Name: nt126004 Date: 11/20/2002


FULL PRODUCT VERSION :
java -version
java version "1.3.1_01"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.3.1_01)
Java HotSpot(TM) Client VM (build 1.3.1_01, mixed mode)


FULL OPERATING SYSTEM VERSION :
SunOS alien 5.8 Generic_111433-02 sun4u sparc SUNW,Ultra-4

ADDITIONAL OPERATING SYSTEMS :
HP-UX shs1 B.11.00 U 9000/800 125901547 unlimited-user
license


A DESCRIPTION OF THE PROBLEM :
A simple java client is used to connect to an SSL server
with requires client authentication. The connection works
fine with my own OpenSSL-generated test certificates, but
when certificates from the CA at the Swedish Post are used,
the connection fails. If I downgrade the client to
JSSE1.0.2 however, everything works fine even with the
certs from Posten. (This bug is a regression, but there was
no 1.0.2 option in the bug report combo box.)

After carefully reading the trace logs from JSSE and
OpenSSL, I know that the step that fails is
CertificateVerify. The server fails to decrypt the
Signature from the client. I know that the server has got
the correct public key in the client Certificate message
and that the server uses this key in the verification. But
the result of the RSA decryption is wrong - "padding check
failed".

I have tried many different combinations, by changing both
the client and server between JDK1.3.1+JSSE1.0.2,
JDK1.3.1+JSSE1.0.3, JDK1.4, JDK1.4.1rc and OpenSSL 0.9.6g.
I've also altered between my cert and cert from Posten. My
observation is:

When the cert from Posten is used on a peer where
JSSE1.0.3, JDK1.4 or JDK1.4.1rc is used, the communication
fails. Otherwise, it works.

I have also examined the cert and key from Posten in
detail, and tried really hard to generate a similar cert
that fails, but failed. I have no idea on which detail in
the cert or key it is that makes the connection fail.

I've tried three different certs from Posten, all fails.


STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1. Use a simple JSSE client, like the Socket example in the
JSSE guide, or my provided Client.java.

2. Use a SSL server, for example the Socket example in the
JSSE guide. But set needClientAuth(true). Or use my
Server.java.

3. Use my provided keystore as keystore and truststore on
both client and server. I know this is a strange
configuration, but it will do to reproduce the bug. If you
want, you can use a more realistic setup with separate
server and client keystores and a truststore. Just be sure
to use my keystore on the client.

4. Start the server, with:
java -Djavax.net.ssl.keyStore=test.keystore -Djavax.net.ssl.keyStorePassword=secret -Djavax.net.ssl.trustStore=test.keystore -Djavax.net.ssl.trustStorePassword=secret -Djavax.net.debug=all

5. Start the client, with:
java -Djavax.net.ssl.keyStore=test.keystore -Djavax.net.ssl.keyStorePassword=secret -Djavax.net.ssl.trustStore=test.keystore -Djavax.net.ssl.trustStorePassword=secret -Djavax.net.debug=all


EXPECTED VERSUS ACTUAL BEHAVIOR :
Expected result, on the client:
"From server: hello from server"

Actual result, client:
main, RECV SSLv3 ALERT: fatal, bad_certificate

Actual result, server:
*** CertificateVerify
main, SEND SSL v3.1 ALERT: fatal, description =
bad_certificate
main, WRITE: SSL v3.1 Alert, length = 2



ERROR MESSAGES/STACK TRACES THAT OCCUR :
This is from the log from an OpenSSL s_server:

Actual result on a OpenSSL server:
SSL_accept:failed in SSLv3 read certificate verify B
ERROR
5578:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is
not 01:rsa_pk1.c:100:
5578:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check
failed:rsa_eay.c:473:
5578:error:1408807A:SSL routines:SSL3_GET_CERT_VERIFY:bad rsa
signature:s3_srvr.c:1647:

REPRODUCIBILITY :
This bug can be reproduced always.

---------- BEGIN SOURCE ----------
Client.java:

import java.io.*;
import javax.net.ssl.*;

public class Client {
    public static void main(String args[]) throws Throwable {
SSLSocketFactory sslFact =
(SSLSocketFactory)SSLSocketFactory.getDefault();
SSLSocket s =
(SSLSocket)sslFact.createSocket("localhost", 11166);
InputStream ins = s.getInputStream();
BufferedReader in = new BufferedReader(new InputStreamReader(ins));
String line = in.readLine();
System.out.println("From server: " + line);
    }
}


Server.java:

import java.io.*;
import javax.net.ssl.*;

public class Server {
    public static void main(String args[]) throws Throwable {
SSLServerSocketFactory sslSrvFact =
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
SSLServerSocket s =
(SSLServerSocket)sslSrvFact.createServerSocket(11166);
s.setNeedClientAuth(true);
SSLSocket c = (SSLSocket)s.accept();
OutputStream outs = c.getOutputStream();
PrintStream out = new PrintStream(outs, true);
out.println("hello from server");
    }
}


test.keystore (BASE64-encoded). Store and key password are "secret":

/u3+7QAAAAIAAAACAAAAAgACY2EAAADwYlK9GQAFWC41MDkAAAMZMIIDFTCCAf2g
AwIBAgICALAwDQYJKoZIhvcNAQEFBQAwMzELMAkGA1UEBhMCU0UxEDAOBgNVBAoT
B1Rlc3RsYWIxEjAQBgNVBAMTCVNlcnZlciBDQTAeFw0wMTAzMDExNDU2NDdaFw0w
NjAzMDExNDU2NDdaMDMxCzAJBgNVBAYTAlNFMRAwDgYDVQQKEwdUZXN0bGFiMRIw
EAYDVQQDEwlTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDHiKS831hgY0n5As7XXN5uQUuu3ZOm603o65jvNn1+nuT2GApGCoOJFrKNSQb6
2DGmeidUIoHyLoE9I9ZVOXhqM2LDoAKGoVph9wkl95/5hbhjbwafz/0+1c36OMEh
FM/EQ1u3KAY1Bc40yEm+uuGzDeAjhJRVOX7a1HY670s62mJ/DPMK10GxlW+Hn/TS
Lp380H+3vUBfIq6YHw6yZxAkmiIEwZNa7G2LiASJe/Ji3NktBk6g+hj7zRTw/H7b
4e1/eYDoerP1ecjRZemR96MRnHQE9ubv8efs4Wls83w2cX8CDlu2/W91T/kTmCzk
at+2lA0H6w6Y6GDCJVDE7YnjAgMBAAGjMzAxMA8GA1UdEwEB/wQFMAMBAf8wEQYD
VR0OBAoECEpyrT/CnMYfMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEA
wSsChUPWKz8xEajYru+0lFkjzSVeNGgEGpeaW+5+MtEEE6f+rB1WxYzQW3jumP7d
jFXEpiTKUG80ryPpRCwFDUb9j47Sh7ZAg2ObZCixSueKBAUty9zXNBFjN6meMgrL
zPM/XKJD/tPwsBUg50OE2DnZQ4eVM+0yiovHmuxWsu4Tu/Dl8yP7fcAzYBMIjsmG
/NhA3L4iARoRjqIiatNrGu1ak2J6tiIbjlGyY1CK4U9FkOPuluwuxQTV46ODzwjr
NVs0uPdR91Z4tl9X8R7XksZnILSG1u7vZAy6rzqTj667Cg/APvXfdoa2TE+qno66
9/HDH/V/fV7/1r2cW/9aZQAAAAEABW15a2V5AAAA8GJUJ1oAAAK7MIICtzAOBgor
BgEEASoCEQEBBQAEggKjGRrCJXZcyu4FmTyuPh+s8RuAlSXtfLexJw0sW7JLPkIx
ciYR65u7DX/cmR2cXVTK9YSek8buXHnkfIQTXN2XT9qzJucmOgQmNN3BVx3so1do
9nMJFvug0FV1ZustnpV2KQ9LkrsSY/UlvJ74f/Gq/q9WeYEjnlSeY/e/pjd41wT+
KXPJZ+Eyg2lbLrekRm2vufVoqzusyRWb7mcVnBMz4s3KULh4csqF+DfUUswSnFP9
HSu7nx6z69zOfwgMxh1DsbDlLqplX3vcVwet8a592b6/sv1qIzrpkXyfdZUXM/5W
/Zrfbwrlmz2ZrwOJ+JTMQ0FHF9ZTxcv8aCa0HRddzOJACCstRZjIgKbT0lIzKJgn
gABl+APRF1C+qAHKteWrSX6Nr9UCzYLddtMmWpvNemcI4F2y0vBFoHPQ0nbJKlCG
x1muwCKWE1BABML0kETXAsVMB/2I/XW0XCaTOySpgHLl+fXWSwDvum+PI6BEcAEV
Bn3z0xXNjQmtzqQVXhH7AeaMCxohWLs+ZXNnNbD5U3XLhhLYJb6W7aRGju7NABkf
8p973hfKlmv/9hw9x83hu509xHUPjJw2GBeCddaciuhAYbVx77hCf9jvHTA4WrMt
aiwS40vF4pmLEBEXZACd49a3YGNXXRVJPL2ScQuEYLPEz4iI8CU+SsjIzcooulPX
ct/x9/bPx6CDP45onp/6dPbD629dP0iuPlSUwXCdsSuV58k9kLGprElxxiFnvlck
pjLkBbB2WJHHBWMpIZxOhQS7H073/CAXbzfD63PhfSMz87pb9d7YSKXFRnRi64cW
EklxVLWH8FXbmGcGlrM0dxGdakP9IoYZdOq1c/6NN8Sqqk7nLXj3D4IkI1nQWvMR
2iiu4OumRovIoyF60glcRbwCAAAAAgAFWC41MDkAAAOsMIIDqDCCApCgAwIBAgIC
D0UwDQYJKoZIhvcNAQEFBQAwMzELMAkGA1UEBhMCU0UxEDAOBgNVBAoTB1Rlc3Rs
YWIxEjAQBgNVBAMTCVNlcnZlciBDQTAeFw0wMjA5MTkwODQ5NTNaFw0wMzA5MTkw
ODQ5NTNaMIGqMQswCQYDVQQGEwJTRTEdMBsGA1UEChMUUFJWdGVzdCAxNjAwMTIz
NDU2NzgxIDAeBgNVBAsTFzIwMjEwMC0yMDcyIFBSVnRlc3QgU0hTMRgwFgYDVQQD
Ew90ZXN0LnNocy5wcnYuc2UxEjAQBgNVBAcTCVN1bmRzdmFsbDEsMCoGCSqGSIb3
DQEJARYdYW5kcmVhcy5wZXJzc29uQGlkYWluZnJvbnQuc2UwgZ8wDQYJKoZIhvcN
AQEBBQADgY0AMIGJAoGBAMIM3vEJdqDiF4fEuOm7EzS6yBOlPzfqynXvFwOMxT5r
Otw3T8ZXyqIYmZ6QFFu8LjgmLXEin/lZ4jYCN1qVxzAza6K/pVOrtXGM7u2LKwiz
7kUR9tUE8MCcHOvIh9n6lc33cBRSuIU/Mth3wBKhkS2zFF5KiOtaqRBuKZLKBZCz
AgMBAAGjgdEwgc4wCQYDVR0TBAIwADARBgNVHQ4ECgQIQJA/e5Wy4/swFwYDVR0g
BBAwDjAMBgoqhXAmAQECAwEDMBMGA1UdIwQMMAqACEpyrT/CnMYfMA4GA1UdDwEB
/wQEAwIFoDBwBgNVHR8EaTBnMGWgY6Bhhl9sZGFwOi8vZHMua2F0YWxvZy5wb3N0
ZW4uc2U6MzkwL2NuPVNlcnZlciUyMENBLG89VGVzdGxhYixjPXNlP2NlcnRpZmlj
YXRlcmV2b2NhdGlvbmxpc3Q7YmluYXJ5PzANBgkqhkiG9w0BAQUFAAOCAQEAbDkI
dZcwK6Vy6tZbOfbnx+wadjZzYTAL5toK6x7+FkbasmBbtpimc3CX4AyseaTh816w
o/lfgWQcY1Dgogejhv093KKRSSbHD6b59EX4nPO0KWKGw5Jdai2GBUq9l8RmbD0Q
l/OK9zvzzI5HTOzYjhCxOgXY5eC1E19bmokG3QvyJhj8HU98K9vE+3/0tsZosntt
/SJysJA//07XDxYP6ldbLBjbv6Aj5GDrMJp7OLOUYnQsBxVDOcIiNFcDML1W2Rjr
jEen5oxeTR8GZZzoZu6dC0srPLzS5TaBklMGpthWttVURXiP+OLofFU0RsM3oAK1
GpPMDjomdC8iHjPPWwAFWC41MDkAAAMZMIIDFTCCAf2gAwIBAgICALAwDQYJKoZI
hvcNAQEFBQAwMzELMAkGA1UEBhMCU0UxEDAOBgNVBAoTB1Rlc3RsYWIxEjAQBgNV
BAMTCVNlcnZlciBDQTAeFw0wMTAzMDExNDU2NDdaFw0wNjAzMDExNDU2NDdaMDMx
CzAJBgNVBAYTAlNFMRAwDgYDVQQKEwdUZXN0bGFiMRIwEAYDVQQDEwlTZXJ2ZXIg
Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHiKS831hgY0n5As7X
XN5uQUuu3ZOm603o65jvNn1+nuT2GApGCoOJFrKNSQb62DGmeidUIoHyLoE9I9ZV
OXhqM2LDoAKGoVph9wkl95/5hbhjbwafz/0+1c36OMEhFM/EQ1u3KAY1Bc40yEm+
uuGzDeAjhJRVOX7a1HY670s62mJ/DPMK10GxlW+Hn/TSLp380H+3vUBfIq6YHw6y
ZxAkmiIEwZNa7G2LiASJe/Ji3NktBk6g+hj7zRTw/H7b4e1/eYDoerP1ecjRZemR
96MRnHQE9ubv8efs4Wls83w2cX8CDlu2/W91T/kTmCzkat+2lA0H6w6Y6GDCJVDE
7YnjAgMBAAGjMzAxMA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEpyrT/CnMYf
MAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAwSsChUPWKz8xEajYru+0
lFkjzSVeNGgEGpeaW+5+MtEEE6f+rB1WxYzQW3jumP7djFXEpiTKUG80ryPpRCwF
DUb9j47Sh7ZAg2ObZCixSueKBAUty9zXNBFjN6meMgrLzPM/XKJD/tPwsBUg50OE
2DnZQ4eVM+0yiovHmuxWsu4Tu/Dl8yP7fcAzYBMIjsmG/NhA3L4iARoRjqIiatNr
Gu1ak2J6tiIbjlGyY1CK4U9FkOPuluwuxQTV46ODzwjrNVs0uPdR91Z4tl9X8R7X
ksZnILSG1u7vZAy6rzqTj667Cg/APvXfdoa2TE+qno669/HDH/V/fV7/1r2cW/9a
ZZ11Dh4vtPIRXAM71q4x/czEWSjo

---------- END SOURCE ----------

CUSTOMER WORKAROUND :
Use JSSE1.0.2

Release Regression From : 1.0.2
The above release value was the last known release where this
bug was known to work. Since then there has been a regression.

(Review ID: 164777)
======================================================================