Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-4348279

DH ServerKeyExchange DSA signature encoding bug

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: P3
    • Resolution: Fixed
    • Affects Version/s: 1.0, 1.0.2
    • Fix Version/s: unknown
    • Component/s: security-libs
    • Labels:
      None
    • Subcomponent:
    • Resolved In Build:
      helms
    • CPU:
      generic, x86
    • OS:
      generic, windows_2000

      Description

      We encode the DSA signature of a Diffie-Hellman server key
      exchange message incorrectly. This prevents interoperability with
      openSSL and other implementations of the DHE_DSS_XXX cipher suites.

      ============
      For the record, here's the exception thrown when
      working with openssl 0.9.6b:


      [wetmore@bongos] 172 >java -Djavax.net.ssl.trustStore=keystore.dsa -Dcom.sun.net.ssl.dhKeyExchangeFix=false URLReader

      Exception in thread "main" javax.net.ssl.SSLException: Server key, java.security.SignatureException: invalid encoding for signature
      at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(DashoA6275)
      at com.sun.net.ssl.internal.ssl.Handshaker.process_record(DashoA6275)
      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
      at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275)
      at java.io.OutputStream.write(OutputStream.java:61)
      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275)
      at sun.net.www.protocol.https.HttpsClient.afterConnect(DashoA6275)
      at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(DashoA6275)
      at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:549)
      at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(DashoA6275)
      at URLReader.main(URLReader.java:42)

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              jdn Jeffrey Nisewanger (Inactive)
              Reporter:
              jdn Jeffrey Nisewanger (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Imported:
                Indexed: