Quantcast

X509v3CertificateBuilder - Modulus / Exponent confusion - Java Release 1.46

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

X509v3CertificateBuilder - Modulus / Exponent confusion - Java Release 1.46

Finstein, Nathan
Below are representations of certs, the first built using the deprecated X509V3CertificateGenerator, the second built using the new X509v3CertificateBuilder.

the certs are displayed using: "openssl x509 -inform DER -in mycertX.crt -noout -text"

Note that the ...Generator creates a cert with a 1024 bit Modules and integer Exponent, which looks like what openSSL does.  the new ...Builder creates a cert with the integer as Modulus and a (1024 bit?) Exponent!

VIA org.bouncycastle.x509.X509V3CertificateGenerator
===================================

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston
        Validity
            Not Before: Apr 26 04:11:10 2011 GMT
            Not After : Oct 26 04:11:10 2011 GMT
        Subject: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (1024 bit)
                Modulus (1024 bit):
                    00:a0:c0:b1:09:4e:c3:3e:66:c9:79:ef:03:45:9e:
                    98:6a:f0:02:12:07:45:cf:6c:9d:d8:19:b5:ec:1b:
                    ed:37:91:44:d3:71:ad:7f:92:34:53:29:e4:06:df:
                    fc:bc:4e:86:68:5c:3b:0a:83:79:47:53:2a:37:70:
                    bf:a9:a9:12:15:2a:0a:73:c8:e5:a2:1e:72:aa:b1:
                    17:b7:97:e1:06:4b:c4:a1:6e:3b:59:d0:e4:2f:65:
                    90:d5:18:a8:ac:5d:8a:0b:a1:dc:f1:e0:39:e8:96:
                    d5:7c:dd:be:28:3f:fc:f9:0e:f5:2b:5d:f5:a1:f2:
                    32:f5:9c:ee:4e:9b:06:6f:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Alternative Name: critical
                DNS:hospitalusesindivo.directdivo.org
    Signature Algorithm: sha1WithRSAEncryption
        34:3a:90:f0:57:da:2b:ff:f8:bf:13:20:5b:7a:ba:1f:cd:80:
        bd:22:20:05:6d:07:b5:5c:f6:c8:b8:f7:05:c6:5a:91:64:ca:
        62:41:65:9e:6f:c0:cb:c4:79:c3:ed:55:0d:52:20:be:86:3c:
        1f:36:f2:ea:69:33:fa:a2:96:9f:01:d1:2d:97:cc:9a:08:58:
        dd:85:a8:cc:64:d0:b0:5d:1b:57:19:b0:de:e9:e3:f6:ea:11:
        3e:b8:09:26:b5:14:82:07:d9:30:dc:a1:8e:00:23:32:45:62:
        1b:79:84:55:97:13:68:c4:19:8e:5f:de:01:34:23:58:d4:d1:
        11:f7


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


VIA org.bouncycastle.cert.X509v3CertificateBuilder
================================

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 0 (0x0)
        Signature Algorithm: sha1WithRSA
        Issuer: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston/emailAddress=[hidden email]
        Validity
            Not Before: Apr 26 03:45:34 2011 GMT
            Not After : Oct 26 03:45:34 2011 GMT
        Subject: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston/emailAddress=[hidden email]
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (17 bit)
                Modulus (17 bit): 65537 (0x10001)
                Exponent:
                    00:d2:45:a4:c4:6e:90:4c:65:88:df:44:55:b4:d1:
                    b0:65:b3:f1:b0:b1:bf:41:2a:3c:52:de:0d:af:31:
                    49:e8:90:b3:c0:eb:8b:a4:3b:02:2f:c0:e8:74:5c:
                    58:95:98:9a:10:e7:a7:d3:dc:a1:13:65:13:d7:df:
                    86:51:f0:aa:3b:65:a2:d2:1e:48:7e:ef:ac:a7:41:
                    6f:98:8a:6d:cc:9a:fc:7b:c8:67:75:d9:23:c3:39:
                    26:1c:f8:9c:4c:e9:d9:f5:ff:0a:04:c4:5f:1c:be:
                    27:8f:c7:7b:02:b2:5e:3c:50:c2:9d:86:80:32:a9:
                    d6:65:bd:21:7f:8d:1c:8e:d3
        X509v3 extensions:
            X509v3 Subject Alternative Name: critical
                ..direct.childrens.harvard.edu
    Signature Algorithm: sha1WithRSA
        b4:cf:36:b6:c8:cd:2f:76:e8:00:a3:fa:06:c8:0c:fd:92:27:
        f4:4a:2e:38:ef:51:a2:d2:b7:ef:a8:9c:bc:38:2d:17:d9:2d:
        fb:51:da:12:d3:48:7f:d9:35:61:e6:d2:1a:db:82:1c:3b:da:
        a3:a5:df:95:5a:a4:ae:79:c8:3b:7c:ec:20:12:e3:e7:c1:68:
        06:97:23:6b:55:ad:ec:0c:ea:85:81:61:65:7d:79:61:ad:4f:
        9a:7b:15:99:9f:7e:a9:b9:6d:6f:f1:81:9f:1d:88:57:3d:ee:
        53:7b:3d:97:da:47:b8:b3:72:b6:80:df:dd:61:4f:87:db:2b:
        5d:21


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: X509v3CertificateBuilder - Modulus / Exponent confusion - Java Release 1.46

David Hook-2

You might want to check what is happening here again - both these
classes use the results of PublicKey.getEncoded() to create the RSA
public key structure.

It looks like the key passed to the second certificate has been reversed
- it would clearly be invalid (which would also mean all the relevant
tests would fail...)

Regards,

David

On Tue, 2011-04-26 at 10:12 -0400, Finstein, Nathan wrote:

> Below are representations of certs, the first built using the deprecated X509V3CertificateGenerator, the second built using the new X509v3CertificateBuilder.
>
> the certs are displayed using: "openssl x509 -inform DER -in mycertX.crt -noout -text"
>
> Note that the ...Generator creates a cert with a 1024 bit Modules and integer Exponent, which looks like what openSSL does.  the new ...Builder creates a cert with the integer as Modulus and a (1024 bit?) Exponent!
>
> VIA org.bouncycastle.x509.X509V3CertificateGenerator
> ===================================
>
> Certificate:
>     Data:
>         Version: 3 (0x2)
>         Serial Number: 1 (0x1)
>         Signature Algorithm: sha1WithRSAEncryption
>         Issuer: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston
>         Validity
>             Not Before: Apr 26 04:11:10 2011 GMT
>             Not After : Oct 26 04:11:10 2011 GMT
>         Subject: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston
>         Subject Public Key Info:
>             Public Key Algorithm: rsaEncryption
>             RSA Public Key: (1024 bit)
>                 Modulus (1024 bit):
>                     00:a0:c0:b1:09:4e:c3:3e:66:c9:79:ef:03:45:9e:
>                     98:6a:f0:02:12:07:45:cf:6c:9d:d8:19:b5:ec:1b:
>                     ed:37:91:44:d3:71:ad:7f:92:34:53:29:e4:06:df:
>                     fc:bc:4e:86:68:5c:3b:0a:83:79:47:53:2a:37:70:
>                     bf:a9:a9:12:15:2a:0a:73:c8:e5:a2:1e:72:aa:b1:
>                     17:b7:97:e1:06:4b:c4:a1:6e:3b:59:d0:e4:2f:65:
>                     90:d5:18:a8:ac:5d:8a:0b:a1:dc:f1:e0:39:e8:96:
>                     d5:7c:dd:be:28:3f:fc:f9:0e:f5:2b:5d:f5:a1:f2:
>                     32:f5:9c:ee:4e:9b:06:6f:73
>                 Exponent: 65537 (0x10001)
>         X509v3 extensions:
>             X509v3 Subject Alternative Name: critical
>                 DNS:hospitalusesindivo.directdivo.org
>     Signature Algorithm: sha1WithRSAEncryption
>         34:3a:90:f0:57:da:2b:ff:f8:bf:13:20:5b:7a:ba:1f:cd:80:
>         bd:22:20:05:6d:07:b5:5c:f6:c8:b8:f7:05:c6:5a:91:64:ca:
>         62:41:65:9e:6f:c0:cb:c4:79:c3:ed:55:0d:52:20:be:86:3c:
>         1f:36:f2:ea:69:33:fa:a2:96:9f:01:d1:2d:97:cc:9a:08:58:
>         dd:85:a8:cc:64:d0:b0:5d:1b:57:19:b0:de:e9:e3:f6:ea:11:
>         3e:b8:09:26:b5:14:82:07:d9:30:dc:a1:8e:00:23:32:45:62:
>         1b:79:84:55:97:13:68:c4:19:8e:5f:de:01:34:23:58:d4:d1:
>         11:f7
>
>
> = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
>  = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
>
>
> VIA org.bouncycastle.cert.X509v3CertificateBuilder
> ================================
>
> Certificate:
>     Data:
>         Version: 3 (0x2)
>         Serial Number: 0 (0x0)
>         Signature Algorithm: sha1WithRSA
>         Issuer: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston/emailAddress=[hidden email]
>         Validity
>             Not Before: Apr 26 03:45:34 2011 GMT
>             Not After : Oct 26 03:45:34 2011 GMT
>         Subject: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston/emailAddress=[hidden email]
>         Subject Public Key Info:
>             Public Key Algorithm: rsaEncryption
>             RSA Public Key: (17 bit)
>                 Modulus (17 bit): 65537 (0x10001)
>                 Exponent:
>                     00:d2:45:a4:c4:6e:90:4c:65:88:df:44:55:b4:d1:
>                     b0:65:b3:f1:b0:b1:bf:41:2a:3c:52:de:0d:af:31:
>                     49:e8:90:b3:c0:eb:8b:a4:3b:02:2f:c0:e8:74:5c:
>                     58:95:98:9a:10:e7:a7:d3:dc:a1:13:65:13:d7:df:
>                     86:51:f0:aa:3b:65:a2:d2:1e:48:7e:ef:ac:a7:41:
>                     6f:98:8a:6d:cc:9a:fc:7b:c8:67:75:d9:23:c3:39:
>                     26:1c:f8:9c:4c:e9:d9:f5:ff:0a:04:c4:5f:1c:be:
>                     27:8f:c7:7b:02:b2:5e:3c:50:c2:9d:86:80:32:a9:
>                     d6:65:bd:21:7f:8d:1c:8e:d3
>         X509v3 extensions:
>             X509v3 Subject Alternative Name: critical
>                 ..direct.childrens.harvard.edu
>     Signature Algorithm: sha1WithRSA
>         b4:cf:36:b6:c8:cd:2f:76:e8:00:a3:fa:06:c8:0c:fd:92:27:
>         f4:4a:2e:38:ef:51:a2:d2:b7:ef:a8:9c:bc:38:2d:17:d9:2d:
>         fb:51:da:12:d3:48:7f:d9:35:61:e6:d2:1a:db:82:1c:3b:da:
>         a3:a5:df:95:5a:a4:ae:79:c8:3b:7c:ec:20:12:e3:e7:c1:68:
>         06:97:23:6b:55:ad:ec:0c:ea:85:81:61:65:7d:79:61:ad:4f:
>         9a:7b:15:99:9f:7e:a9:b9:6d:6f:f1:81:9f:1d:88:57:3d:ee:
>         53:7b:3d:97:da:47:b8:b3:72:b6:80:df:dd:61:4f:87:db:2b:
>         5d:21
>
>
> = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
>  = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
>



Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: X509v3CertificateBuilder - Modulus / Exponent confusion - Java Release 1.46

Finstein, Nathan
David,

   I had the args reversed in the RSAPublicKeyStructure constructor.

                new org.bouncycastle.asn1.x509.RSAPublicKeyStructure(
                    ((RSAKeyParameters) bcKeyPair.getPublic()).getExponent(),
                    ((RSAKeyParameters) bcKeyPair.getPublic()).getModulus() )

instead of:

                new org.bouncycastle.asn1.x509.RSAPublicKeyStructure(
                    ((RSAKeyParameters) bcKeyPair.getPublic()).getModulus(),
                    ((RSAKeyParameters) bcKeyPair.getPublic()).getExponent() )

     Thanks


    Now I am stuck trying to figure out how to add subjectAlternativeName

this seems to work:
        cbldr = cbldr.addExtension(
                X509Extension.subjectAlternativeName,
                true,
                new org.bouncycastle.asn1.DERTaggedObject(2,
                       new org.bouncycastle.asn1.DERIA5String("direct.childrens.harvard.edu",true) ) );

but later ...
             certH = cbldr.build(
                    new BcRSAContentSignerBuilder(certSigAlgId, certDigAlg).build(cps));

            byte[] derEncoded = certH.getEncoded();
            ByteArrayInputStream certBais = new ByteArrayInputStream(derEncoded);
            retVal = (X509Certificate)
                    CertificateFactory.getInstance("X.509").generateCertificate(certBais);



"CertificateFactory.getInstance("X.509").generateCertificate(certBais)"
threw an exception:

Caused by: java.security.cert.CertificateParsingException: java.io.IOException: Invalid encoding for GeneralNames.
        at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:171)
        at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1747)
        at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:196)
        at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:107)
        at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:322)
        at org.indivo.direct.KeyGen.createSelfSignedV3TestPrivateCertBouncy(KeyGen.java:185)
        ... 1 more
Caused by: java.io.IOException: Invalid encoding for GeneralNames.
        at sun.security.x509.GeneralNames.<init>(GeneralNames.java:58)
        at sun.security.x509.SubjectAlternativeNameExtension.<init>(SubjectAlternativeNameExtension.java:141)
        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
        at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
        at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
        at java.lang.reflect.Constructor.newInstance(Constructor.java:532)
        at sun.security.x509.CertificateExtensions.parseExtension(CertificateExtensions.java:111)
        at sun.security.x509.CertificateExtensions.init(CertificateExtensions.java:87)
        at sun.security.x509.CertificateExtensions.<init>(CertificateExtensions.java:77)
        at sun.security.x509.X509CertInfo.parse(X509CertInfo.java:740)
        at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:169)
        ... 6 more




________________________________________
From: David Hook [[hidden email]]
Sent: Tuesday, April 26, 2011 1:00 PM
To: [hidden email]
Subject: Re: [dev-crypto] X509v3CertificateBuilder - Modulus / Exponent confusion - Java Release 1.46

You might want to check what is happening here again - both these
classes use the results of PublicKey.getEncoded() to create the RSA
public key structure.

It looks like the key passed to the second certificate has been reversed
- it would clearly be invalid (which would also mean all the relevant
tests would fail...)

Regards,

David

On Tue, 2011-04-26 at 10:12 -0400, Finstein, Nathan wrote:

> Below are representations of certs, the first built using the deprecated X509V3CertificateGenerator, the second built using the new X509v3CertificateBuilder.
>
> the certs are displayed using: "openssl x509 -inform DER -in mycertX.crt -noout -text"
>
> Note that the ...Generator creates a cert with a 1024 bit Modules and integer Exponent, which looks like what openSSL does.  the new ...Builder creates a cert with the integer as Modulus and a (1024 bit?) Exponent!
>
> VIA org.bouncycastle.x509.X509V3CertificateGenerator
> ===================================
>
> Certificate:
>     Data:
>         Version: 3 (0x2)
>         Serial Number: 1 (0x1)
>         Signature Algorithm: sha1WithRSAEncryption
>         Issuer: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston
>         Validity
>             Not Before: Apr 26 04:11:10 2011 GMT
>             Not After : Oct 26 04:11:10 2011 GMT
>         Subject: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston
>         Subject Public Key Info:
>             Public Key Algorithm: rsaEncryption
>             RSA Public Key: (1024 bit)
>                 Modulus (1024 bit):
>                     00:a0:c0:b1:09:4e:c3:3e:66:c9:79:ef:03:45:9e:
>                     98:6a:f0:02:12:07:45:cf:6c:9d:d8:19:b5:ec:1b:
>                     ed:37:91:44:d3:71:ad:7f:92:34:53:29:e4:06:df:
>                     fc:bc:4e:86:68:5c:3b:0a:83:79:47:53:2a:37:70:
>                     bf:a9:a9:12:15:2a:0a:73:c8:e5:a2:1e:72:aa:b1:
>                     17:b7:97:e1:06:4b:c4:a1:6e:3b:59:d0:e4:2f:65:
>                     90:d5:18:a8:ac:5d:8a:0b:a1:dc:f1:e0:39:e8:96:
>                     d5:7c:dd:be:28:3f:fc:f9:0e:f5:2b:5d:f5:a1:f2:
>                     32:f5:9c:ee:4e:9b:06:6f:73
>                 Exponent: 65537 (0x10001)
>         X509v3 extensions:
>             X509v3 Subject Alternative Name: critical
>                 DNS:hospitalusesindivo.directdivo.org
>     Signature Algorithm: sha1WithRSAEncryption
>         34:3a:90:f0:57:da:2b:ff:f8:bf:13:20:5b:7a:ba:1f:cd:80:
>         bd:22:20:05:6d:07:b5:5c:f6:c8:b8:f7:05:c6:5a:91:64:ca:
>         62:41:65:9e:6f:c0:cb:c4:79:c3:ed:55:0d:52:20:be:86:3c:
>         1f:36:f2:ea:69:33:fa:a2:96:9f:01:d1:2d:97:cc:9a:08:58:
>         dd:85:a8:cc:64:d0:b0:5d:1b:57:19:b0:de:e9:e3:f6:ea:11:
>         3e:b8:09:26:b5:14:82:07:d9:30:dc:a1:8e:00:23:32:45:62:
>         1b:79:84:55:97:13:68:c4:19:8e:5f:de:01:34:23:58:d4:d1:
>         11:f7
>
>
> = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
>  = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
>
>
> VIA org.bouncycastle.cert.X509v3CertificateBuilder
> ================================
>
> Certificate:
>     Data:
>         Version: 3 (0x2)
>         Serial Number: 0 (0x0)
>         Signature Algorithm: sha1WithRSA
>         Issuer: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston/emailAddress=[hidden email]
>         Validity
>             Not Before: Apr 26 03:45:34 2011 GMT
>             Not After : Oct 26 03:45:34 2011 GMT
>         Subject: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston/emailAddress=[hidden email]
>         Subject Public Key Info:
>             Public Key Algorithm: rsaEncryption
>             RSA Public Key: (17 bit)
>                 Modulus (17 bit): 65537 (0x10001)
>                 Exponent:
>                     00:d2:45:a4:c4:6e:90:4c:65:88:df:44:55:b4:d1:
>                     b0:65:b3:f1:b0:b1:bf:41:2a:3c:52:de:0d:af:31:
>                     49:e8:90:b3:c0:eb:8b:a4:3b:02:2f:c0:e8:74:5c:
>                     58:95:98:9a:10:e7:a7:d3:dc:a1:13:65:13:d7:df:
>                     86:51:f0:aa:3b:65:a2:d2:1e:48:7e:ef:ac:a7:41:
>                     6f:98:8a:6d:cc:9a:fc:7b:c8:67:75:d9:23:c3:39:
>                     26:1c:f8:9c:4c:e9:d9:f5:ff:0a:04:c4:5f:1c:be:
>                     27:8f:c7:7b:02:b2:5e:3c:50:c2:9d:86:80:32:a9:
>                     d6:65:bd:21:7f:8d:1c:8e:d3
>         X509v3 extensions:
>             X509v3 Subject Alternative Name: critical
>                 ..direct.childrens.harvard.edu
>     Signature Algorithm: sha1WithRSA
>         b4:cf:36:b6:c8:cd:2f:76:e8:00:a3:fa:06:c8:0c:fd:92:27:
>         f4:4a:2e:38:ef:51:a2:d2:b7:ef:a8:9c:bc:38:2d:17:d9:2d:
>         fb:51:da:12:d3:48:7f:d9:35:61:e6:d2:1a:db:82:1c:3b:da:
>         a3:a5:df:95:5a:a4:ae:79:c8:3b:7c:ec:20:12:e3:e7:c1:68:
>         06:97:23:6b:55:ad:ec:0c:ea:85:81:61:65:7d:79:61:ad:4f:
>         9a:7b:15:99:9f:7e:a9:b9:6d:6f:f1:81:9f:1d:88:57:3d:ee:
>         53:7b:3d:97:da:47:b8:b3:72:b6:80:df:dd:61:4f:87:db:2b:
>         5d:21
>
>
> = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
>  = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
>




Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: X509v3CertificateBuilder - Modulus / Exponent confusion - Java Release 1.46

David Hook-2

The outer GeneralNames sequence is missing.

Try:

cbldr.subjectAlternativeName, false, new GeneralNames(new
GeneralName(GeneralName.dNSName, "direct.childrens.harvard.edu")));

Regards,

David

On Tue, 2011-04-26 at 15:41 -0400, Finstein, Nathan wrote:

> David,
>
>    I had the args reversed in the RSAPublicKeyStructure constructor.
>
>                 new org.bouncycastle.asn1.x509.RSAPublicKeyStructure(
>                     ((RSAKeyParameters) bcKeyPair.getPublic()).getExponent(),
>                     ((RSAKeyParameters) bcKeyPair.getPublic()).getModulus() )
>
> instead of:
>
>                 new org.bouncycastle.asn1.x509.RSAPublicKeyStructure(
>                     ((RSAKeyParameters) bcKeyPair.getPublic()).getModulus(),
>                     ((RSAKeyParameters) bcKeyPair.getPublic()).getExponent() )
>
>      Thanks
>
>
>     Now I am stuck trying to figure out how to add subjectAlternativeName
>
> this seems to work:
>         cbldr = cbldr.addExtension(
>                 X509Extension.subjectAlternativeName,
>                 true,
>                 new org.bouncycastle.asn1.DERTaggedObject(2,
>                        new org.bouncycastle.asn1.DERIA5String("direct.childrens.harvard.edu",true) ) );
>
> but later ...
>              certH = cbldr.build(
>                     new BcRSAContentSignerBuilder(certSigAlgId, certDigAlg).build(cps));
>
>             byte[] derEncoded = certH.getEncoded();
>             ByteArrayInputStream certBais = new ByteArrayInputStream(derEncoded);
>             retVal = (X509Certificate)
>                     CertificateFactory.getInstance("X.509").generateCertificate(certBais);
>
>
>
> "CertificateFactory.getInstance("X.509").generateCertificate(certBais)"
> threw an exception:
>
> Caused by: java.security.cert.CertificateParsingException: java.io.IOException: Invalid encoding for GeneralNames.
> at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:171)
> at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1747)
> at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:196)
> at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:107)
> at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:322)
> at org.indivo.direct.KeyGen.createSelfSignedV3TestPrivateCertBouncy(KeyGen.java:185)
> ... 1 more
> Caused by: java.io.IOException: Invalid encoding for GeneralNames.
> at sun.security.x509.GeneralNames.<init>(GeneralNames.java:58)
> at sun.security.x509.SubjectAlternativeNameExtension.<init>(SubjectAlternativeNameExtension.java:141)
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
> at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:532)
> at sun.security.x509.CertificateExtensions.parseExtension(CertificateExtensions.java:111)
> at sun.security.x509.CertificateExtensions.init(CertificateExtensions.java:87)
> at sun.security.x509.CertificateExtensions.<init>(CertificateExtensions.java:77)
> at sun.security.x509.X509CertInfo.parse(X509CertInfo.java:740)
> at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:169)
> ... 6 more
>
>
>
>
> ________________________________________
> From: David Hook [[hidden email]]
> Sent: Tuesday, April 26, 2011 1:00 PM
> To: [hidden email]
> Subject: Re: [dev-crypto] X509v3CertificateBuilder - Modulus / Exponent confusion - Java Release 1.46
>
> You might want to check what is happening here again - both these
> classes use the results of PublicKey.getEncoded() to create the RSA
> public key structure.
>
> It looks like the key passed to the second certificate has been reversed
> - it would clearly be invalid (which would also mean all the relevant
> tests would fail...)
>
> Regards,
>
> David
>
> On Tue, 2011-04-26 at 10:12 -0400, Finstein, Nathan wrote:
> > Below are representations of certs, the first built using the deprecated X509V3CertificateGenerator, the second built using the new X509v3CertificateBuilder.
> >
> > the certs are displayed using: "openssl x509 -inform DER -in mycertX.crt -noout -text"
> >
> > Note that the ...Generator creates a cert with a 1024 bit Modules and integer Exponent, which looks like what openSSL does.  the new ...Builder creates a cert with the integer as Modulus and a (1024 bit?) Exponent!
> >
> > VIA org.bouncycastle.x509.X509V3CertificateGenerator
> > ===================================
> >
> > Certificate:
> >     Data:
> >         Version: 3 (0x2)
> >         Serial Number: 1 (0x1)
> >         Signature Algorithm: sha1WithRSAEncryption
> >         Issuer: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston
> >         Validity
> >             Not Before: Apr 26 04:11:10 2011 GMT
> >             Not After : Oct 26 04:11:10 2011 GMT
> >         Subject: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston
> >         Subject Public Key Info:
> >             Public Key Algorithm: rsaEncryption
> >             RSA Public Key: (1024 bit)
> >                 Modulus (1024 bit):
> >                     00:a0:c0:b1:09:4e:c3:3e:66:c9:79:ef:03:45:9e:
> >                     98:6a:f0:02:12:07:45:cf:6c:9d:d8:19:b5:ec:1b:
> >                     ed:37:91:44:d3:71:ad:7f:92:34:53:29:e4:06:df:
> >                     fc:bc:4e:86:68:5c:3b:0a:83:79:47:53:2a:37:70:
> >                     bf:a9:a9:12:15:2a:0a:73:c8:e5:a2:1e:72:aa:b1:
> >                     17:b7:97:e1:06:4b:c4:a1:6e:3b:59:d0:e4:2f:65:
> >                     90:d5:18:a8:ac:5d:8a:0b:a1:dc:f1:e0:39:e8:96:
> >                     d5:7c:dd:be:28:3f:fc:f9:0e:f5:2b:5d:f5:a1:f2:
> >                     32:f5:9c:ee:4e:9b:06:6f:73
> >                 Exponent: 65537 (0x10001)
> >         X509v3 extensions:
> >             X509v3 Subject Alternative Name: critical
> >                 DNS:hospitalusesindivo.directdivo.org
> >     Signature Algorithm: sha1WithRSAEncryption
> >         34:3a:90:f0:57:da:2b:ff:f8:bf:13:20:5b:7a:ba:1f:cd:80:
> >         bd:22:20:05:6d:07:b5:5c:f6:c8:b8:f7:05:c6:5a:91:64:ca:
> >         62:41:65:9e:6f:c0:cb:c4:79:c3:ed:55:0d:52:20:be:86:3c:
> >         1f:36:f2:ea:69:33:fa:a2:96:9f:01:d1:2d:97:cc:9a:08:58:
> >         dd:85:a8:cc:64:d0:b0:5d:1b:57:19:b0:de:e9:e3:f6:ea:11:
> >         3e:b8:09:26:b5:14:82:07:d9:30:dc:a1:8e:00:23:32:45:62:
> >         1b:79:84:55:97:13:68:c4:19:8e:5f:de:01:34:23:58:d4:d1:
> >         11:f7
> >
> >
> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
> >  = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
> >
> >
> > VIA org.bouncycastle.cert.X509v3CertificateBuilder
> > ================================
> >
> > Certificate:
> >     Data:
> >         Version: 3 (0x2)
> >         Serial Number: 0 (0x0)
> >         Signature Algorithm: sha1WithRSA
> >         Issuer: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston/emailAddress=[hidden email]
> >         Validity
> >             Not Before: Apr 26 03:45:34 2011 GMT
> >             Not After : Oct 26 03:45:34 2011 GMT
> >         Subject: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston/emailAddress=[hidden email]
> >         Subject Public Key Info:
> >             Public Key Algorithm: rsaEncryption
> >             RSA Public Key: (17 bit)
> >                 Modulus (17 bit): 65537 (0x10001)
> >                 Exponent:
> >                     00:d2:45:a4:c4:6e:90:4c:65:88:df:44:55:b4:d1:
> >                     b0:65:b3:f1:b0:b1:bf:41:2a:3c:52:de:0d:af:31:
> >                     49:e8:90:b3:c0:eb:8b:a4:3b:02:2f:c0:e8:74:5c:
> >                     58:95:98:9a:10:e7:a7:d3:dc:a1:13:65:13:d7:df:
> >                     86:51:f0:aa:3b:65:a2:d2:1e:48:7e:ef:ac:a7:41:
> >                     6f:98:8a:6d:cc:9a:fc:7b:c8:67:75:d9:23:c3:39:
> >                     26:1c:f8:9c:4c:e9:d9:f5:ff:0a:04:c4:5f:1c:be:
> >                     27:8f:c7:7b:02:b2:5e:3c:50:c2:9d:86:80:32:a9:
> >                     d6:65:bd:21:7f:8d:1c:8e:d3
> >         X509v3 extensions:
> >             X509v3 Subject Alternative Name: critical
> >                 ..direct.childrens.harvard.edu
> >     Signature Algorithm: sha1WithRSA
> >         b4:cf:36:b6:c8:cd:2f:76:e8:00:a3:fa:06:c8:0c:fd:92:27:
> >         f4:4a:2e:38:ef:51:a2:d2:b7:ef:a8:9c:bc:38:2d:17:d9:2d:
> >         fb:51:da:12:d3:48:7f:d9:35:61:e6:d2:1a:db:82:1c:3b:da:
> >         a3:a5:df:95:5a:a4:ae:79:c8:3b:7c:ec:20:12:e3:e7:c1:68:
> >         06:97:23:6b:55:ad:ec:0c:ea:85:81:61:65:7d:79:61:ad:4f:
> >         9a:7b:15:99:9f:7e:a9:b9:6d:6f:f1:81:9f:1d:88:57:3d:ee:
> >         53:7b:3d:97:da:47:b8:b3:72:b6:80:df:dd:61:4f:87:db:2b:
> >         5d:21
> >
> >
> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
> >  = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
> >
>
>
>
>



Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: X509v3CertificateBuilder - Modulus / Exponent confusion - Java Release 1.46

Finstein, Nathan
>>The outer GeneralNames sequence is missing.
>>
>>Try:
>>cbldr.subjectAlternativeName, false, new GeneralNames(new
>>GeneralName(GeneralName.dNSName, "direct.childrens.harvard.edu")));


I used ''new ASN1ObjectIdentifier("2.5.29.17")'' because there seems not to be a ''cbldr.subjectAlternativeName,''

This worked better.  But the result seems incompatible with java keytool

      X509v3CertificateBuilder cbldr = new X509v3CertificateBuilder(
                /*issuer  subject because self-signed*/ subject, serialNumber, startDate, expiryDate, subject, publicKeyInfo);

        cbldr = cbldr.addExtension(
                new ASN1ObjectIdentifier("2.5.29.17"), //  D.H. says cbldr.subjectAlternativeName,
                false,
                new GeneralNames(new GeneralName(GeneralName.dNSName, "direct.childrens.harvard.edu") ) );
       
        org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters cps =
                (org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters) bcKeyPair.getPrivate();

        org.bouncycastle.cert.X509CertificateHolder certH = null;
            org.bouncycastle.asn1.x509.AlgorithmIdentifier certSigAlgId =
                    new org.bouncycastle.asn1.x509.AlgorithmIdentifier("1.3.14.3.2.29");
            org.bouncycastle.asn1.x509.AlgorithmIdentifier certDigAlg =
                    new org.bouncycastle.asn1.x509.AlgorithmIdentifier(org.bouncycastle.asn1.oiw.OIWObjectIdentifiers.idSHA1);
            certH = cbldr.build(
                    new BcRSAContentSignerBuilder(
                            certSigAlgId, certDigAlg)
                                    .build(cps));

            byte[] derEncoded = certH.getEncoded();
            ByteArrayInputStream certBais = new ByteArrayInputStream(derEncoded);
            X509Certificate certToUse = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(certBais);

            KeyStore ks = KeyStore.getInstance("jks");
            ks.load(null);
            ks.setCertificateEntry("outgoing", certToUse);
            char[] ksPass = new char["NHIN".length()];
            for (int ii = 0; ii < "NHIN".length(); ii++) { char cc = "NHIN".charAt(ii); ksPass[ii] = cc; }
            ks.store(new FileOutputStream(new File(outputDir,"out_keystore")), ksPass);



 keytool -v -keystore out_keystore -list

keytool error: java.security.cert.CertificateParsingException: java.io.IOException: extra data given to DerValue constructor
java.security.cert.CertificateParsingException: java.io.IOException: extra data given to DerValue constructor
        at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:171)
        at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1747)
        at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:196)
        at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:107)
        at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:322)
        at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:763)
        at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55)
        at java.security.KeyStore.load(KeyStore.java:1201)
        at sun.security.tools.KeyTool.doCommands(KeyTool.java:647)
        at sun.security.tools.KeyTool.run(KeyTool.java:194)
        at sun.security.tools.KeyTool.main(KeyTool.java:188)
Caused by: java.io.IOException: extra data given to DerValue constructor
        at sun.security.util.DerValue.init(DerValue.java:386)
        at sun.security.util.DerValue.<init>(DerValue.java:294)
        at sun.security.x509.SubjectAlternativeNameExtension.<init>(SubjectAlternativeNameExtension.java:135)
        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
        at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
        at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
        at java.lang.reflect.Constructor.newInstance(Constructor.java:532)
        at sun.security.x509.CertificateExtensions.parseExtension(CertificateExtensions.java:111)
        at sun.security.x509.CertificateExtensions.init(CertificateExtensions.java:87)
        at sun.security.x509.CertificateExtensions.<init>(CertificateExtensions.java:77)
        at sun.security.x509.X509CertInfo.parse(X509CertInfo.java:740)
        at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:169)
        ... 10 more




for what it's worth, I did a hex-print of the result of new GeneralNames....



            byte[] gnb = new GeneralNames(new GeneralName(GeneralName.dNSName, "direct.childrens.harvard.edu") )
                    .toASN1Object().getEncoded();
        System.out.println("GeneralNames: "  + natesUtils.ToHex.toHex(gnb));

it looks like this: GeneralNames: 30 1E FFFD 1C 64 69 72 65 63 74 2E 63 68 69 6C 64 72 65 6E 73 2E 68 61 72 76 61 72 64 2E 65 64 75

I don't have an easy way to access the sun classes, so I have not dug deeper into what is going on inside them.



________________________________________
From: David Hook [[hidden email]]
Sent: Tuesday, April 26, 2011 6:18 PM
To: [hidden email]
Subject: RE: [dev-crypto] X509v3CertificateBuilder - Modulus / Exponent confusion - Java Release 1.46

The outer GeneralNames sequence is missing.

Try:

cbldr.subjectAlternativeName, false, new GeneralNames(new
GeneralName(GeneralName.dNSName, "direct.childrens.harvard.edu")));

Regards,

David

On Tue, 2011-04-26 at 15:41 -0400, Finstein, Nathan wrote:

> David,
>
>    I had the args reversed in the RSAPublicKeyStructure constructor.
>
>                 new org.bouncycastle.asn1.x509.RSAPublicKeyStructure(
>                     ((RSAKeyParameters) bcKeyPair.getPublic()).getExponent(),
>                     ((RSAKeyParameters) bcKeyPair.getPublic()).getModulus() )
>
> instead of:
>
>                 new org.bouncycastle.asn1.x509.RSAPublicKeyStructure(
>                     ((RSAKeyParameters) bcKeyPair.getPublic()).getModulus(),
>                     ((RSAKeyParameters) bcKeyPair.getPublic()).getExponent() )
>
>      Thanks
>
>
>     Now I am stuck trying to figure out how to add subjectAlternativeName
>
> this seems to work:
>         cbldr = cbldr.addExtension(
>                 X509Extension.subjectAlternativeName,
>                 true,
>                 new org.bouncycastle.asn1.DERTaggedObject(2,
>                        new org.bouncycastle.asn1.DERIA5String("direct.childrens.harvard.edu",true) ) );
>
> but later ...
>              certH = cbldr.build(
>                     new BcRSAContentSignerBuilder(certSigAlgId, certDigAlg).build(cps));
>
>             byte[] derEncoded = certH.getEncoded();
>             ByteArrayInputStream certBais = new ByteArrayInputStream(derEncoded);
>             retVal = (X509Certificate)
>                     CertificateFactory.getInstance("X.509").generateCertificate(certBais);
>
>
>
> "CertificateFactory.getInstance("X.509").generateCertificate(certBais)"
> threw an exception:
>
> Caused by: java.security.cert.CertificateParsingException: java.io.IOException: Invalid encoding for GeneralNames.
>       at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:171)
>       at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1747)
>       at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:196)
>       at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:107)
>       at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:322)
>       at org.indivo.direct.KeyGen.createSelfSignedV3TestPrivateCertBouncy(KeyGen.java:185)
>       ... 1 more
> Caused by: java.io.IOException: Invalid encoding for GeneralNames.
>       at sun.security.x509.GeneralNames.<init>(GeneralNames.java:58)
>       at sun.security.x509.SubjectAlternativeNameExtension.<init>(SubjectAlternativeNameExtension.java:141)
>       at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
>       at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
>       at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
>       at java.lang.reflect.Constructor.newInstance(Constructor.java:532)
>       at sun.security.x509.CertificateExtensions.parseExtension(CertificateExtensions.java:111)
>       at sun.security.x509.CertificateExtensions.init(CertificateExtensions.java:87)
>       at sun.security.x509.CertificateExtensions.<init>(CertificateExtensions.java:77)
>       at sun.security.x509.X509CertInfo.parse(X509CertInfo.java:740)
>       at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:169)
>       ... 6 more
>
>
>
>
> ________________________________________
> From: David Hook [[hidden email]]
> Sent: Tuesday, April 26, 2011 1:00 PM
> To: [hidden email]
> Subject: Re: [dev-crypto] X509v3CertificateBuilder - Modulus / Exponent confusion - Java Release 1.46
>
> You might want to check what is happening here again - both these
> classes use the results of PublicKey.getEncoded() to create the RSA
> public key structure.
>
> It looks like the key passed to the second certificate has been reversed
> - it would clearly be invalid (which would also mean all the relevant
> tests would fail...)
>
> Regards,
>
> David
>
> On Tue, 2011-04-26 at 10:12 -0400, Finstein, Nathan wrote:
> > Below are representations of certs, the first built using the deprecated X509V3CertificateGenerator, the second built using the new X509v3CertificateBuilder.
> >
> > the certs are displayed using: "openssl x509 -inform DER -in mycertX.crt -noout -text"
> >
> > Note that the ...Generator creates a cert with a 1024 bit Modules and integer Exponent, which looks like what openSSL does.  the new ...Builder creates a cert with the integer as Modulus and a (1024 bit?) Exponent!
> >
> > VIA org.bouncycastle.x509.X509V3CertificateGenerator
> > ===================================
> >
> > Certificate:
> >     Data:
> >         Version: 3 (0x2)
> >         Serial Number: 1 (0x1)
> >         Signature Algorithm: sha1WithRSAEncryption
> >         Issuer: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston
> >         Validity
> >             Not Before: Apr 26 04:11:10 2011 GMT
> >             Not After : Oct 26 04:11:10 2011 GMT
> >         Subject: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston
> >         Subject Public Key Info:
> >             Public Key Algorithm: rsaEncryption
> >             RSA Public Key: (1024 bit)
> >                 Modulus (1024 bit):
> >                     00:a0:c0:b1:09:4e:c3:3e:66:c9:79:ef:03:45:9e:
> >                     98:6a:f0:02:12:07:45:cf:6c:9d:d8:19:b5:ec:1b:
> >                     ed:37:91:44:d3:71:ad:7f:92:34:53:29:e4:06:df:
> >                     fc:bc:4e:86:68:5c:3b:0a:83:79:47:53:2a:37:70:
> >                     bf:a9:a9:12:15:2a:0a:73:c8:e5:a2:1e:72:aa:b1:
> >                     17:b7:97:e1:06:4b:c4:a1:6e:3b:59:d0:e4:2f:65:
> >                     90:d5:18:a8:ac:5d:8a:0b:a1:dc:f1:e0:39:e8:96:
> >                     d5:7c:dd:be:28:3f:fc:f9:0e:f5:2b:5d:f5:a1:f2:
> >                     32:f5:9c:ee:4e:9b:06:6f:73
> >                 Exponent: 65537 (0x10001)
> >         X509v3 extensions:
> >             X509v3 Subject Alternative Name: critical
> >                 DNS:hospitalusesindivo.directdivo.org
> >     Signature Algorithm: sha1WithRSAEncryption
> >         34:3a:90:f0:57:da:2b:ff:f8:bf:13:20:5b:7a:ba:1f:cd:80:
> >         bd:22:20:05:6d:07:b5:5c:f6:c8:b8:f7:05:c6:5a:91:64:ca:
> >         62:41:65:9e:6f:c0:cb:c4:79:c3:ed:55:0d:52:20:be:86:3c:
> >         1f:36:f2:ea:69:33:fa:a2:96:9f:01:d1:2d:97:cc:9a:08:58:
> >         dd:85:a8:cc:64:d0:b0:5d:1b:57:19:b0:de:e9:e3:f6:ea:11:
> >         3e:b8:09:26:b5:14:82:07:d9:30:dc:a1:8e:00:23:32:45:62:
> >         1b:79:84:55:97:13:68:c4:19:8e:5f:de:01:34:23:58:d4:d1:
> >         11:f7
> >
> >
> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
> >  = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
> >
> >
> > VIA org.bouncycastle.cert.X509v3CertificateBuilder
> > ================================
> >
> > Certificate:
> >     Data:
> >         Version: 3 (0x2)
> >         Serial Number: 0 (0x0)
> >         Signature Algorithm: sha1WithRSA
> >         Issuer: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston/emailAddress=[hidden email]
> >         Validity
> >             Not Before: Apr 26 03:45:34 2011 GMT
> >             Not After : Oct 26 03:45:34 2011 GMT
> >         Subject: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston/emailAddress=[hidden email]
> >         Subject Public Key Info:
> >             Public Key Algorithm: rsaEncryption
> >             RSA Public Key: (17 bit)
> >                 Modulus (17 bit): 65537 (0x10001)
> >                 Exponent:
> >                     00:d2:45:a4:c4:6e:90:4c:65:88:df:44:55:b4:d1:
> >                     b0:65:b3:f1:b0:b1:bf:41:2a:3c:52:de:0d:af:31:
> >                     49:e8:90:b3:c0:eb:8b:a4:3b:02:2f:c0:e8:74:5c:
> >                     58:95:98:9a:10:e7:a7:d3:dc:a1:13:65:13:d7:df:
> >                     86:51:f0:aa:3b:65:a2:d2:1e:48:7e:ef:ac:a7:41:
> >                     6f:98:8a:6d:cc:9a:fc:7b:c8:67:75:d9:23:c3:39:
> >                     26:1c:f8:9c:4c:e9:d9:f5:ff:0a:04:c4:5f:1c:be:
> >                     27:8f:c7:7b:02:b2:5e:3c:50:c2:9d:86:80:32:a9:
> >                     d6:65:bd:21:7f:8d:1c:8e:d3
> >         X509v3 extensions:
> >             X509v3 Subject Alternative Name: critical
> >                 ..direct.childrens.harvard.edu
> >     Signature Algorithm: sha1WithRSA
> >         b4:cf:36:b6:c8:cd:2f:76:e8:00:a3:fa:06:c8:0c:fd:92:27:
> >         f4:4a:2e:38:ef:51:a2:d2:b7:ef:a8:9c:bc:38:2d:17:d9:2d:
> >         fb:51:da:12:d3:48:7f:d9:35:61:e6:d2:1a:db:82:1c:3b:da:
> >         a3:a5:df:95:5a:a4:ae:79:c8:3b:7c:ec:20:12:e3:e7:c1:68:
> >         06:97:23:6b:55:ad:ec:0c:ea:85:81:61:65:7d:79:61:ad:4f:
> >         9a:7b:15:99:9f:7e:a9:b9:6d:6f:f1:81:9f:1d:88:57:3d:ee:
> >         53:7b:3d:97:da:47:b8:b3:72:b6:80:df:dd:61:4f:87:db:2b:
> >         5d:21
> >
> >
> > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
> >  = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
> >
>
>
>
>




Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: X509v3CertificateBuilder - Modulus / Exponent confusion - Java Release 1.46

David Hook-2


That should have been cbldr(X509Extension.subjectAlternativeName, ....

What does the full dump of the resulting certificate look like? If you
can email it to me.

Regards,

David

On Wed, 2011-04-27 at 14:58 -0400, Finstein, Nathan wrote:

> >>The outer GeneralNames sequence is missing.
> >>
> >>Try:
> >>cbldr.subjectAlternativeName, false, new GeneralNames(new
> >>GeneralName(GeneralName.dNSName, "direct.childrens.harvard.edu")));
>
>
> I used ''new ASN1ObjectIdentifier("2.5.29.17")'' because there seems not to be a ''cbldr.subjectAlternativeName,''
>
> This worked better.  But the result seems incompatible with java keytool
>
>       X509v3CertificateBuilder cbldr = new X509v3CertificateBuilder(
>                 /*issuer  subject because self-signed*/ subject, serialNumber, startDate, expiryDate, subject, publicKeyInfo);
>
>         cbldr = cbldr.addExtension(
>                 new ASN1ObjectIdentifier("2.5.29.17"), //  D.H. says cbldr.subjectAlternativeName,
>                 false,
>                 new GeneralNames(new GeneralName(GeneralName.dNSName, "direct.childrens.harvard.edu") ) );
>        
>         org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters cps =
>                 (org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters) bcKeyPair.getPrivate();
>
>         org.bouncycastle.cert.X509CertificateHolder certH = null;
>             org.bouncycastle.asn1.x509.AlgorithmIdentifier certSigAlgId =
>                     new org.bouncycastle.asn1.x509.AlgorithmIdentifier("1.3.14.3.2.29");
>             org.bouncycastle.asn1.x509.AlgorithmIdentifier certDigAlg =
>                     new org.bouncycastle.asn1.x509.AlgorithmIdentifier(org.bouncycastle.asn1.oiw.OIWObjectIdentifiers.idSHA1);
>             certH = cbldr.build(
>                     new BcRSAContentSignerBuilder(
>                             certSigAlgId, certDigAlg)
>                                     .build(cps));
>
>             byte[] derEncoded = certH.getEncoded();
>             ByteArrayInputStream certBais = new ByteArrayInputStream(derEncoded);
>             X509Certificate certToUse = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(certBais);
>
>             KeyStore ks = KeyStore.getInstance("jks");
>             ks.load(null);
>             ks.setCertificateEntry("outgoing", certToUse);
>             char[] ksPass = new char["NHIN".length()];
>             for (int ii = 0; ii < "NHIN".length(); ii++) { char cc = "NHIN".charAt(ii); ksPass[ii] = cc; }
>             ks.store(new FileOutputStream(new File(outputDir,"out_keystore")), ksPass);
>
>
>
>  keytool -v -keystore out_keystore -list
>
> keytool error: java.security.cert.CertificateParsingException: java.io.IOException: extra data given to DerValue constructor
> java.security.cert.CertificateParsingException: java.io.IOException: extra data given to DerValue constructor
> at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:171)
> at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1747)
> at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:196)
> at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:107)
> at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:322)
> at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:763)
> at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55)
> at java.security.KeyStore.load(KeyStore.java:1201)
> at sun.security.tools.KeyTool.doCommands(KeyTool.java:647)
> at sun.security.tools.KeyTool.run(KeyTool.java:194)
> at sun.security.tools.KeyTool.main(KeyTool.java:188)
> Caused by: java.io.IOException: extra data given to DerValue constructor
> at sun.security.util.DerValue.init(DerValue.java:386)
> at sun.security.util.DerValue.<init>(DerValue.java:294)
> at sun.security.x509.SubjectAlternativeNameExtension.<init>(SubjectAlternativeNameExtension.java:135)
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
> at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:532)
> at sun.security.x509.CertificateExtensions.parseExtension(CertificateExtensions.java:111)
> at sun.security.x509.CertificateExtensions.init(CertificateExtensions.java:87)
> at sun.security.x509.CertificateExtensions.<init>(CertificateExtensions.java:77)
> at sun.security.x509.X509CertInfo.parse(X509CertInfo.java:740)
> at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:169)
> ... 10 more
>
>
>
>
> for what it's worth, I did a hex-print of the result of new GeneralNames....
>
>
>
>             byte[] gnb = new GeneralNames(new GeneralName(GeneralName.dNSName, "direct.childrens.harvard.edu") )
>                     .toASN1Object().getEncoded();
>         System.out.println("GeneralNames: "  + natesUtils.ToHex.toHex(gnb));
>
> it looks like this: GeneralNames: 30 1E FFFD 1C 64 69 72 65 63 74 2E 63 68 69 6C 64 72 65 6E 73 2E 68 61 72 76 61 72 64 2E 65 64 75
>
> I don't have an easy way to access the sun classes, so I have not dug deeper into what is going on inside them.
>
>
>
> ________________________________________
> From: David Hook [[hidden email]]
> Sent: Tuesday, April 26, 2011 6:18 PM
> To: [hidden email]
> Subject: RE: [dev-crypto] X509v3CertificateBuilder - Modulus / Exponent confusion - Java Release 1.46
>
> The outer GeneralNames sequence is missing.
>
> Try:
>
> cbldr.subjectAlternativeName, false, new GeneralNames(new
> GeneralName(GeneralName.dNSName, "direct.childrens.harvard.edu")));
>
> Regards,
>
> David
>
> On Tue, 2011-04-26 at 15:41 -0400, Finstein, Nathan wrote:
> > David,
> >
> >    I had the args reversed in the RSAPublicKeyStructure constructor.
> >
> >                 new org.bouncycastle.asn1.x509.RSAPublicKeyStructure(
> >                     ((RSAKeyParameters) bcKeyPair.getPublic()).getExponent(),
> >                     ((RSAKeyParameters) bcKeyPair.getPublic()).getModulus() )
> >
> > instead of:
> >
> >                 new org.bouncycastle.asn1.x509.RSAPublicKeyStructure(
> >                     ((RSAKeyParameters) bcKeyPair.getPublic()).getModulus(),
> >                     ((RSAKeyParameters) bcKeyPair.getPublic()).getExponent() )
> >
> >      Thanks
> >
> >
> >     Now I am stuck trying to figure out how to add subjectAlternativeName
> >
> > this seems to work:
> >         cbldr = cbldr.addExtension(
> >                 X509Extension.subjectAlternativeName,
> >                 true,
> >                 new org.bouncycastle.asn1.DERTaggedObject(2,
> >                        new org.bouncycastle.asn1.DERIA5String("direct.childrens.harvard.edu",true) ) );
> >
> > but later ...
> >              certH = cbldr.build(
> >                     new BcRSAContentSignerBuilder(certSigAlgId, certDigAlg).build(cps));
> >
> >             byte[] derEncoded = certH.getEncoded();
> >             ByteArrayInputStream certBais = new ByteArrayInputStream(derEncoded);
> >             retVal = (X509Certificate)
> >                     CertificateFactory.getInstance("X.509").generateCertificate(certBais);
> >
> >
> >
> > "CertificateFactory.getInstance("X.509").generateCertificate(certBais)"
> > threw an exception:
> >
> > Caused by: java.security.cert.CertificateParsingException: java.io.IOException: Invalid encoding for GeneralNames.
> >       at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:171)
> >       at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1747)
> >       at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:196)
> >       at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:107)
> >       at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:322)
> >       at org.indivo.direct.KeyGen.createSelfSignedV3TestPrivateCertBouncy(KeyGen.java:185)
> >       ... 1 more
> > Caused by: java.io.IOException: Invalid encoding for GeneralNames.
> >       at sun.security.x509.GeneralNames.<init>(GeneralNames.java:58)
> >       at sun.security.x509.SubjectAlternativeNameExtension.<init>(SubjectAlternativeNameExtension.java:141)
> >       at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> >       at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
> >       at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> >       at java.lang.reflect.Constructor.newInstance(Constructor.java:532)
> >       at sun.security.x509.CertificateExtensions.parseExtension(CertificateExtensions.java:111)
> >       at sun.security.x509.CertificateExtensions.init(CertificateExtensions.java:87)
> >       at sun.security.x509.CertificateExtensions.<init>(CertificateExtensions.java:77)
> >       at sun.security.x509.X509CertInfo.parse(X509CertInfo.java:740)
> >       at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:169)
> >       ... 6 more
> >
> >
> >
> >
> > ________________________________________
> > From: David Hook [[hidden email]]
> > Sent: Tuesday, April 26, 2011 1:00 PM
> > To: [hidden email]
> > Subject: Re: [dev-crypto] X509v3CertificateBuilder - Modulus / Exponent confusion - Java Release 1.46
> >
> > You might want to check what is happening here again - both these
> > classes use the results of PublicKey.getEncoded() to create the RSA
> > public key structure.
> >
> > It looks like the key passed to the second certificate has been reversed
> > - it would clearly be invalid (which would also mean all the relevant
> > tests would fail...)
> >
> > Regards,
> >
> > David
> >
> > On Tue, 2011-04-26 at 10:12 -0400, Finstein, Nathan wrote:
> > > Below are representations of certs, the first built using the deprecated X509V3CertificateGenerator, the second built using the new X509v3CertificateBuilder.
> > >
> > > the certs are displayed using: "openssl x509 -inform DER -in mycertX.crt -noout -text"
> > >
> > > Note that the ...Generator creates a cert with a 1024 bit Modules and integer Exponent, which looks like what openSSL does.  the new ...Builder creates a cert with the integer as Modulus and a (1024 bit?) Exponent!
> > >
> > > VIA org.bouncycastle.x509.X509V3CertificateGenerator
> > > ===================================
> > >
> > > Certificate:
> > >     Data:
> > >         Version: 3 (0x2)
> > >         Serial Number: 1 (0x1)
> > >         Signature Algorithm: sha1WithRSAEncryption
> > >         Issuer: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston
> > >         Validity
> > >             Not Before: Apr 26 04:11:10 2011 GMT
> > >             Not After : Oct 26 04:11:10 2011 GMT
> > >         Subject: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston
> > >         Subject Public Key Info:
> > >             Public Key Algorithm: rsaEncryption
> > >             RSA Public Key: (1024 bit)
> > >                 Modulus (1024 bit):
> > >                     00:a0:c0:b1:09:4e:c3:3e:66:c9:79:ef:03:45:9e:
> > >                     98:6a:f0:02:12:07:45:cf:6c:9d:d8:19:b5:ec:1b:
> > >                     ed:37:91:44:d3:71:ad:7f:92:34:53:29:e4:06:df:
> > >                     fc:bc:4e:86:68:5c:3b:0a:83:79:47:53:2a:37:70:
> > >                     bf:a9:a9:12:15:2a:0a:73:c8:e5:a2:1e:72:aa:b1:
> > >                     17:b7:97:e1:06:4b:c4:a1:6e:3b:59:d0:e4:2f:65:
> > >                     90:d5:18:a8:ac:5d:8a:0b:a1:dc:f1:e0:39:e8:96:
> > >                     d5:7c:dd:be:28:3f:fc:f9:0e:f5:2b:5d:f5:a1:f2:
> > >                     32:f5:9c:ee:4e:9b:06:6f:73
> > >                 Exponent: 65537 (0x10001)
> > >         X509v3 extensions:
> > >             X509v3 Subject Alternative Name: critical
> > >                 DNS:hospitalusesindivo.directdivo.org
> > >     Signature Algorithm: sha1WithRSAEncryption
> > >         34:3a:90:f0:57:da:2b:ff:f8:bf:13:20:5b:7a:ba:1f:cd:80:
> > >         bd:22:20:05:6d:07:b5:5c:f6:c8:b8:f7:05:c6:5a:91:64:ca:
> > >         62:41:65:9e:6f:c0:cb:c4:79:c3:ed:55:0d:52:20:be:86:3c:
> > >         1f:36:f2:ea:69:33:fa:a2:96:9f:01:d1:2d:97:cc:9a:08:58:
> > >         dd:85:a8:cc:64:d0:b0:5d:1b:57:19:b0:de:e9:e3:f6:ea:11:
> > >         3e:b8:09:26:b5:14:82:07:d9:30:dc:a1:8e:00:23:32:45:62:
> > >         1b:79:84:55:97:13:68:c4:19:8e:5f:de:01:34:23:58:d4:d1:
> > >         11:f7
> > >
> > >
> > > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
> > >  = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
> > >
> > >
> > > VIA org.bouncycastle.cert.X509v3CertificateBuilder
> > > ================================
> > >
> > > Certificate:
> > >     Data:
> > >         Version: 3 (0x2)
> > >         Serial Number: 0 (0x0)
> > >         Signature Algorithm: sha1WithRSA
> > >         Issuer: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston/emailAddress=[hidden email]
> > >         Validity
> > >             Not Before: Apr 26 03:45:34 2011 GMT
> > >             Not After : Oct 26 03:45:34 2011 GMT
> > >         Subject: CN=Childrens Hospital Boston Indivo Direct, C=US, ST=MA, L=Boston/emailAddress=[hidden email]
> > >         Subject Public Key Info:
> > >             Public Key Algorithm: rsaEncryption
> > >             RSA Public Key: (17 bit)
> > >                 Modulus (17 bit): 65537 (0x10001)
> > >                 Exponent:
> > >                     00:d2:45:a4:c4:6e:90:4c:65:88:df:44:55:b4:d1:
> > >                     b0:65:b3:f1:b0:b1:bf:41:2a:3c:52:de:0d:af:31:
> > >                     49:e8:90:b3:c0:eb:8b:a4:3b:02:2f:c0:e8:74:5c:
> > >                     58:95:98:9a:10:e7:a7:d3:dc:a1:13:65:13:d7:df:
> > >                     86:51:f0:aa:3b:65:a2:d2:1e:48:7e:ef:ac:a7:41:
> > >                     6f:98:8a:6d:cc:9a:fc:7b:c8:67:75:d9:23:c3:39:
> > >                     26:1c:f8:9c:4c:e9:d9:f5:ff:0a:04:c4:5f:1c:be:
> > >                     27:8f:c7:7b:02:b2:5e:3c:50:c2:9d:86:80:32:a9:
> > >                     d6:65:bd:21:7f:8d:1c:8e:d3
> > >         X509v3 extensions:
> > >             X509v3 Subject Alternative Name: critical
> > >                 ..direct.childrens.harvard.edu
> > >     Signature Algorithm: sha1WithRSA
> > >         b4:cf:36:b6:c8:cd:2f:76:e8:00:a3:fa:06:c8:0c:fd:92:27:
> > >         f4:4a:2e:38:ef:51:a2:d2:b7:ef:a8:9c:bc:38:2d:17:d9:2d:
> > >         fb:51:da:12:d3:48:7f:d9:35:61:e6:d2:1a:db:82:1c:3b:da:
> > >         a3:a5:df:95:5a:a4:ae:79:c8:3b:7c:ec:20:12:e3:e7:c1:68:
> > >         06:97:23:6b:55:ad:ec:0c:ea:85:81:61:65:7d:79:61:ad:4f:
> > >         9a:7b:15:99:9f:7e:a9:b9:6d:6f:f1:81:9f:1d:88:57:3d:ee:
> > >         53:7b:3d:97:da:47:b8:b3:72:b6:80:df:dd:61:4f:87:db:2b:
> > >         5d:21
> > >
> > >
> > > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
> > >  = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
> > >
> >
> >
> >
> >
>
>
>
>



Loading...