-
Bug
-
Resolution: Fixed
-
P3
-
1.0, 1.0.2
-
None
-
helms
-
generic, x86
-
generic, windows_2000
We encode the DSA signature of a Diffie-Hellman server key
exchange message incorrectly. This prevents interoperability with
openSSL and other implementations of the DHE_DSS_XXX cipher suites.
============
For the record, here's the exception thrown when
working with openssl 0.9.6b:
[wetmore@bongos] 172 >java -Djavax.net.ssl.trustStore=keystore.dsa -Dcom.sun.net.ssl.dhKeyExchangeFix=false URLReader
Exception in thread "main" javax.net.ssl.SSLException: Server key, java.security.SignatureException: invalid encoding for signature
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(DashoA6275)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275)
at java.io.OutputStream.write(OutputStream.java:61)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275)
at sun.net.www.protocol.https.HttpsClient.afterConnect(DashoA6275)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(DashoA6275)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:549)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(DashoA6275)
at URLReader.main(URLReader.java:42)
exchange message incorrectly. This prevents interoperability with
openSSL and other implementations of the DHE_DSS_XXX cipher suites.
============
For the record, here's the exception thrown when
working with openssl 0.9.6b:
[wetmore@bongos] 172 >java -Djavax.net.ssl.trustStore=keystore.dsa -Dcom.sun.net.ssl.dhKeyExchangeFix=false URLReader
Exception in thread "main" javax.net.ssl.SSLException: Server key, java.security.SignatureException: invalid encoding for signature
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(DashoA6275)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275)
at java.io.OutputStream.write(OutputStream.java:61)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275)
at sun.net.www.protocol.https.HttpsClient.afterConnect(DashoA6275)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(DashoA6275)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:549)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(DashoA6275)
at URLReader.main(URLReader.java:42)
- duplicates
-
-
- Closed
-