Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8175251

Failed to load RSA private key from pkcs12

    XMLWordPrintable

Details

    • b162
    • generic
    • generic
    • Verified

    Backports

      Description

        FULL PRODUCT VERSION :
        java version "1.8.0_121"
        Java(TM) SE Runtime Environment (build 1.8.0_121-b13)
        Java HotSpot(TM) 64-Bit Server VM (build 25.121-b13, mixed mode)


        ADDITIONAL OS VERSION INFORMATION :
        Linux localhost.localdomain 4.7.10-100.fc23.x86_64 #1 SMP Wed Oct 26 23:29:32 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

        A DESCRIPTION OF THE PROBLEM :
        Additional information on reproducibility for JDK-8173460. I can reproduce the bug in different circumstances but with the same result. See steps to reproduce.

        REGRESSION. Last worked in version 8u112

        STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
        In my project

        https://github.com/l-ra/openeet-java

        it is easy to reproduce. Either build the project from the source or download latest snapshot from

        https://github.com/l-ra/openeet/blob/master/releases/prerelease/openeet-lite-java8-20170115-0140.jar?raw=true

        Using jdk update _121 run: java -jar openeet-lite-java8-20170115-0140.jar


        EXPECTED VERSUS ACTUAL BEHAVIOR :
        EXPECTED -
        should output something like this
        ===== BEGIN EET REQUEST =====
        <?xml version="1.0" encoding="UTF-8"?>
        <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
          <SOAP-ENV:Header xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
            <wsse:Security
        ...
        ... more of XML ...
        ...
                  xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-7fdb-4327-96c0-09746434cbe6" bkp="A66DA004-03081577-1064904B-69D182A3-BAE332E9" dat_prij="2017-02-18T21:22:53+01:00"/><eet:Potvrzeni fik="398135bb-ff13-435c-9e9d-98b881fa6f1f-ff" test="true"/></eet:Odpoved></soapenv:Body></soapenv:Envelope>
        ===== END EET RESPONSE =====


        ACTUAL -
        Fails with exception (see error message field)



        ERROR MESSAGES/STACK TRACES THAT OCCUR :
        java.lang.IllegalArgumentException: Exception while loading p12 data
        at openeet.lite.EetRegisterRequest.loadP12(EetRegisterRequest.java:1369)
        at openeet.lite.EetRegisterRequest.<init>(EetRegisterRequest.java:856)
        at openeet.lite.EetRegisterRequest$Builder.build(EetRegisterRequest.java:764)
        at openeet.lite.Main.main(Main.java:22)
        Caused by: java.security.UnrecoverableKeyException: Get Key failed: java.security.InvalidKeyException: Invalid RSA private key
        at sun.security.pkcs12.PKCS12KeyStore.engineGetKey(PKCS12KeyStore.java:410)
        at java.security.KeyStore.getKey(KeyStore.java:1023)
        at openeet.lite.EetRegisterRequest.loadP12(EetRegisterRequest.java:1355)
        ... 3 more
        Caused by: java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: Invalid RSA private key
        at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(RSAKeyFactory.java:217)
        at java.security.KeyFactory.generatePrivate(KeyFactory.java:372)
        at sun.security.pkcs12.PKCS12KeyStore.engineGetKey(PKCS12KeyStore.java:376)
        ... 5 more
        Caused by: java.security.InvalidKeyException: Invalid RSA private key
        at sun.security.rsa.RSAPrivateCrtKeyImpl.parseKeyBits(RSAPrivateCrtKeyImpl.java:206)
        at sun.security.pkcs.PKCS8Key.decode(PKCS8Key.java:342)
        at sun.security.pkcs.PKCS8Key.decode(PKCS8Key.java:356)
        at sun.security.rsa.RSAPrivateCrtKeyImpl.<init>(RSAPrivateCrtKeyImpl.java:91)
        at sun.security.rsa.RSAPrivateCrtKeyImpl.newKey(RSAPrivateCrtKeyImpl.java:75)
        at sun.security.rsa.RSAKeyFactory.generatePrivate(RSAKeyFactory.java:316)
        at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(RSAKeyFactory.java:213)
        ... 7 more
        Caused by: java.io.IOException: Invalid encoding: redundant leading 0s
        at sun.security.util.DerInputBuffer.getBigInteger(DerInputBuffer.java:152)
        at sun.security.util.DerInputStream.getBigInteger(DerInputStream.java:207)
        at sun.security.rsa.RSAPrivateCrtKeyImpl.getBigInteger(RSAPrivateCrtKeyImpl.java:214)
        at sun.security.rsa.RSAPrivateCrtKeyImpl.parseKeyBits(RSAPrivateCrtKeyImpl.java:196)
        ... 13 more







        REPRODUCIBILITY :
        This bug can be reproduced always.

        ---------- BEGIN SOURCE ----------
        try {
        KeyStore ks=KeyStore.getInstance("PKCS12");
        ks.load(new ByteArrayInputStream(p12data), password);
        Enumeration<String> aliases= ks.aliases();
        while(aliases.hasMoreElements() ){
        String alias=aliases.nextElement();
        >>exception here>>> Key _key=ks.getKey(alias, password);
        if (_key!=null){
        Certificate _cert=ks.getCertificate(alias);
        if (_cert!=null){
        if ( _cert instanceof X509Certificate
        && _key instanceof RSAPrivateKey ){
        key=(PrivateKey) _key;
        certificate=(X509Certificate)_cert;
        }
        }
        }
        }
        }
        catch (Exception e ){
        throw new IllegalArgumentException("Exception while loading p12 data",e);
        }
        ---------- END SOURCE ----------

        CUSTOMER SUBMITTED WORKAROUND :
        Import pkcs12 file into windows store and export again. Then loading works as expected.

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8176897 Failed to load RSA private key from pkcs12

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8176898 Failed to load RSA private key from pkcs12

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8176899 Failed to load RSA private key from pkcs12

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8177613 Failed to load RSA private key from pkcs12

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8178664 Failed to load RSA private key from pkcs12

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8182204 Failed to load RSA private key from pkcs12

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8183449 Failed to load RSA private key from pkcs12

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8184559 Failed to load RSA private key from pkcs12

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8184868 Failed to load RSA private key from pkcs12

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8185232 Failed to load RSA private key from pkcs12

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8187201 Failed to load RSA private key from pkcs12

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8188339 Failed to load RSA private key from pkcs12

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8188464 Failed to load RSA private key from pkcs12

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8192430 Failed to load RSA private key from pkcs12

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8195524 Failed to load RSA private key from pkcs12

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8197339 Failed to load RSA private key from pkcs12

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8178391 Failed to load RSA private key from pkcs12

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8178394 Failed to load RSA private key from pkcs12

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8178396 Failed to load RSA private key from pkcs12

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8179919 Failed to load RSA private key from pkcs12

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8180504 Failed to load RSA private key from pkcs12

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8180798 Failed to load RSA private key from pkcs12

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed
            duplicates

            Bug - A problem which impairs or prevents the functions of the product. JDK-8173460 Error with Keytool - Invalid RSA Private key

            • P3 - Major loss of function.
            • Closed

            Bug - A problem which impairs or prevents the functions of the product. JDK-8177657 certificate parsing error "Invalid RSA public Key" with Java 1.8.121

            • P3 - Major loss of function.
            • Closed

            Bug - A problem which impairs or prevents the functions of the product. JDK-8179191 keystore.load() fails to load a certificate

            • P3 - Major loss of function.
            • Closed

            Activity

              People

                valeriep Valerie Peng
                webbuggrp Webbug Group
                Votes:
                0 Vote for this issue
                Watchers:
                11 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: