RSA AES Cipher problem with JSS/NSS

[ksreedhar74]

Hello,

I am Mozilla-JSS as the provider in my Java application which is a SSL
client connecting to OpenSSL based SSL Server.

I am using the cipher suite "TLS_RSA_WITH_AES_128_CBC_SHA" and we are
using TLSv1.0 as the SSL protocol.

I get this exception when I try to connect to the server. Server has a
self signed RSA based certificate. What I thought was premaster secret
key is generated by the Client and encrypt using the public key of the
certificate so that Server will decrypt using its private key.

Can some one tell me what I am missing here and what this exception
means?

javax.net.ssl.SSLKeyException: RSA premaster secret error
        at com.sun.net.ssl.internal.ssl.PreMasterSecret.<init>
(PreMasterSecret.java:86)
        at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone
(ClientHandshaker.java:439)
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage
(ClientHandshaker.java:132)
        at com.sun.net.ssl.internal.ssl.Handshaker.process_record
(Handshaker.java:334)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord
(SSLSocketImpl.java:805)
        at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake
(SSLSocketImpl.java:1046)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake
(SSLSocketImpl.java:1059)
        at com.fhp.ems.main.TestSecurity_SSL.testSSL
(TestSecurity_SSL.java:218)
        at com.fhp.ems.main.TestSecurity_SSL.main
(TestSecurity_SSL.java:69)
Caused by: java.security.InvalidKeyException: Invalid key type:
org.mozilla.jss.pkcs11.PK11RSAPublicKey
        at org.mozilla.jss.provider.javax.crypto.JSSCipherSpi.importKey
(JSSCipherSpi.java:123)
        at
org.mozilla.jss.provider.javax.crypto.JSSCipherSpi.engineInit
(JSSCipherSpi.java:161)
        at
org.mozilla.jss.provider.javax.crypto.JSSCipherSpi.engineInit
(JSSCipherSpi.java:270)
        at javax.crypto.Cipher.init(DashoA13*..)
        at com.sun.net.ssl.internal.ssl.JCE_RSACipher.encryptInit
(RSACipher.java:76)
        at com.sun.net.ssl.internal.ssl.PreMasterSecret.<init>
(PreMasterSecret.java:83)
        ... 8 more

-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto