Java HTTPS with client verification using windows keystore-Collection of common programming errors
Ken AllenI’m trying to do some json/https rpc in Java with client certificate authentication. I’m trying to use the windows keystore for the client cert and it’s not working – the server returns a decrypt_error ssl alert. I can hit the same server with the same client cert in IE so I know it’s not a problem with the cert itself. I can also do it from java if I pull the key from a different source. The server is running Apache 2.2.8 with openssl 0.9.8g. I tried different ciphers in the mod_ssl config but it failed the same with all of them. The protocol always negotiates to TLSv1. I tried several JRE 1.6 versions and they all have this problem. I’ve seen mention of this error on the internet in a few places, but no solutions.
In particular I saw these:
http://forums.oracle.com/forums/thread.jspa?threadID=1531706
http://www.java-forums.org/java-applets/24508-how-use-windows-keystore-establise-ssl-connection.html
I tried running with javax.net.debug=all but I actually get a different error when I do – which seems odd. Attached is a minimal test case, and the end of the javax.net.debug=ssl and javax.net.debug=all output with stacktraces. I can probably post the full logs if someone wants to see them.
This is really important to my current project so ANY help would be appreciated.
Here’s a minimal test case:
import java.io.BufferedInputStream; import java.io.InputStream; import java.io.InputStreamReader; import java.io.Reader; import java.net.URL; import java.security.KeyStore; import java.util.Arrays; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManagerFactory; public class Minimal { public static void main(String[] args) throws Exception { SSLContext context = SSLContext.getInstance("SSL"); KeyManagerFactory keyFac = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); KeyStore keyStore = KeyStore.getInstance("WINDOWS-MY"); keyStore.load(null, null); keyFac.init(keyStore, null); TrustManagerFactory trustFac = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); KeyStore trustStore = KeyStore.getInstance("WINDOWS-ROOT"); trustStore.load(null, null); trustFac.init(trustStore); context.init(keyFac.getKeyManagers(), trustFac.getTrustManagers(), null); HttpsURLConnection conn = (HttpsURLConnection)new URL("https://").openConnection(); conn.setRequestMethod("GET"); conn.setDoInput(true); conn.setSSLSocketFactory(context.getSocketFactory()); int responseCode = conn.getResponseCode(); System.out.println("RESPONSE: " + responseCode); InputStream response = null; if(responseCode != 200) { response = conn.getErrorStream(); } else { response = conn.getInputStream(); } Reader r = new InputStreamReader(new BufferedInputStream(response)); char[] buffer = new char[1024]; int read = 0; while((read = r.read(buffer)) != -1) { System.out.print(Arrays.copyOf(buffer, read)); } System.out.println("DONE"); } }And the debug=ssl output with the Oracle 1.6u26 32bit JRE on Windows XP SP3:
*** *** ClientKeyExchange, RSA PreMasterSecret, TLSv1 main, WRITE: TLSv1 Handshake, length = 4640 SESSION KEYGEN: PreMaster Secret: 0000: 03 01 1F B7 3D E7 72 6D 23 39 7C B0 0F F0 26 8F ....=.rm#9....&. 0010: D6 24 FA D2 1C DE 43 94 4C 9C AA EA F1 4A 69 F1 .$....C.L....Ji. 0020: 62 20 5B CA 94 B8 CC 84 13 D5 1B 04 E5 51 A8 B7 b [..........Q.. CONNECTION KEYGEN: Client Nonce: 0000: 4E 40 59 44 1A 4E 92 52 C3 BB 26 1F 08 A3 14 3F [email protected]..&....? 0010: EB B9 CA 17 A1 DD B8 1D 89 C3 43 A8 E2 C6 D1 D0 ..........C..... Server Nonce: 0000: 4E 40 59 44 9C D0 05 53 96 C1 50 3E 24 AA 38 DB [email protected]>$.8. 0010: AE E7 55 F0 40 14 A4 85 4B BE 46 A5 7C 08 CB 2F [email protected]..../ Master Secret: 0000: 7F 32 A2 C4 35 8D CA C0 F7 05 B5 0B B0 38 F8 C6 .2..5........8.. 0010: 0C DC 7E C1 79 FD 97 08 0A D7 B1 40 6E 73 CB 28 ....y......@ns.( 0020: 84 78 D2 87 A8 88 C8 C7 A0 8C A3 AB 29 6B 6D FC .x..........)km. Client MAC write Secret: 0000: 96 90 FF F8 86 E0 AC E6 89 00 57 5A C6 23 94 EE ..........WZ.#.. 0010: AD 20 AB 5A . .Z Server MAC write Secret: 0000: AD C0 78 DC C8 96 BD E4 27 AD 7C 6D C8 AA C4 96 ..x.....'..m.... 0010: E3 03 46 25 ..F% Client write key: 0000: 40 25 7F BD 82 B7 85 6F 74 B2 A4 D1 16 4A FB 9F @%.....ot....J.. Server write key: 0000: 9F E5 5D 45 73 66 E0 11 9B 14 25 F5 80 A9 EB 2D ..]Esf....%....- Client write IV: 0000: 77 1E BE 62 7A EB 56 D9 C4 62 D9 B5 2D 1E 22 97 w..bz.V..b..-.". Server write IV: 0000: 7B 9F 0B AE 2E DF AF 7B 15 09 08 8C DE 13 0F 82 ................ *** CertificateVerify main, WRITE: TLSv1 Handshake, length = 288 main, WRITE: TLSv1 Change Cipher Spec, length = 32 *** Finished verify_data: { 12, 12, 219, 182, 15, 237, 101, 233, 209, 171, 52, 158 } *** main, WRITE: TLSv1 Handshake, length = 48 main, READ: TLSv1 Alert, length = 32 main, RECV TLSv1 ALERT: fatal, decrypt_error %% Invalidated: [Session-3, TLS_RSA_WITH_AES_128_CBC_SHA] main, called closeSocket() main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: decrypt_error main, called close() main, called closeInternal(true) Exception in thread "main" javax.net.ssl.SSLHandshakeException: Received fatal alert: decrypt_error at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174) at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1720) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:954) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:755) at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75) at java.io.BufferedInputStream.fill(BufferedInputStream.java:218) at java.io.BufferedInputStream.read1(BufferedInputStream.java:258) at java.io.BufferedInputStream.read(BufferedInputStream.java:317) at sun.net.www.http.HttpClient.parseHTTPHeader(HttpClient.java:687) at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:632) at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:652) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1195) at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:379) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:318) at Minimal.main(Minimal.java:33)And the debug=all output with the Oracle 1.6u26 32bit JRE on Windows XP SP3:
*** CertificateVerify [write] MD5 and SHA1 hashes: len = 262 0000: 0F 00 01 02 01 00 54 BD E6 C5 44 96 71 2B EF FC ......T...D.q+.. 0010: 6E 0B D6 26 79 32 F1 23 AC 35 9C CE FD C6 A5 44 n..&y2.#.5.....D 0020: F7 F1 C9 4C 48 0F AA EC 26 62 8F F8 50 3B FE 55 ...LH...&b..P;.U 0030: 99 07 6D EC F9 42 60 B8 DF 8C 54 94 F6 2C B7 A8 ..m..B`...T..,.. 0040: 16 C5 75 18 99 7E 3D 89 29 A2 46 5C 3E 49 33 F5 ..u...=.).F\>I3. 0050: C6 B0 82 B1 1D 74 42 2A D5 8F E7 6C 13 75 F9 93 .....tB*...l.u.. 0060: CD 21 10 D1 52 39 DD 00 95 C5 28 E6 84 66 75 DB .!..R9....(..fu. 0070: D3 53 A1 F6 CF D1 0B EC 6C 2E F2 32 FB 2E 87 49 .S......l..2...I 0080: 8A 11 E0 EA 2F E4 A3 AF 49 09 86 0B DF 6D 8A BB ..../...I....m.. 0090: 0C 51 1B 9A 16 6D DA EF F5 C0 25 09 4F 17 35 84 .Q...m....%.O.5. 00A0: DC 15 FE 2A 17 F0 AD 9F F5 4C 26 AA DE 54 97 97 ...*.....L&..T.. 00B0: EB 6F 07 ED 86 0A 62 B2 33 ED 2E DB 98 C0 A9 D3 .o....b.3....... 00C0: 6A B2 1D EE E8 D4 F9 73 F1 EE 76 0D 2E 2A F0 D0 j......s..v..*.. 00D0: 32 35 4A F8 4F E6 E3 C5 D3 29 3F AF 27 5E 3E 09 25J.O....)?.'^>. 00E0: 1C 4A E5 4B 0C E2 92 77 91 F1 31 73 18 10 0F 8A .J.K...w..1s.... 00F0: 53 87 54 73 A0 64 92 4E 21 40 25 9E EB D7 9C 68 S.Ts.d.N!@%....h 0100: 75 59 3C 12 A6 AE uYI3. 0050: C6 B0 82 B1 1D 74 42 2A D5 8F E7 6C 13 75 F9 93 .....tB*...l.u.. 0060: CD 21 10 D1 52 39 DD 00 95 C5 28 E6 84 66 75 DB .!..R9....(..fu. 0070: D3 53 A1 F6 CF D1 0B EC 6C 2E F2 32 FB 2E 87 49 .S......l..2...I 0080: 8A 11 E0 EA 2F E4 A3 AF 49 09 86 0B DF 6D 8A BB ..../...I....m.. 0090: 0C 51 1B 9A 16 6D DA EF F5 C0 25 09 4F 17 35 84 .Q...m....%.O.5. 00A0: DC 15 FE 2A 17 F0 AD 9F F5 4C 26 AA DE 54 97 97 ...*.....L&..T.. 00B0: EB 6F 07 ED 86 0A 62 B2 33 ED 2E DB 98 C0 A9 D3 .o....b.3....... 00C0: 6A B2 1D EE E8 D4 F9 73 F1 EE 76 0D 2E 2A F0 D0 j......s..v..*.. 00D0: 32 35 4A F8 4F E6 E3 C5 D3 29 3F AF 27 5E 3E 09 25J.O....)?.'^>. 00E0: 1C 4A E5 4B 0C E2 92 77 91 F1 31 73 18 10 0F 8A .J.K...w..1s.... 00F0: 53 87 54 73 A0 64 92 4E 21 40 25 9E EB D7 9C 68 S.Ts.d.N!@%....h 0100: 75 59 3C 12 A6 AE 04 99 63 17 2C 0F 57 FC DD 48 uY......6..... 0050: 8F D0 BF 3D 11 58 CE 17 6A 80 6F F8 A8 0C 17 0D ...=.X..j.o..... 0060: 6C 41 02 AB 96 03 91 60 C9 54 76 44 E2 17 A1 D5 lA.....`.TvD.... 0070: 07 7A 26 16 3E 94 88 0C BC E9 BE E9 91 A7 60 DC .z&.>.........`. 0080: D5 1C DD 85 DB F8 7A 52 5E 09 F2 38 B9 29 7D 08 ......zR^..8.).. 0090: 14 00 C0 D2 5E 72 4F 85 5A C0 E0 C1 33 58 C0 CD ....^rO.Z...3X.. 00A0: 13 B6 1A AC 9B 86 2A 00 81 55 94 0B 19 81 89 45 ......*..U.....E 00B0: 42 A0 12 E9 4E 15 2C E7 92 A5 6F D5 F7 31 74 42 B...N.,...o..1tB 00C0: 8E 2B 50 2F 46 A6 46 DF E4 F4 F1 32 FD 40 0D C9 .+P/F.F....2.@.. 00D0: 3A 0B 26 F0 2B 0A 58 FD A3 DC E7 30 3A 98 EB A8 :.&.+.X....0:... 00E0: BB 7C A2 FA DF 7E 9C 61 96 6F F9 A7 02 19 43 91 .......a.o....C. 00F0: 0B 1C C4 4E 73 8F A5 CA C5 CF D3 71 86 26 A1 EE ...Ns......q.&.. 0100: 2A B1 DE 1B BE 7A E8 1B 04 91 62 DD 9A C9 F2 72 *....z....b....r 0110: D6 A4 AC 13 83 CE 60 28 E7 D4 97 54 1E 31 E2 E3 ......`(...T.1.. 0120: 75 3B 5E 57 81 u;^W. Padded plaintext before ENCRYPTION: len = 32 0000: 01 20 0B 27 DC 48 23 03 1A D7 9A F6 2A BB 8F B8 . .'.H#.....*... 0010: 4D 6E 8A F0 ED 0A 0A 0A 0A 0A 0A 0A 0A 0A 0A 0A Mn.............. main, WRITE: TLSv1 Change Cipher Spec, length = 32 [Raw write]: length = 37 0000: 14 03 01 00 20 6C 2C F0 99 F6 91 70 68 9B 4C 51 .... l,....ph.LQ 0010: CC 9E 82 87 22 7C 84 FB FB A6 7F 12 F7 E1 3C 19 ....".........
