'[dev-crypto] Eutron Cryptoidentity and "Public key presented not for certificate signature" error'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bouncycastle-crypto-dev
Subject:    [dev-crypto] Eutron Cryptoidentity and "Public key presented not for certificate signature" error
From:       "Michal Niklas" <mn-opera () heuthes ! pl>
Date:       2007-06-21 11:28:23
Message-ID: op.tt9rhledh410fr () mn-xp ! heuthesd
[Download RAW message or body]


Hello all,

I have strange problem with signing PKCS10 or SPKAC requests.
When I got such request I load CA cert from PKCS#12 file
(with keystore type "BCPKCS12") and it works.
But then I tried to load CA cert from the same file but with "PKCS12"
keystore I got:
Public key presented not for certificate signature

The same error I got when I tried to use cert imported to Eutron  
Cryptoidentity 5
device with Algorithmic Research ARJCA provider.

Error I got:
java.security.InvalidKeyException: Public key presented not for  
certificate signature
        at  
org.bouncycastle.jce.provider.X509CertificateObject.checkSignature(Unknown  
Source)
        at  
org.bouncycastle.jce.provider.X509CertificateObject.verify(Unknown Source)
        at ht_ca.generateCert(ht_ca.java:570)


Fragment of my code (ht_ca.java) to verify just created client certificate:
569:  certClient = new_cert.generateX509Certificate(caPrivKey,  
KeyGeneratorProvider);
570:  certClient.verify(caCer.getPublicKey());

Java version on my WinXP:
java version "1.6.0_01"
Java(TM) SE Runtime Environment (build 1.6.0_01-b06)
Java HotSpot(TM) Client VM (build 1.6.0_01-b06, mixed mode, sharing)

I use bcprov-jdk16-137.jar.

Providers from my java.security:
security.provider.1=sun.security.provider.Sun
security.provider.2=sun.security.rsa.SunRsaSign
security.provider.3=com.sun.net.ssl.internal.ssl.Provider
security.provider.4=com.sun.crypto.provider.SunJCE
security.provider.5=sun.security.jgss.SunProvider
security.provider.6=com.sun.security.sasl.Provider
security.provider.7=org.jcp.xml.dsig.internal.dom.XMLDSigRI
security.provider.8=sun.security.smartcardio.SunPCSC
security.provider.9=sun.security.mscapi.SunMSCAPI
security.provider.10=COM.arx.jca.ARJCA
security.provider.11=org.bouncycastle.jce.provider.BouncyCastleProvider

I don't understand what is wrong :(
Somebody knows?

Regards,
Michal Niklas




[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic