH_anon_EXPORT_WITH_DES_40_CBC_SHA>
####<Oct 6, 2010 9:16:52 AM CDT> <Debug> <SecuritySSL> <S02AOIMD03> <AdminD03> <DynamicSSLListenThread[DefaultSecure]> <<WLS Kernel>> <> <> <1286374612985> <BEA-000000> <TLS_DH_anon_EXPORT_WITH_DES_40_CBC_SHA> -
MD5 and RSA - Slow performance - Help / Views Required
Hi,
I am facing a problem while signing a message.The
scenario is:
I have to create 20,000 messages to be sent to
clients. I am encrypting the message using MD5 and
RSA.
But when i am encrypting via RSA it takes about 20
mins to encrypt the 20k messages.I dont know why its
taking so much time. I have max 4-5 mins to manipulate
and send messages. The sample code is as follows:
ur earliest help will be quite helpful.
Thanks in advance
Hassan
************** Source Code ****************
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.Signature;
import java.security.PrivateKey;
import java.security.spec.RSAPrivateKeySpec;
import org.apache.log4j.Logger;
public class Signer {
******************************************Hi Sabre,
I have compiled the simple code from JCE tutorial for DES. The output text it is showing is different than input text.
Is there any problem going on in tutorial's example ?
Regards
Hamid
******** output **************
the original cleartext is: [B@13a328f
the encrypted text is: [B@337838
the final cleartext is: [B@119cca4
******** Code ************
public class jCypher {
private static Cipher desCipher = null;
public static void main (String[] args) throws NoSuchAlgorithmException,
InvalidKeyException, IllegalBlockSizeException, NoSuchProviderException,
BadPaddingException, NoSuchPaddingException, Exception
//Creating a Key Generator and Generating a Key
//public static KeyGenerator getInstance(String algorithm);
KeyGenerator keygen = KeyGenerator.getInstance("DES");
SecretKey desKey = keygen.generateKey();
// Creating a Cipher
// Cipher.getInstance(Transformation);
// c1 = Cipher.getInstance("RSA/ECB/PKCS1Padding");
desCipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
// Cipher.init(int opmode, Key key);
desCipher.init(Cipher.ENCRYPT_MODE, desKey );
// Cleartext
byte[] cleartext = "This is small Text for testing".getBytes();
System.out.println("the original cleartext is: " + cleartext.toString());
// Encrypt the cleartext
// encrypted or decrypted data in one step (single-part operation)
// public byte[] doFinal(byte[] input);
byte[] ciphertext = desCipher.doFinal(cleartext);
System.out.println("the encrypted text is: " + ciphertext.toString());
// Initialize the same cipher for decryption
desCipher.init(Cipher.DECRYPT_MODE, desKey );
// Decrypt the ciphertext
byte[] cleartext1 = desCipher.doFinal(ciphertext);
System.out.println("the final cleartext is: " + cleartext1.toString());
} // End main()
} -
Has any one used RSA on Gemplus Xpresso Javacards? (JC 2.1.1)
Hello,
i ve been trying to generate an RSA keypair on my Xpresso card, but the applet fails to load... what i try is...
package packJCardDemo1;
import javacard.framework.*;
import javacard.security.*;
public class CardRWV extends Applet {
private static KeyPair keypair;
public static void install(byte[] buffer, short offset, byte length) {
memory = new byte[SIZE_MEMORY];
pin = new OwnerPIN(DEFAULT_PIN_MAX, PIN_SIZE);
pin.update(DEFAULT_PIN, (short)(0), PIN_SIZE);
try {
keypair = new KeyPair( KeyPair.ALG_RSA, KeyBuilder.LENGTH_RSA_512 );
} catch (CryptoException ce) {
if (ce.getReason() == CryptoException.UNINITIALIZED_KEY)
ISOException.throwIt(ISO7816.SW_FILE_FULL);
else if (ce.getReason() == CryptoException.INVALID_INIT)
ISOException.throwIt(ISO7816.SW_FILE_NOT_FOUND);
else if (ce.getReason() == CryptoException.ILLEGAL_USE)
ISOException.throwIt(ISO7816.SW_FILE_INVALID);
else if (ce.getReason() == CryptoException.NO_SUCH_ALGORITHM)
ISOException.throwIt(ISO7816.SW_WRONG_ALG);
else
ISOException.throwIt(ISO7816.SW_RECORD_NOT_FOUND);
new CardRWV().register();
The compile runs ok, but when i try to load the applet into the card it fails (the install method generates an exception). If i put the try-catch in comments my applet loads normally...
Also when is use debug i get these messages indicating that RSA is (should be) implemented...
Checking crypto providers...
"DESede/ECB/NoPadding" feature found in provider: "SunJCE"
DES/3DES feature is ok...
"RSA/ECB/NoPadding" feature found in provider: "GemplusCrypto"
RSA feature is ok...
Any help would be appreciated!
Best Regards
JohnI found the problem, when i removed the key building from the install method and placed it in a separate block the applet installed correctly, but when i request the building of a pair of keys, a Crypto exception NO_SUCH_ALGORITHM is thrown. I have used RSA, RSA_CRT, DSA (every possible length combination) but i get the same exception. If anyone has implemented RSA on a Gemplus (Gemxplore Xpresso Range) card please give me your lights.
Thanks in advance!
John -
Invalid Key Exception: Unsupported key type: Sun RSA public key, 1024 bits
I am trying to retrieve certificates from Microsoft Keystore and extract its keys using SunMSCAPI in jdk 1.6. It gives me an invalid key exception, when I am trying to wrap the Symmetric key (which was previously used to perform AES encryption on data), using RSA algorithm.
Code snippet:
// RSA 1024 bits Asymmetric encryption of Symmetric AES key
// List the certificates from Microsoft KeyStore using SunMSCAPI.
System.out.println("List of certificates found in Microsoft Personal Keystore:");
KeyStore ks = KeyStore.getInstance("Windows-MY", "SunMSCAPI");
ks.load(null, null) ;
Enumeration en = ks.aliases() ;
PublicKey RSAPubKey = null;
Key RSAPrivKey = null;
int i = 0;
while (en.hasMoreElements()) {
String aliasKey = (String)en.nextElement() ;
X509Certificate c = (X509Certificate) ks.getCertificate(aliasKey) ;
String sss = ks.getCertificateAlias(c);
if(sss.equals("C5151997"))
System.out.println("---> alias : " + sss) ;
i= i + 1;
String str = c.toString();
System.out.println(" Certificate details : " + str ) ;
RSAPubKey = c.getPublicKey();
RSAPrivKey = ks.getKey(aliasKey, null); //"mypassword".toCharArray()
Certificate[] chain = ks.getCertificateChain(aliasKey);
System.out.println("No of certificates found from Personal MS Keystore: " + i);
// Encrypt the generated Symmetric AES Key using RSA cipher
Cipher rsaCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", ks.getProvider().getName());
rsaCipher.init(Cipher.WRAP_MODE, RSAPubKey);
byte[] encryptedSymmKey = rsaCipher.wrap(aeskey);
System.out.println("Encrypted Symmetric Key :" + new String(encryptedSymmKey));
System.out.println("Encrypted Symmetric Key Length in Bytes: " + encryptedSymmKey.length);
// RSA Decryption of Encrypted Symmetric AES key
rsaCipher.init(Cipher.UNWRAP_MODE, RSAPrivKey);
Key decryptedKey = rsaCipher.unwrap(encryptedSymmKey, "AES", Cipher.SECRET_KEY);Output:
List of certificates found in Microsoft Personal Keystore:
---> alias : C5151997
Certificate details : [
Version: V3
Subject: CN=C5151997, O=SAP-AG, C=DE
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 171871587533146191561538456391418351861663300588728159334223437391061141885590024223283480319626015611710315581642512941578588886825766256507714725820048129123720143461110410353346492039350478625370269565346566901446816729164309038944197418238814947654954590754593726047828813400082450341775203029183105860831
public exponent: 65537
Validity: [From: Mon Jan 24 18:17:49 IST 2011,
To: Wed Jan 23 18:17:49 IST 2013]
Issuer: CN=SSO_CA, O=SAP-AG, C=DE
SerialNumber: [ 4d12c509 00000005 eb85]
Certificate Extensions: 6
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 07 E5 83 A1 B2 B7 DF 6B 4B 67 9C 1D 42 C9 0D F4 .......kKg..B...
0010: 35 76 D3 F7 5v..
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: E4 C4 2C 93 20 AF DA 4C F2 53 68 4A C0 E7 EC 30 ..,. ..L.ShJ...0
0010: 8C 0C 3B 9A ..;.
[3]: ObjectId: 1.3.6.1.4.1.311.21.7 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 30 30 2E 06 26 2B 06 01 04 01 82 37 15 08 82 .00..&+.....7...
0010: D1 E1 73 84 E4 FE 0B 84 FD 8B 15 83 E5 90 1B 83 ..s.............
0020: E6 A1 43 81 62 84 B1 DA 50 9E D3 14 02 01 64 02 ..C.b...P.....d.
0030: 01 1B ..
[4]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
RFC822Name: [email protected]
[5]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
[6]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [SHA1withRSA]
Signature:
0000: B3 C5 92 66 8D D7 ED 6D 51 12 63 CC F4 52 18 B9 ...f...mQ.c..R..
0010: B8 A6 78 F7 ED 7D 78 18 DA 71 09 C9 AE C8 49 23 ..x...x..q....I#
0020: F5 32 2F 0F D1 C0 4C 08 2B 6D 3C 11 B9 5F 5B B5 .2/...L.+m<.._[.
0030: 05 D9 CA E6 F9 0A 94 14 E7 C6 7A DB 63 FE E5 EC ..........z.c...
0040: 48 94 8C 0D 77 92 59 DE 34 6E 77 1A 24 FE E3 C1 H...w.Y.4nw.$...
0050: D8 0B 52 6A 7E 22 13 71 D7 F8 AF D1 17 C8 64 4F ..Rj.".q......dO
0060: 83 EA 2D 6A CA 7F C3 84 37 15 FE 99 73 1D 7C D1 ..-j....7...s...
0070: 6D B4 99 09 62 B9 0F 18 33 4C C6 66 7A 9F C0 DB m...b...3L.fz...
No of certificates found from Personal MS Keystore: 1
Exception in thread "main" java.security.InvalidKeyException: Unsupported key type: Sun RSA public key, 1024 bits
modulus: 171871587533146191561538456391418351861663300588728159334223437391061141885590024223283480319626015611710315581642512941578588886825766256507714725820048129123720143461110410353346492039350478625370269565346566901446816729164309038944197418238814947654954590754593726047828813400082450341775203029183105860831
public exponent: 65537
at sun.security.mscapi.RSACipher.init(RSACipher.java:176)
at sun.security.mscapi.RSACipher.engineInit(RSACipher.java:129)
at javax.crypto.Cipher.init(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)
at com.sap.srm.crpto.client.applet.CryptoClass.main(CryptoClass.java:102)
Edited by: sabre150 on 18-Jul-2011 03:47
Added [ code] tags to make code readable.A bit of research indicates that the classes of the keys obtained by
RSAPubKey = c.getPublicKey();
RSAPrivKey = ks.getKey(aliasKey, null); //"mypassword".toCharArray()are sun.security.rsa.RSAPublicKeyImpl and sun.security.*mscapi*.RSAPrivateKey . It seems that for Cipher objects from the SunMSCAPI provider cannot accept RSA public keys of class sun.security.rsa.RSAPublicKeyImpl and that the SunMSCAPI will only accept RSA private keys of class sun.security.mscapi.RSAPrivateKey.
This came up under different guise a couple of years ago. It makes sense since encrypting/wrapping with a public key does not represent a security problem (there is nothing secret in any of the encryption operations) when done outside of MSCAPI so one can use any provider that has the capability BUT the decryption/unwrapping must be done with the SunMSCAPI provider which delegates it to the MSCAPI.
My working test code based on your code implementing this approach is :
// RSA 1024 bits Asymmetric encryption of Symmetric AES key
// List the certificates from Microsoft KeyStore using SunMSCAPI.
System.out.println("List of certificates found in Microsoft Personal Keystore:");
KeyStore ks = KeyStore.getInstance("Windows-MY", "SunMSCAPI");
ks.load(null, null);
Enumeration en = ks.aliases();
PublicKey RSAPubKey = null;
Key RSAPrivKey = null;
int i = 0;
while (en.hasMoreElements())
String aliasKey = (String) en.nextElement();
X509Certificate c = (X509Certificate) ks.getCertificate(aliasKey);
String sss = ks.getCertificateAlias(c);
if (sss.equals("rsa_key")) // The alias for my key - make sure you change it back to your alias
System.out.println("---> alias : " + sss);
i = i + 1;
String str = c.toString();
System.out.println(" Certificate details : " + str);
RSAPubKey = c.getPublicKey();
System.out.println(RSAPubKey.getClass().getName());
RSAPrivKey = ks.getKey(aliasKey, null); //"mypassword".toCharArray()
System.out.println(RSAPrivKey.getClass().getName());
Certificate[] chain = ks.getCertificateChain(aliasKey);
System.out.println(ks.getProvider().getName());
System.out.println("No of certificates found from Personal MS Keystore: " + i);
Cipher rsaCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");//, ks.getProvider().getName()); !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
rsaCipher.init(Cipher.WRAP_MODE, RSAPubKey);
byte[] keyBytes =
1, 2, 3, 4, 5, 6, 7, 8, 2, 3, 4, 5, 6, 7, 8, 9
SecretKey aeskey = new SecretKeySpec(keyBytes, "AES");
byte[] encryptedSymmKey = rsaCipher.wrap(aeskey);
System.out.println("Encrypted Symmetric Key :" + Arrays.toString(encryptedSymmKey));
System.out.println("Encrypted Symmetric Key Length in Bytes: " + encryptedSymmKey.length);
// RSA Decryption of Encrypted Symmetric AES key
Cipher unwrapRsaCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", ks.getProvider().getName()); //!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
unwrapRsaCipher.init(Cipher.UNWRAP_MODE, RSAPrivKey);
Key decryptedKey = unwrapRsaCipher.unwrap(encryptedSymmKey, "AES", Cipher.SECRET_KEY);
System.out.println("Decrypted Symmetric Key :" + Arrays.toString(decryptedKey.getEncoded())); // Matches the 'keyBytes' above -
Help with RSA Encryption using SATSA
Hello,
I am a new to writing code on J2ME . I am trying to encrypt data using
RSA public key on J2ME using SATSA.
I generated the public key using openssl in the PEM format and stored the
key (mypublickey) as a Base64 decoded byte array in my code.
Next, I did the following:
X509EncodedKeySpec test - new X509EncodedKeySpec(mypublickey);
KeyFactory kf = KeyFactory.getInstance("RSA");
PublicKey key = kf.generatePublic(test);
I used this key to encrypt as follows:
cipher c = Cipher.getInstance("RSA");
c.init(Cipher.ENCRYPT_MODE, key);
c.doFinal(data,0,data.length,ciphertext,0);
where byte[] data = "1234567890".getBytes();
I get no errors during this process.
Now, when I try to decrypt the string, I get a padding error as follows:
javax.crypto.BadPaddingException: Data must start with zero
The decode is done on a server.
I tried getting an instance of the cipher with RSA/ECB/NoPadding and this time the decrypt gives junk.
Question 2: The SATSA example online at http://java.sun.com/j2me/docs/satsa-dg/AppD.html
has a public key embedded as a byte array. They haven't explained how
this key is generated. Does someone know?
Question 3: Suppose, I can get the modulus and exponent of the public key is there any way I can convert it to X509EncodedKeySpec so that I can
use the APIs in SATSA?
Thanks in advance for your help. I have been trying to solve this for a lot of time and any help will be greatly appreciated.Just wanted to add my code:
public class test2 {
public static void main(String[] args) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, ShortBufferException {
// TODO Auto-generated method stub
byte [] data = "012345678901234567890123456789ab".getBytes();
Base64 base64 = new Base64();
/*public key generated by
byte [] mypublickey = base64.decode("publickey in PEM format");
byte [] ciphertext = new byte[128];
X509EncodedKeySpec test = new X509EncodedKeySpec(mypublickey);
byte [] myprivatekey = base64.decode("privatekey in pkcs8format");
KeyFactory rsakeyfac = KeyFactory.getInstance("RSA");
PublicKey pubkey = rsakeyfac.generatePublic(test);
Cipher c1 = Cipher.getInstance("RSA");
c1.init(Cipher.ENCRYPT_MODE, pubkey);
c1.doFinal(data, 0,data.length, ciphertext);
PKCS8EncodedKeySpec pks2 = new PKCS8EncodedKeySpec(myprivatekey);
RSAPrivateCrtKey privkey = (RSAPrivateCrtKey)rsakeyfac.generatePrivate(pks2);
Cipher c2 = Cipher.getInstance("RSA");
c2.init(Cipher.DECRYPT_MODE, privkey);
byte [] decrypteddata = c2.doFinal(ciphertext);
System.out.println("Decrypted String is:"+new String(decrypteddata).trim());
Error that I get is:
Exception in thread "main" javax.crypto.BadPaddingException: Data must start with zero
at sun.security.rsa.RSAPadding.unpadV15(Unknown Source)
at sun.security.rsa.RSAPadding.unpad(Unknown Source)
at com.sun.crypto.provider.RSACipher.a(DashoA13*..)
at com.sun.crypto.provider.RSACipher.engineDoFinal(DashoA13*..)
at javax.crypto.Cipher.doFinal(DashoA13*..) -
Have a problem when encrypt by RSA !!!
I have a method
public static byte[] EncryptByPublicKey(byte[] text, PublicKey key) {
//byte[] encryptText = null;
try {
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.ENCRYPT_MODE, key);
return cipher.doFinal(text);
catch (Exception e){
System.out.println("Err " + e.toString());
return null;
}I write a class test this method
public static void main(String[] args){
PublicKey pub = ReadPublicKey("publicReceiver.k");
String message = "abc";
String encryptText =
new String(EncryptByPublicKey(message.getBytes(), pub));
System.out.println(encryptText);
}when I execute the minutes each are different results for each.
help me please, thanks a lot ofPKCS1 padding in encryption mode uses random bytes for the padding so you should pretty much always get a different resultant encrypted result.
Note - the bytes of the ciphertext should never be turned into readable text using new String(ciphertext) since one cannot guarantee that all bytes and byte sequences are valid for your default character encoding. Use Base64 or Hex encoding. -
I need to encrypt a byte[] of size 426 using RSA algorithm but when i call cipher.doFinal(byte[]);
I get
javax.crypto.IllegalBlockSizeException: Data must not be longer than 117 bytes
at com.sun.crypto.provider.RSACipher.a(DashoA6275)
at com.sun.crypto.provider.RSACipher.engineDoFinal(DashoA6275)
at javax.crypto.Cipher.doFinal(DashoA12275)
at com.security.cert.KeyStre.encryptDecrypt(KeyStre.java:132)
at com.security.cert.KeyStre.main(KeyStre.java:79)I know there is an update() in cipher but i am not sure how to use it.
Could anyone help me out...
thnx alotok i think i got it...
It should have been done earlier but i had a party to attend to.
What i did was take 112 bytes of the 226 byte DH public key and encrypt it with the RSA public Key. I did the same for the next 112 bytes and so on till i encrypted the entire 226 bytes and appended each encrypted block into an byte array.
For decryption i did the same but I used 128 bytes instead of 112 bytes block and decrypted with the RSA private key.
but i have a problem the resulting decrypted key is appended with zeros because of the encryption algoritm. The only way to get the completely correct key is to use the length of the original DH public key. Is there any way to solve this small problem...
Here is the code hope it helps someone....
plz test it too...
thnks
public byte[] encryptDecrypt(String type,byte[] data,Key secretKey) throws EncryptDecryptException
byte cryptedCipherText[] = null ;
BufferedReader read;
try {
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
System.out.println("Provider is-->" + cipher.getProvider().getInfo());
int j = 0;
int k=0;
boolean flag = false;
byte[] bufferedEncryption = null;
if(type.equals("ENCRYPT"))
cipher.init(Cipher.ENCRYPT_MODE,secretKey);
j = 112;
k=112;
bufferedEncryption = new byte[k];
else
cipher.init(Cipher.DECRYPT_MODE,secretKey);
j = 128;
k=128;
bufferedEncryption = new byte[k];
int cipherlength = cipher.getOutputSize(data.length);
System.out.println("data size-->" + data.length);
System.out.println("cipher size-->" + cipherlength);
cryptedCipherText= new byte[cipherlength];
ByteArrayOutputStream cryptedTextBuffer = new ByteArrayOutputStream();
int count =0;
int i = 0;
while( i< data.length)
System.arraycopy(data,i,bufferedEncryption,0,j);
System.out.println("sizeof bufferedencryption-->"+bufferedEncryption.length);
cryptedCipherText = cipher.doFinal(bufferedEncryption);
count+=cryptedCipherText.length;
System.out.println("Length-->"+count);
cryptedTextBuffer.write(cryptedCipherText);
System.out.println("i-->"+i);
i+=k;
bufferedEncryption = new byte[k];
if(flag == true)
break;
if(i+k > data.length)
j = data.length - i;
flag = true;
cryptedCipherText = cryptedTextBuffer.toByteArray();
//cryptedCipherText = cipher.doFinal(data);
} catch (InvalidKeyException e) {
// TODO Auto-generated catch block
e.printStackTrace();
//throw new EncryptDecryptException("Invalid Key in encrypt/decrypt");
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
//throw new EncryptDecryptException("No such algorithm in encrypt/decrypt");
} catch (NoSuchPaddingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
//throw new EncryptDecryptException("No such padding in encrypt/decrypt");
} catch (IllegalBlockSizeException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (BadPaddingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return cryptedCipherText;
just give the inputs as "ENCRYPT"/"DECRYPT", your data and the public key for encryption and privatekey for decryption.
Maybe you are looking for
-
I did apply for installation for new service 9/30/09 by the phone/email. Keep getting delayed, the final scheduled date for installation is 10/27/09, WHY DOSE IT TAKE VERIZON 3 WEEKS TO START NEW SERVICES/INSTALLATION.? .IT TOOK COMCAST/CABLEVISION O
-
Download error in /tmp and /home
Hello! I downloaded a file in the directory /home. A unknown error produced, and the remote loading failed. I have the same problem with the directory /tmp. In the directory /Documents the remote loading is done normally I carried out the remote load
-
How to include "@someword" verbatim in a documentation?
I fear this is quite a beginners question... The text of a class documentation must contain words that start with an "@" symbol because this is the kind of data the class processes. How can I prevent the error message "@someword is an unknown tag"? (
-
I was writing an important paper in the notes app. I selected all but instead of hitting copy I hit paste. Now I can't find it. Is it gone?
-
Can't compile using OracleTypes.CURSOR
I'm trying learn how to use Stored Procedures. My IDE is Forte 3.0 CE with Oracle 8i(8.1.6.0.0). When I try to compile the code below I get an error: Cannot Resolve Symbo for OracleTypes.CURSOR If I change it to Types.VARCHAR it will compile but I ge