jessie-discuss
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jessie-discuss] Running GNU-Classpath-SSL with Sun-JDK1.5

From: chinmaya
Subject: Re: [Jessie-discuss] Running GNU-Classpath-SSL with Sun-JDK1.5
Date: Fri, 23 Mar 2007 19:04:25 -0600
Nope both exist

On 3/23/07, Casey Marshall <address@hidden> wrote:
Did you undo the patch I posted earlier?

On Mar 23, 2007, at 5:38 PM, chinmaya wrote:

> Thanks Casey, but I am still getting same error !!
> I have just enabled the debug on GNU classpath jar, so that you can
> see the line number in stack trace.
> Here is the new stack trace
>
> gnu.javax.net.ssl.provider.AlertException: HANDSHAKE_FAILURE:
> locally generated; FATAL
>         at
> gnu.javax.net.ssl.provider.ServerHandshake.checkKeyExchange
> (ServerHandshake.java:1184)
>         at
> gnu.javax.net.ssl.provider.AbstractHandshake.getInputParams
> (AbstractHandshake.java:330)
>         at gnu.javax.net.ssl.provider.SSLEngineImpl.unwrap
> (SSLEngineImpl.java:560)
>         at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:566)
>         at gnu.javax.net.ssl.provider.SSLSocketImpl.doHandshake
> (SSLSocketImpl.java:473)
>         at gnu.javax.net.ssl.provider.SSLSocketImpl
> $SocketInputStream.read(SSLSocketImpl.java:150)
>         at sun.nio.cs.StreamDecoder$CharsetSD.readBytes
> (StreamDecoder.java:411)
>         at sun.nio.cs.StreamDecoder$CharsetSD.implRead
> (StreamDecoder.java:453)
>         at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:183)
>         at java.io.InputStreamReader.read(InputStreamReader.java:167)
>         at java.io.BufferedReader.fill (BufferedReader.java:136)
>         at java.io.BufferedReader.read(BufferedReader.java:157)
>         at TLSDataListener.processData(TLSDataListener.java :26)
>         at TLSServer$2.run(TLSServer.java:197)
> Caused by: javax.crypto.IllegalBlockSizeException : Data must not
> be longer than 128 bytes
>         at com.sun.crypto.provider.RSACipher.a(DashoA12275)
>         at com.sun.crypto.provider.RSACipher.engineDoFinal
> (DashoA12275)
>         at javax.crypto.Cipher.doFinal(DashoA12275)
>         at gnu.javax.net.ssl.provider.ServerHandshake
> $RSAKeyExchange.implRun(ServerHandshake.java:1347)
>         at gnu.javax.net.ssl.provider.DelegatedTask.run
> (DelegatedTask.java:68)
>         at gnu.javax.net.ssl.provider.SSLSocketImpl.doHandshake
> (SSLSocketImpl.java :498)
>         ... 9 more
>
>
> thanks
> chinmaya
>
> On 3/23/07, Casey Marshall <address@hidden> wrote: On Mar 23,
> 2007, at 5:10 PM, Casey Marshall wrote:
>
> > It looks like Sun's RSA requires that the input start with a byte
> > 0, which the SSL spec doesn't require (the version of RSA in
> > Classpath doesn't require this, either). I think the patch I've
> > attached may help; I haven't tried this yet, however.
> >
>
> Actually, this likely won't fix this issue. It is more likely that
> decrypting the session key is failing. My guess is this part of the
> code (ServerHandshake.java:1334):
>
>        rsa.init(Cipher.DECRYPT_MODE, serverKey);
>        rsa.init(Cipher.DECRYPT_MODE, localCert);
>
> is the problem. In Classpath, initializing an RSA cipher with two
> keys (public and private) causes RSA to use "blinding," which helps
> prevent timing attacks. You should try swapping the order of these
> two statements, so they read:
>
>         rsa.init(Cipher.DECRYPT_MODE , localCert);
>        rsa.init(Cipher.DECRYPT_MODE, serverKey);
>


reply via email to
[Prev in Thread] Current Thread [Next in Thread]