Re: diffie-hellman problem
hello Christian, On Tuesday 27 June 2006 08:25, Christian Thalinger wrote: > Hi! > > I'm trying to run an application which uses a lot of crypto stuff and > I ran into some problems. A friend of mine told me to try some > tests, like this one: > > http://java.sun.com/j2se/1.4.2/docs/guide/security/jce/JCERefGuide.ht >ml#DH2Ex > > And actually it does not work with GNU Classpath. I get: > > $ cacao DHKeyAgreement2 > Using SKIP Diffie-Hellman parameters > ALICE: Generate DH keypair ... > ALICE: Initialization ... > java.security.spec.InvalidKeySpecException >at > gnu.javax.crypto.jce.sig.DHKeyFactory.engineGeneratePublic(DHKeyFacto >ry.java:94) at > java.security.KeyFactory.generatePublic(KeyFactory.java:219) at > DHKeyAgreement2.run(DHKeyAgreement2.java:107) >at DHKeyAgreement2.main(DHKeyAgreement2.java:54) > Caused by: java.lang.NumberFormatException >at java.math.BigInteger.(BigInteger.java:156) >at > gnu.java.security.der.DERReader.readUniversal(DERReader.java:226) at > gnu.java.security.der.DERReader.read(DERReader.java:165) at > gnu.javax.crypto.key.dh.DHKeyPairX509Codec.decodePublicKey(DHKeyPairX >509Codec.java:212) at > gnu.javax.crypto.jce.sig.DHKeyFactory.engineGeneratePublic(DHKeyFacto >ry.java:89) ...3 more > > Any ideas? i'll have a closer look at it and will let you know. btw. i presume you're using the CVS HEAD? cheers; rsn pgpjO8ie433kb.pgp Description: PGP signature
Re: diffie-hellman problem
On Tue, 2006-06-27 at 19:35 +1000, Raif S. Naffah wrote: > i'll have a closer look at it and will let you know. > > btw. i presume you're using the CVS HEAD? Yes, right. TWISTI
Re: diffie-hellman problem
hello Christian, On Tuesday 27 June 2006 19:45, Christian Thalinger wrote: > On Tue, 2006-06-27 at 19:35 +1000, Raif S. Naffah wrote: > > i'll have a closer look at it and will let you know. > > > > btw. i presume you're using the CVS HEAD? > > Yes, right. found the problem; should be able to check-in a fix within the next 48h. cheers; rsn pgputn5RaoAwe.pgp Description: PGP signature
Re: diffie-hellman problem
On Tue, 2006-06-27 at 21:27 +1000, Raif S. Naffah wrote: > found the problem; should be able to check-in a fix within the next > 48h. Very cool! Thanks for the quick fix. Does this Sun demo now work for you? It does not throw the exception anymore, but it hangs here with 0% cpu: Shared secrets are the same Return shared secret as SecretKey object ... DES in ECB mode recovered text is same as cleartext DES in CBC mode recovered text is same as cleartext jamvm crashes on my x86_64, so I don't know if that's a cacao bug. Another thing is, it didn't fix the problem in this proprietary application I'm trying to run. I'll paste the stacktrace, maybe you have an idea: java.security.spec.InvalidKeySpecException: Unexpected OID: 1.3.14.3.2.12 at gnu.java.security.jce.sig.DSSKeyFactory.engineGeneratePublic(DSSKeyFactory.java:96) at java.security.KeyFactory.generatePublic(KeyFactory.java:219) at hox.corem.server.LicenseManagerImpl.(LicenseManagerImpl.java:89) Caused by: java.security.InvalidParameterException: Unexpected OID: 1.3.14.3.2.12 at gnu.java.security.key.dss.DSSKeyPairX509Codec.decodePublicKey(DSSKeyPairX509Codec.java:204) at gnu.java.security.jce.sig.DSSKeyFactory.engineGeneratePublic(DSSKeyFactory.java:91) ...2 more TWISTI
Re: diffie-hellman problem
Hi, On 6/28/06, Christian Thalinger <[EMAIL PROTECTED]> wrote: On Tue, 2006-06-27 at 21:27 +1000, Raif S. Naffah wrote: > found the problem; should be able to check-in a fix within the next > 48h. Very cool! Thanks for the quick fix. Does this Sun demo now work for you? It does not throw the exception anymore, but it hangs here with 0% cpu: Shared secrets are the same Return shared secret as SecretKey object ... DES in ECB mode recovered text is same as cleartext DES in CBC mode recovered text is same as cleartext jamvm crashes on my x86_64, so I don't know if that's a cacao bug. Any chance you could provide some details? Thanks, Rob. TWISTI
Re: diffie-hellman problem
On Wed, 2006-06-28 at 17:27 +0100, Robert Lougher wrote: > Any chance you could provide some details? Yeah, sorry. Ok, here we go: This is jamvm-1.4.3 on x86_64-linux. Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 1241594208 (LWP 25793)] objectLock (obj=0x2ade337c0008) at lock.c:314 314 if((entering = ATOMIC_READ(&mon->entering)) == UN_USED) (gdb) bt #0 objectLock (obj=0x2ade337c0008) at lock.c:314 #1 0x00419f5e in threadStart (arg=) at thread.c:315 #2 0x2ade33399b1c in start_thread () from /lib/libpthread.so.0 #3 0x2ade335759c2 in clone () from /lib/libc.so.6 #4 0x in ?? () TWISTI
Re: diffie-hellman problem
hello Christian, On Thursday 29 June 2006 01:07, Christian Thalinger wrote: > On Tue, 2006-06-27 at 21:27 +1000, Raif S. Naffah wrote: > > found the problem; should be able to check-in a fix within the > > next 48h. > > Very cool! Thanks for the quick fix. Does this Sun demo now work > for you? It does not throw the exception anymore, but it hangs here > with 0% cpu: > > > Shared secrets are the same > Return shared secret as SecretKey object ... > DES in ECB mode recovered text is same as cleartext > DES in CBC mode recovered text is same as cleartext i test against the Mauve testlet and this is what i get: TEST: gnu.javax.crypto.jce.TestOfDHKeyAgreement2 *** Generating Alice's Diffie-Hellman key-pair *** Initializing Alice's Diffie-Hellman key-agreement *** Alice sends Bob her encoded key... *** Generating Bob's Diffie-Hellman key-pair *** Initializing Bob's Diffie-Hellman key-agreement *** Bob sends Alice his encoded key... *** Alice does phase #1 *** Bob does phase #1 pass: line 160: generateSecret(byte[128], 1) MUST throw ShortBufferException [1] pass: line 165: Shared secrets MUST be equal [1] *** Bob generates a new shared secret *** Alice generates a new shared secret *** Bob sends Alice a DES/ECB encrypted message pass: line 190: DES/ECB recovered text and cleartext MUST be equal [1] *** Bob sends Alice a DES/CBC encrypted message pass: line 209: DES/CBC recovered text and cleartext MUST be equal [1] TEST PASSED (4 checks) gnu.javax.crypto.jce.TestOfDHKeyAgreement2 TEST RESULTS: 0 of 1 tests failed. 0 total calls to harness.check() failed. with: * Classpath CVS HEAD, configured --with-jikes * the latest JamVM, checked out from cvs.jamv.berlios.de. $ jamvm -version java version "1.4.2" JamVM version 1.4.4-pre Copyright (C) 2003-2006 Robert Lougher <[EMAIL PROTECTED]> * Harness invoked with -showpasses -verbose the fact that it hangs after, presumably, the last crypto operation is indicative of a thread or VM related problem, but i could be wrong. > jamvm crashes on my x86_64, so I don't know if that's a cacao bug. Robert should be able to help with this. > Another thing is, it didn't fix the problem in this proprietary > application I'm trying to run. I'll paste the stacktrace, maybe you > have an idea: > > java.security.spec.InvalidKeySpecException: Unexpected OID: > 1.3.14.3.2.12 at > gnu.java.security.jce.sig.DSSKeyFactory.engineGeneratePublic(DSSKeyFa >ctory.java:96) at > java.security.KeyFactory.generatePublic(KeyFactory.java:219) at > hox.corem.server.LicenseManagerImpl.(LicenseManagerImpl.java: >89) Caused by: java.security.InvalidParameterException: Unexpected > OID: 1.3.14.3.2.12 at > gnu.java.security.key.dss.DSSKeyPairX509Codec.decodePublicKey(DSSKeyP >airX509Codec.java:204) at > gnu.java.security.jce.sig.DSSKeyFactory.engineGeneratePublic(DSSKeyFa >ctory.java:91) ...2 more this is indicative of a possible problem with the DSS/DSA JCE Adapters. an example code/test-case, with the data that caused the exception, would be a great help in finding the bug and validating the fix. cheers; rsn pgpdzsUEHa8PD.pgp Description: PGP signature
Re: diffie-hellman problem
On Thu, 2006-06-29 at 20:11 +1000, Raif S. Naffah wrote: > i test against the Mauve testlet and this is what i get: > > TEST: gnu.javax.crypto.jce.TestOfDHKeyAgreement2 > *** Generating Alice's Diffie-Hellman key-pair > *** Initializing Alice's Diffie-Hellman key-agreement > *** Alice sends Bob her encoded key... > *** Generating Bob's Diffie-Hellman key-pair > *** Initializing Bob's Diffie-Hellman key-agreement > *** Bob sends Alice his encoded key... > *** Alice does phase #1 > *** Bob does phase #1 > pass: line 160: generateSecret(byte[128], 1) MUST throw > ShortBufferException [1] > pass: line 165: Shared secrets MUST be equal [1] > *** Bob generates a new shared secret > *** Alice generates a new shared secret > *** Bob sends Alice a DES/ECB encrypted message > pass: line 190: DES/ECB recovered text and cleartext MUST be equal [1] > *** Bob sends Alice a DES/CBC encrypted message > pass: line 209: DES/CBC recovered text and cleartext MUST be equal [1] > TEST PASSED (4 checks) gnu.javax.crypto.jce.TestOfDHKeyAgreement2 > > TEST RESULTS: > 0 of 1 tests failed. 0 total calls to harness.check() failed. > > with: > > * Classpath CVS HEAD, configured --with-jikes > * the latest JamVM, checked out from cvs.jamv.berlios.de. > $ jamvm -version > java version "1.4.2" > JamVM version 1.4.4-pre > Copyright (C) 2003-2006 Robert Lougher <[EMAIL PROTECTED]> > * Harness invoked with -showpasses -verbose > > > the fact that it hangs after, presumably, the last crypto operation is > indicative of a thread or VM related problem, but i could be wrong. The mauve one works for me too. I'll check that. > this is indicative of a possible problem with the DSS/DSA JCE Adapters. > an example code/test-case, with the data that caused the exception, > would be a great help in finding the bug and validating the fix. I'm in contact with a developer of that software and maybe we can build a testcase. TWISTI
