Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: P4
Fix Version/s: 6
Affects Version/s: 5.0, 5.0u2
Component/s: security-libs
Labels:
None

Subcomponent:
java.security
Resolved In Build:
beta
CPU:

generic, sparc
OS:

generic, solaris_9

Issue	Fix Version	Assignee	Priority	Status	Resolution	Resolved In Build
JDK-2127778	5.0u5	Sean Coffey	P3	Resolved	Fixed	b04

The CA certificate store on Microsoft Windows contains an RSA public-key
certificate that is encoded incorrectly. See attachments. Its modulus value is
DER encoded as a negative integer instead of a positive integer. Our DER parser
rejects such an encoding and therefore the enclosing certificate cannot be
parsed.

The DER encoding for the key's modulus value is:

    INTEGER
        81 55 22 B9 8A A4 6F ED D6 E7 D9 66 0F 55 BC D7
        CD D5 BC 4E 40 02 21 A2 B1 F7 87 30 85 5E D2 F2
        44 B9 DC 9B 75 B6 FB 46 5F 42 B6 9D 23 36 0B DE
        54 0F CD BD 1F 99 2A 10 58 11 CB 40 CB B5 A7 41

The correct DER encoding is:

    INTEGER
        00 81 55 22 B9 8A A4 6F ED D6 E7 D9 66 0F 55 BC
        D7 CD D5 BC 4E 40 02 21 A2 B1 F7 87 30 85 5E D2
        F2 44 B9 DC 9B 75 B6 FB 46 5F 42 B6 9D 23 36 0B
        DE 54 0F CD BD 1F 99 2A 10 58 11 CB 40 CB B5 A7
        41

Given that this certificate is already widely deployed on Windows
installations, our code needs to be able to parse it in the interests of
interoperability.

###@###.### 2005-04-15 15:36:11 GMT

backported by

JDK-2127778 Allow a negative modulus value when DER decoding an RSA public key

Resolved

duplicates

JDK-6262139 SSL Connection using client auth fails under Java 1.5 on Solaris 8 and 9

Closed

Assignee:: Vincent Ryan

Reporter:: Vincent Ryan

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Created:: 2005-04-15 08:36

Updated:: 2010-04-02 15:29

Resolved:: 2005-04-29 08:55

Imported:: 16/Sep/12 2:05 AM

Indexed:: 17/Jul/12 10:07 PM

Details

Backports

Description

Attachments

Issue Links

Activity

People

Dates