jessie-discuss
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Jessie-discuss] Re: TLS Client Peer not verified

From: chinmaya
Subject: [Jessie-discuss] Re: TLS Client Peer not verified
Date: Tue, 17 Apr 2007 08:10:27 -0600
Hi

Any one has used this stack for client side usage. Am I doing anything wrong.
Any feedback is greatly appreciated.

thanks
chinmaya

On 4/9/07, chinmaya <address@hidden> wrote:
Hi the following TLS Client code works fine with Sun JSSE but when I change it to Jessie, I get following errors
On Client Side
Exception in thread "main" javax.net.ssl.SSLPeerUnverifiedException: peer not verified
        at gnu.javax.net.ssl.Session.getPeerCertificateChain (Session.java:161)
        at TLSClient.startClient(TLSClient.java:132)
        at TLSClient.main(TLSClient.java:261)

On Server Side
09 Apr 2007 18:39:56,275 ERROR [ 10.1.0.18:59575] TLSServer: Error while processing data
java.io.EOFException
        at gnu.javax.net.ssl.provider.SSLSocketImpl.doHandshake(SSLSocketImpl.java:455)
        at gnu.javax.net.ssl.provider.SSLSocketImpl$SocketInputStream.read (SSLSocketImpl.java:150)
        at sun.nio.cs.StreamDecoder$CharsetSD.readBytes(StreamDecoder.java:411)
        at sun.nio.cs.StreamDecoder$CharsetSD.implRead(StreamDecoder.java:453)
        at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:183)
        at java.io.InputStreamReader.read(InputStreamReader.java:167)
        at java.io.BufferedReader.fill (BufferedReader.java:136)
        at java.io.BufferedReader.read(BufferedReader.java:157)
        at TLSDataListener.processData(TLSDataListener.java:26)
        at TLSServer$2.run(TLSServer.java:200)


Can you please tell me what is going wrong ?
thanks in advance
chinmaya

-- code --
SSLContext ctx;
KeyManagerFactory kmf;
KeyStore ks;

String keyAlgo = null;
//keyAlgo = "SunX509";
keyAlgo = "JessieX509";

Provider provider = null;
provider = new Jessie();
//provider = new com.sun.net.ssl.internal.ssl.Provider();

ctx = SSLContext.getInstance("TLS", provider);
kmf = KeyManagerFactory.getInstance(keyAlgo, provider);
log.info("Loading pfx file: " + pfxFile);

SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
if(pfxFile != null) {
  ks = KeyStore.getInstance("PKCS12", "BC");
  fis = new FileInputStream(pfxFile);
  ks.load(fis, pfxPass);
  kmf.init(ks, pfxPass);
  ctx.init(kmf.getKeyManagers(), TLSTrustManager.getManagers(), random);
} else {
  ctx.init(null, TLSTrustManager.getManagers(), random);
}

SSLSocketFactory factory = ctx.getSocketFactory()
SSLSocket sock = (SSLSocket)factory.createSocket(host, port);
sock.setEnabledProtocols(new String[]{"TLSv1"});
sock.setUseClientMode (true);
sock.setEnabledCipherSuites(cipherSuits);
sock.startHandshake();

SSLSession sslsession = sock.getSession();
log.debug ("TLS Session Details follows ... ");
log.debug("Peer Host Address : " + sslsession.getPeerHost());
log.debug("Protocol : " + sslsession.getProtocol());
log.debug("Ciphersuite : " + sslsession.getCipherSuite ());

String[] enP = sock.getEnabledProtocols();
if(enP == null) {
  log.error("Enabled protocols is null");
} else {
  for(int i=0;i<enP.length;i++) {
    log.debug("Enabled Protocol: " + i + "=" + enP[i]);
  }
}

X509Certificate[] peerCerts = sslsession.getPeerCertificateChain();
log.debug("No. of Peer Certificates : " + peerCerts.length);

reply via email to
[Prev in Thread] Current Thread [Next in Thread]