I want to encrypt my post payload with an X.509 certificate and the inherited public key. So far I have this java code to perform the encryption
private String encrypt(String str) throws Exception {
ClassPathResource classPathResource = new ClassPathResource("testcert1.crt");
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
X509Certificate certificate = (X509Certificate)certificateFactory.generateCertificate(classPathResource.getInputStream());
PublicKey pk = certificate.getPublicKey();
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
cipher.init(Cipher.ENCRYPT_MODE, pk);
return Base64.encodeBase64String(cipher.doFinal(str.getBytes()));
}
which returns the base64 encoded string. From the endpoint I am always getting the result, that the certificate is not valid.
So I want to validate my encrypted string on the console using the openssl command, but failing to do so.
I can read out the certificate with: openssl x509 -in testcert1.crt -text -noout
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=xxx, ST=xxx, L=xxx, O=xxx, OU=xxx, CN=xxx
Validity
Not Before: Jul 24 11:40:39 2013 GMT
Not After : Jul 24 11:40:39 2015 GMT
Subject: C=xxx, ST=xxx, L=xxx, O=xxx, OU=xxx, CN=xxx
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (4096 bit)
Modulus (4096 bit):
....
Exponent: 65537 (0x10001)
But I cannot figure out the command lines to encrypt/decrypt a text file using that certificate
You can validate your encrypted string using openssl with the following command:
echo -n 'string to encrypt' | openssl rsautl -encrypt -certin -inkey testcert1.crt | base64
As you are using asymmetric cryptography, if you encrypt using the public key of your certificate, you can only decrypt using the corresponding private key. Make sure you have that key and use it for decryption.
Related
I am trying to generate a jwt token from a keystore.
For this I downloaded "openssl-for-windows" https://code.google.com/archive/p/openssl-for-windows/downloads
Run the following commands in the command prompt as an administrator.
CLI comnd
Creating a sample CA certificate
openssl.exe req -config openssl.cnf -new -x509 -keyout private.pem -out certificate.pem -days 365
Create a kestore named keystore
keytool –keystore keystore –genkey –alias client -keyalg rsa
Generate certificate signing request
keytool –keystore keystore –certreq –alias client –keyalg rsa –file client.csr
Generate signed certificate for associated CSR
openssl.exe x509 -req -CA certificate.pem -CAkey private.pem -in client.csr -out client.cer -days 365 -CAcreateserial
Import CA certificate into keystore
keytool -import -keystore keystore -file certificate.pem -alias theCARoot
Import signed certificate for associated alias in the keystore
keytool –import –keystore keystore –file client.cer –alias client
Next, I created a java code to generate a token.
Main.java
public class StreamKey {
public static void main(String[] args) {
StreamKey key = new StreamKey();
key.getSer();
}
private void getSer() {
try {
InputStream inputStream = getClass().getClassLoader().getResourceAsStream("clientkeystore");
char[] password = "111111".toCharArray();
String alias = "client";
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(inputStream, password);
Key key = keyStore.getKey(alias, password);
LocalDateTime currentTime = LocalDateTime.now();
Date dat = Date.from(currentTime.plusMinutes(5).atZone(ZoneId.systemDefault()).toInstant());
Map<String, Object> claims = new HashMap<>();
claims.put("sub", alias);
claims.put("exp", dat.getTime());
String token = Jwts.builder()
.setHeaderParam("alg", "RS256")
.setHeaderParam("typ", "jwt")
.setClaims(claims)
.signWith(key, SignatureAlgorithm.RS256).compact();
System.out.println(token);
} catch (IOException | KeyStoreException | CertificateException | NoSuchAlgorithmException |
UnrecoverableKeyException e) {
throw new RuntimeException(e);
}
}
}
After creating the token, I went to the site https://jwt.io/ and pasted this token into the "Encoded PASTE A TOKEN HERE" field, then I opened the client.csr file in a text editor and copied the contents and pasted it into the "Public Key" field ".
After these steps, "Invalid Signature" is still highlighted in red
But if I take the content from the private.pem file and paste it into the "Private Key" field, then "Invalid Signature" is highlighted in blue.
The question is why when I use the public key, "Invalid Signature" is highlighted in red?
I took all the material from YouTube.
Man creates keys https://www.youtube.com/watch?v=nxowUHao9TI
The same person creates a jwt token using java https://www.youtube.com/watch?v=MWlDQaR-LLM
https://github.com/MyTestPerson/rsa-jwt
LOG
D:\test\openssl-0.9.8k_X64>.\bin\openssl.exe req -config openssl.cnf -new -x509 -keyout private.pem -out certificate.pem -days 365
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
........................++++++
..++++++
writing new private key to 'private.pem'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:qq
State or Province Name (full name) [Some-State]:ww
Locality Name (eg, city) []:ee
Organization Name (eg, company) [Internet Widgits Pty Ltd]:rr
Organizational Unit Name (eg, section) []:tt
Common Name (eg, YOUR name) []:yy
Email Address []:uu
D:\test\openssl-0.9.8k_X64>keytool -keystore keystore -genkey -alias client -keyalg rsa
Enter keystore password:
Re-enter new password:
What is your first and last name?
[Unknown]: uu
What is the name of your organizational unit?
[Unknown]: yy
What is the name of your organization?
[Unknown]: tt
What is the name of your City or Locality?
[Unknown]: rr
What is the name of your State or Province?
[Unknown]: ee
What is the two-letter country code for this unit?
[Unknown]: ww
Is CN=uu, OU=yy, O=tt, L=rr, ST=ee, C=ww correct?
[no]: yes
Generating 2 048 bit RSA key pair and self-signed certificate (SHA256withRSA) with a validity of 90 days
for: CN=uu, OU=yy, O=tt, L=rr, ST=ee, C=ww
D:\test\openssl-0.9.8k_X64>keytool -keystore keystore -certreq -alias client -keyalg rsa -file client.csr
Enter keystore password:
D:\test\openssl-0.9.8k_X64>.\bin\openssl.exe x509 -req -CA certificate.pem -CAkey private.pem -in client.csr -out client.cer -days 365 -CAcreateserial
Loading 'screen' into random state - done
Signature ok
subject=/C=ww/ST=ee/L=rr/O=tt/OU=yy/CN=uu
Getting CA Private Key
Enter pass phrase for private.pem:
D:\test\openssl-0.9.8k_X64>keytool -import -keystore keystore -file certificate.pem -alias theCARoot
Enter keystore password:
Owner: EMAILADDRESS=uu, CN=yy, OU=tt, O=rr, L=ee, ST=ww, C=qq
Issuer: EMAILADDRESS=uu, CN=yy, OU=tt, O=rr, L=ee, ST=ww, C=qq
Serial number: a51a542a98afc4c9
Valid from: Sun Aug 14 17:33:41 SAKT 2022 until: Mon Aug 14 17:33:41 SAKT 2023
Certificate fingerprints:
SHA1: 45:E2:09:05:60:D6:AA:5A:21:6E:58:F3:4D:12:1E:85:14:1C:B8:7C
SHA256: 80:A5:C6:19:6B:F0:14:F0:9C:0F:8D:C0:80:96:AF:12:F7:6A:E3:25:F0:81:55:ED:32:52:BD:71:2D:5E:E9:38
Signature algorithm name: SHA1withRSA (weak)
Subject Public Key Algorithm: 1024-bit RSA key (weak)
Version: 3
Extensions:
#1: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 04 BA 9F 89 CE E3 9C 37 C8 0B 36 86 68 55 BD 5D .......7..6.hU.]
0010: CA 17 80 22 ..."
]
[EMAILADDRESS=uu, CN=yy, OU=tt, O=rr, L=ee, ST=ww, C=qq]
SerialNumber: [ a51a542a 98afc4c9]
]
#2: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen: no limit
]
#3: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 04 BA 9F 89 CE E3 9C 37 C8 0B 36 86 68 55 BD 5D .......7..6.hU.]
0010: CA 17 80 22 ..."
]
]
Warning:
The input uses the SHA1withRSA signature algorithm which is considered a security risk. This algorithm will be disabled in a future update.
The input uses a 1024-bit RSA key which is considered a security risk. This key size will be disabled in a future update.
Trust this certificate? [no]: yes
Certificate was added to keystore
D:\test\openssl-0.9.8k_X64>keytool -import -keystore keystore -file client.cer -alias client
Enter keystore password:
Certificate reply was installed in keystore
Warning:
Issuer <thecaroot> uses a 1024-bit RSA key which is considered a security risk. This key size will be disabled in a future update.
The input uses the SHA1withRSA signature algorithm which is considered a security risk. This algorithm will be disabled in a future update.
D:\test\openssl-0.9.8k_X64>
I am trying to load a .pem file into Inputstream and then trying to generateCertificates. But, I am getting 0 certificates. Whereas my .pem file has various certifcates. Below is the code I am using:
try{
AssetManager am = mContext.getAssets();
InputStream in = am.open("cacerts.pem");
if(in!=null){
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
Collection<? extends Certificate> certificates = certificateFactory.generateCertificates(in);
if (certificates.isEmpty()) {
throw new IllegalArgumentException("expected non-empty set of trusted certificates");
}
}
}catch(Exception e){
e.printStackTrace();
}
and my cacerts.pem is something like this:
# This is a bundle of X.509 certificates of public Certificate
# Authorities. It was generated from the Mozilla root CA list.
#
# Source: mozilla/security/nss/lib/ckfw/builtins/certdata.txt
#
# Generated from certdata.txt RCS revision 1.39
#
Certificate:
Data:
Version: 1 (0x0)
Serial Number:
02:ad:66:7e:4e:45:fe:5e:57:6f:3c:98:19:5e:dd:c0
Signature Algorithm: md2WithRSAEncryption
Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
Validity
Not Before: Nov 9 00:00:00 1994 GMT
Not After : Jan 7 23:59:59 2010 GMT
Subject: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1000 bit)
Modulus (1000 bit):
00:92:ce:7a:c1:ae:83:3e:5a:aa:89:83:57:ac:25:
01:76:0c:ad:ae:8e:2c:37:ce:eb:35:78:64:54:03:
e5:84:40:51:c9:bf:8f:08:e2:8a:82:08:d2:16:86:
37:55:e9:b1:21:02:ad:76:68:81:9a:05:a2:4b:c9:
4b:25:66:22:56:6c:88:07:8f:f7:81:59:6d:84:07:
65:70:13:71:76:3e:9b:77:4c:e3:50:89:56:98:48:
b9:1d:a7:29:1a:13:2e:4a:11:59:9c:1e:15:d5:49:
54:2c:73:3a:69:82:b1:97:39:9c:6d:70:67:48:e5:
dd:2d:d6:c8:1e:7b
Exponent: 65537 (0x10001)
Signature Algorithm: md2WithRSAEncryption
65:dd:7e:e1:b2:ec:b0:e2:3a:e0:ec:71:46:9a:19:11:b8:d3:
c7:a0:b4:03:40:26:02:3e:09:9c:e1:12:b3:d1:5a:f6:37:a5:
b7:61:03:b6:5b:16:69:3b:c6:44:08:0c:88:53:0c:6b:97:49:
c7:3e:35:dc:6c:b9:bb:aa:df:5c:bb:3a:2f:93:60:b6:a9:4b:
4d:f2:20:f7:cd:5f:7f:64:7b:8e:dc:00:5c:d7:fa:77:ca:39:
16:59:6f:0e:ea:d3:b5:83:7f:4d:4d:42:56:76:b4:c9:5f:04:
f8:38:f8:eb:d2:5f:75:5f:cd:7b:fc:e5:8e:80:7c:fc:50
MD5 Fingerprint=74:7B:82:03:43:F0:00:9E:6B:B3:EC:47:BF:85:A5:93
-----BEGIN CERTIFICATE-----
MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 1 (0x0)
Serial Number: 419 (0x1a3)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=US, O=GTE Corporation, CN=GTE CyberTrust Root
Validity
Not Before: Feb 23 23:01:00 1996 GMT
Not After : Feb 23 23:59:00 2006 GMT
Subject: C=US, O=GTE Corporation, CN=GTE CyberTrust Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:b8:e6:4f:ba:db:98:7c:71:7c:af:44:b7:d3:0f:
46:d9:64:e5:93:c1:42:8e:c7:ba:49:8d:35:2d:7a:
e7:8b:bd:e5:05:31:59:c6:b1:2f:0a:0c:fb:9f:a7:
3f:a2:09:66:84:56:1e:37:29:1b:87:e9:7e:0c:ca:
9a:9f:a5:7f:f5:15:94:a3:d5:a2:46:82:d8:68:4c:
d1:37:15:06:68:af:bd:f8:b0:b3:f0:29:f5:95:5a:
09:16:61:77:0a:22:25:d4:4f:45:aa:c7:bd:e5:96:
df:f9:d4:a8:8e:42:cc:24:c0:1e:91:27:4a:b5:6d:
06:80:63:39:c4:a2:5e:38:03
Exponent: 65537 (0x10001)
Signature Algorithm: md5WithRSAEncryption
12:b3:75:c6:5f:1d:e1:61:55:80:00:d4:81:4b:7b:31:0f:23:
63:e7:3d:f3:03:f9:f4:36:a8:bb:d9:e3:a5:97:4d:ea:2b:29:
e0:d6:6a:73:81:e6:c0:89:a3:d3:f1:e0:a5:a5:22:37:9a:63:
c2:48:20:b4:db:72:e3:c8:f6:d9:7c:be:b1:af:53:da:14:b4:
21:b8:d6:d5:96:e3:fe:4e:0c:59:62:b6:9a:4a:f9:42:dd:8c:
6f:81:a9:71:ff:f4:0a:72:6d:6d:44:0e:9d:f3:74:74:a8:d5:
34:49:e9:5e:9e:e9:b4:7a:e1:e5:5a:1f:84:30:9c:d3:9f:a5:
25:d8
MD5 Fingerprint=C4:D7:F0:B2:A3:C5:7D:61:67:F0:04:CD:43:D3:BA:58
-----BEGIN CERTIFICATE-----
MIIB+jCCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC45k+625h8cXyv
RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
-----END CERTIFICATE-----
As seen clearly, I have 2 certificates but I don't know why is generateCertificates() returning 0?
Is there a different way to read certificate?
Thanks in advance!
I am running a dropwizard server, and a client leveraging Apache HttpClient 4.5.1.
Given a single .pfx file that contains both the public and private keys, how would I structure my key/trust stores on both the server and client to accept/trust and pass the certificate for authentication purposes?
What I'm running into is the client trusts the provided server certificate, but
after the server hello that includes the certificate request per tls spec, my client is unable to find a suitable certificate to send back.
My first thought was to run the server with the keystore and truststore as the same pfx file, but java throws a null cert chain error when loading the pfx file as a trust store in the server. So I had to go through the process of creating a trust store manually.
Here are the general steps I thought would allow this entire process to succeed:
Run the server with the .pfx file, with a PKCS12 keystore type.
Extract the cert from the pfx file, and create a java trust store using the cert.
Run the server with the above clientCerts.jks file as the trust store
Run the client with a keystore set to the clientCerts.jks file
Run the client with a truststore set to the .pfx PKCS12 keystore.
These steps didn't work, and I've tried other less obvious permutations and none of them worked. Is there something blatantly wrong with the way I'm approaching this? Does anyone have any advice on actually getting it to work?
Lots of details below (including ssl debug logs)
PFX cert info:
(its a valid corporate signed cert, but I don't have the root CA as trusted anywhere, which is why I just create a trust store so I can trust the client cert).
$ openssl pkcs12 -info -in cert.pfx
Enter Import Password:
MAC Iteration 1
MAC verified OK
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2000
Bag Attributes
Microsoft Local Key set: <No Values>
localKeyID: 01 00 00 00
friendlyName: xxx
Microsoft CSP Name: Microsoft RSA SChannel Cryptographic Provider
Key Attributes
X509v3 Key Usage: 10
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----BEGIN ENCRYPTED PRIVATE KEY-----
xxx
-----END ENCRYPTED PRIVATE KEY-----
PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 2000
Certificate bag
Bag Attributes
localKeyID: 01 00 00 00
friendlyName: my.domain.com
subject=/C=US/O=My Company/OU=Web Servers/CN=my.domain.com
issuer=/C=US/O=My Company
-----BEGIN CERTIFICATE-----
xxx
-----END CERTIFICATE-----
Java Trust store Creation:
//create pem file
openssl pkcs12 -in cert.pfx -out tempCert.crt -nokeys -clcerts
//convert to x509
openssl x509 -inform pem -in tempCert.crt -outform der -out tempx509Cert.cer
//create a java trust store
keytool -import -file tempx509Cert.cer -alias firstCA -keystore newJavaTrustStore.jks
Dropwizard Config:
applicationConnectors:
- type: https
port: 443
bindHost: localhost
keyStorePath: ./cert.pfx
keyStorePassword: pw
keyStoreType: PKCS12
trustStorePath: ./clientCerts.jks
trustStorePassword: pw
trustStoreType: JKS
supportedProtocols: [TLSv1, TLSv1.1, TLSv1.2]
excludedProtocols: [SSLv2Hello, SSLv3]
validateCerts: false
needClientAuth: true
wantClientAuth: true
HttpClient Config Values:
keyStorePath: ./clientCerts.jks
keyStorePassword: pw
keyStoreType: JKS
trustStorePath: ./cert.pfx
trustStorePassword: pw
trustStoreType: PKCS12
HttpClient Config:
public static CloseableHttpClient getSecurePooledHttpClient(
final String host,
final int port,
final boolean ssl,
final String keystorePath,
final String keystorePassword,
final String keystoreType,
final String trustStorePath,
final String trustStorePassword,
final String trustStoreType
) throws Exception {
//Setup the keystore that will hold the client certificate
KeyStore ks = KeyStore.getInstance(keystoreType);
ks.load(new FileInputStream(new File(keystorePath)),
keystorePassword.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, keystorePassword.toCharArray());
//Setup the Trust Store so we know what certificates
//we can trust that are hosting the service
KeyStore ts = KeyStore.getInstance((trustStoreType));
ts.load(new FileInputStream(new File(trustStorePath)),
trustStorePassword.toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(ts);
//setup our SSL context to be TLSv1.2, then setup the key and trust manager.
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
//Register the socket factory so that it uses the ssl Context and key
// manager we created above
Registry<ConnectionSocketFactory> socketFactoryRegistry =
RegistryBuilder.<ConnectionSocketFactory>create()
.register("https", new SSLConnectionSocketFactory(sslContext,
NoopHostnameVerifier.INSTANCE))
.build();
//Define an overridden routeplanner that setups up our default host
// so all our later calls can simply be
//sub-routes.
HttpRoutePlanner routePlanner =
new DefaultRoutePlanner(DefaultSchemePortResolver.INSTANCE)
{
#Override
public HttpRoute determineRoute(
final HttpHost target,
final HttpRequest request,
final HttpContext context) throws HttpException {
return super.determineRoute(
target != null ? target : new HttpHost(host, port, ssl ? "https" : "http"),
request, context);
}
};
return BuildClientWithRoutePlanner(socketFactoryRegistry, routePlanner);
Client SSL debug:
...
*** ServerHello, TLSv1.2
RandomCookie: Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
***
%% Initialized: [Session-7, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256]
** TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=my.domain.com, OU=Web Servers, O=My Company, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
.........
***
Found trusted certificate:
[
[
Version: V3
Subject: CN=my.domain.com, OU=Web Servers, O=My Company, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 2048 bits
......
*** CertificateRequest
Cert Types: RSA, DSS, ECDSA
Supported Signature Algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA
Cert Authorities:
<CN=my.domain.com, OU=Web Servers, O=My Company, C=US>
*** ServerHelloDone
Warning: no suitable certificate found - continuing without client authentication
*** Certificate chain
<Empty>
***
openssl x509 -inform DER -text
on my DER file gives the dump on the bottom of this question.
I try to read it with:
static PublicKey getCertKey() throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
URL keyUrl = Resources.getResource(LManager.class, "iid.der");
byte[] keyBytes = Resources.toByteArray(keyUrl);
X509EncodedKeySpec spec = new X509EncodedKeySpec(keyBytes);
KeyFactory kf = KeyFactory.getInstance("RSA");
return kf.generatePublic(spec);
}
And I get:
java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException: ObjectIdentifier() -- data isn't an object ID (tag = -96)
at sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:205)
at java.security.KeyFactory.generatePublic(KeyFactory.java:334)
....
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at Caused by: java.security.InvalidKeyException: IOException: ObjectIdentifier() -- data isn't an object ID (tag = -96)
at sun.security.x509.X509Key.decode(X509Key.java:397)
at sun.security.x509.X509Key.decode(X509Key.java:403)
at sun.security.rsa.RSAPublicKeyImpl.<init>(RSAPublicKeyImpl.java:83)
at sun.security.rsa.RSAKeyFactory.generatePublic(RSAKeyFactory.java:298)
at sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:201)
... 25 more
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
a9:cb:e1:41:03:30:df:c5
Signature Algorithm: sha1WithRSAEncryption
Issuer: REDACTED
Validity
Not Before: Jun 5 14:28:02 2014 GMT
Not After : Jun 5 14:28:02 2024 GMT
Subject: REDACTED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:87:bd:18:df:ff:49:12:b6:92:76:e3:c9:21:b4:
86:8d:f2:a9:03:37:7b:64:c3:85:63:bc:0f:67:bc:
f9:76:6a:72:4e:f9:e2:01:52:a3:df:40:6d:3d:91:
99:70:a5:6a:66:c8:ef:1b:18:1d:91:5a:a5:b1:0b:
0b:81:fd:d7:27:22:86:fa:c3:8d:b4:93:d5:98:e4:
2d:08:20:6b:43:44:d6:ae:37:79:2e:bc:65:e4:c3:
71:c4:9c:5d:04:8d:8a:f4:a5:cc:96:52:f0:72:59:
8e:0a:b3:06:55:e3:65:fb:63:b5:d2:4b:5d:e1:38:
87:0b:e8:d2:c0:f8:7f:78:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:D6:CC:08:15:CA:B6:F0:9C:59:DC:14:52:2C:EF:B5:41:76:51:38
X509v3 Authority Key Identifier:
keyid:25:D6:CC:08:15:CA:B6:F0:9C:59:DC:14:52:2C:EF:B5:41:76:51:38
DirName:/C=US/ST=Washington/L=Seattle/O=Amazon.com Inc./CN=ec2.amazonaws.com
serial:A9:CB:E1:41:03:30:DF:C5
X509v3 Basic Constraints:
CA:TRUE
First, openssl -inform DER -text is an error. The openssl program is a wrapper that runs one of a bunch of functions, identified by the first argument, which in this case must be x509, so openssl x509 -inform DER -text.
That's a clue. Your file is an X.509 certificate not (just) a public key. Certificates in general, and X.509 certificates in particular, contain a public key but that is not the same thing as being a public key.
Since your file is an X.509 certificate, use a CertificateFactory of type X.509 to read it. The pattern is similar: use a static .getInstance() method to get a factory then use .generateCertificate() to take some input, here a stream that reads the data (directly from the file, or from memory if you have it buffered), and generate a Certificate object. (Note java.security.cert.Certificate not the obsolete and deprecated java.security.Certificate -- some IDEs may not default to the good one.)
If you want to use the public key in the certificate for something like encrypting or verifying call .getPublicKey() on the Certificate. If you want to look at other information such as the subject name or extensions which are specific to X.509, cast the Certificate to X509Certificate (also in java.lang.security.cert) and use its additional methods.
Also: the certificate is signed with sha1withRSA. The publickey itself is an RSA key, and could be used for any RSA operation -- but since the cert claims this key belongs to a CA, the corresponding privatekey should be used only for signing certs and/or CRLs (controlled by KeyUsage if present, but it's not unless you've redacted it) and thus doing something with this publickey other than verifying those certs and/or CRLs is useless. And since the key is only 1024 bits, using a signing hash stronger than SHA1 would be wasted, except for the facts that RSA-1024 is already considered insecure (since early 2014) and using SHA1-RSA for certificates is considered at risk and prohibited after sometime next year.
We have a process that uses OpenSSL to generate S/MIME digital signatures which need to be verified later using Java 7. On one side we use OpenSSL to read in text files and generate a signed digital output which is verified later.
We used to have the verification using OpenSSL but now we need Java (note: we cannot count on OpenSSL being available now).
We use this to sign: openssl smime -sign -inkey private.key -signer public.key -in ${f} > ${f}.signed and this to verify: openssl smime -verify -noverify -in ${f}.signed
Note: that the verify does not validate the certificates, only checks the signature/contents.
I need to change the verify part of this process to be a java application, preferably with Java 7 (which I think now has the JCE built in).
A sample output is something like ...
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----185C6C544BB34D30B0835B915C158544"
This is an S/MIME signed message
------185C6C544BB34D30B0835B915C158544
Four score and seven years ago our fathers brought forth on this continent, a
new nation, conceived in Liberty, and dedicated to the proposition that all
men are created equal.
Now we are engaged in a great civil war, testing whether that nation, ...
------185C6C544BB34D30B0835B915C158544
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
MIIKAAYJKoZIhvcNAQcCoIIJ8TCCCe0CAQExDzANBglghkgBZQMEAgEFADALBgkq
hkiG9w0BBwGgggchMIIHHTCCBgWgAwIBAgIEUzuEpzANBgkqhkiG9w0BAQsFADCB
hzELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEoMCYGA1UE
CxMfRGVwYXJ0bWVudCBvZiBIb21lbGFuZCBTZWN1cml0eTEiMCAGA1UECxMZQ2Vy
dGlm ...
... JIQeeE=
------185C6C544BB34D30B0835B915C158544--
The signature algorithm is sha256WithRSAEncryption; example ...
openssl smime -pk7out -in message.signed | openssl pkcs7 -text -noout -print_certs
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1396409511 (0x533b84a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=Corp, OU=Acme, OU=CA
Validity
Not Before: May 16 15:27:56 2014 GMT
Not After : May 16 15:57:56 2015 GMT
Subject: C=US, O=Corp, OU=Acme, OU=CBP, CN=foo.acme.corp.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:00:00:00:00:b1:b6:49:6e:ca:d7:61:07:a0:18:
...
c9:de:ab:a7:2f:97:e4:f6:64:37:ec:3a:9d:ae:c0:
16:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Certificate Policies:
Policy: 2.16.840.1.101.3.2.1.3.8
...
I have looked at many, many examples, tried multiple ones without success. I wish had had some source to share with you, but the success I have had so far would not be helpful in the least.
This can be done using the Bouncy Castle Crypto APIs where you can use the following official example as reference, https://github.com/bcgit/bc-java/blob/master/mail/src/main/java/org/bouncycastle/mail/smime/examples/ValidateSignedMail.java.
For a simpler example to perform a full validation of a signed email including the certification chain you would do something like this with org.bouncycastle:bcmail-jdk15on:1.52:
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.mail.smime.validator.SignedMailValidator;
import javax.mail.internet.MimeMessage;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.Security;
import java.security.cert.PKIXParameters;
public class SignedMailValidatorExample {
public static void main(String[] args) throws Exception {
Security.addProvider(new BouncyCastleProvider());
FileInputStream signedEmailInputStream = new FileInputStream("signed_email.eml");
MimeMessage signedEmailMimeMessage = new MimeMessage(null, signedEmailInputStream);
KeyStore trustStore = KeyStore.getInstance("JKS");
trustStore.load(new FileInputStream("truststore.jks"), "changeit".toCharArray());
PKIXParameters pkixParameters = new PKIXParameters(trustStore);
pkixParameters.setRevocationEnabled(false);
SignedMailValidator signedMailValidator = new SignedMailValidator(signedEmailMimeMessage, pkixParameters);
boolean successfulValidation = true;
for (SignerInformation signerInformation : signedMailValidator.getSignerInformationStore().getSigners()) {
SignedMailValidator.ValidationResult signerValidationResult = signedMailValidator
.getValidationResult(signerInformation);
if (!signerValidationResult.isValidSignature()) {
successfulValidation = false;
break;
}
}
if (successfulValidation) {
System.out.println("Signed email validated correctly.");
} else {
System.out.println("Signed email validation failed.");
}
}
}
Where truststore.jks should contain a CA certificate (e.g. the issuing CA) that chains to the certificate used to sign the email. Now, you can easily created this file using a software like https://keystore-explorer.org/.