Java Security

Hi,

I am encountering the following exception when opening an SSL connection to an
HTTPS web server (running apache + mod_ssl ) :

java.io.IOException: unsupported keyword OID.2.5.4.5
 at com.sun.net.ssl.internal.ssl.AVA.<init>([DashoPro-V1.2-120198])
 at com.sun.net.ssl.internal.ssl.RDN.<init>([DashoPro-V1.2-120198])
 at com.sun.net.ssl.internal.ssl.X500Name.a([DashoPro-V1.2-120198])
 at com.sun.net.ssl.internal.ssl.X500Name.<init>([DashoPro-V1.2-120198])
 at 

com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
 at 

com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
 at 

com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
 at 

com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect([DashoPro-V

1.2-120198])
 at 

com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getInputStream([Das

hoPro-V1.2-120198])
 at [...]

The web server's X.509 V3 certificate was acquired from Certinomis (a
french company - www.certinomis.com), and I have imported its root CA and
intermediate CA into my client JVM's keystore using keytool.

After a short investigation, it looks like it is a bug of JSSE 1.0.2
implementation which doesn't recognize the Object Id 2.5.4.5 which
according to the following page, is a standard X.500 attribute :
http://www.alvestrand.no/objectid/2.5.4.5.html

Here is an excerpt of this page :
2.5.4.5 - id-at-serialNumber
OID value: 2.5.4.5
OID description: The Serial Number attribute type specifies an identifier, the
serial number of a device.
An attribute value for Serial Number is a printable string.

serialNumber ATTRIBUTE ::= {
 WITH SYNTAX PrintableString (SIZE (1..ub-serialNumber))
 EQUALITY MATCHING RULE caseIgnoreMatch
 SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
 ID id-at-serialNumber
}

The very same code works when accessing web sites using Verisign certificates
which do not contain such a 2.5.4.5 OID in the certificate subject, so it may
well be dued to a malformation of the Certinomis certificate.

Any help appreciated,
Patrick DECAT.

Following is the trace printed out when running the JVM with
-Djavax.net.debug=all (binary blocks replaced by [...]) :

C:\java\jdk1.3.1\bin\javaw -classpath
 C:\Development\HttpsReader\classes;
 C:\java\jsse1.0.2\lib\jsse.jar;C:\java\jsse1.0.2\lib\jnet.jar;
 C:\java\jsse1.0.2\lib\jcert.jar;C:\java\jdk1.3.1\jre\lib\i18n.jar;
 C:\java\jdk1.3.1\jre\lib\jaws.jar;C:\java\jdk1.3.1\jre\lib\rt.jar;
 C:\java\jdk1.3.1\jre\lib\sunrsasign.jar;C:\java\jdk1.3.1\lib\dt.jar;
 C:\java\jdk1.3.1\lib\tools.jar
 -Djavax.net.debug=all HttpsReader

keyStore is : 
keyStore type is : jks
init keystore
init keymanager of type SunX509
trustStore is: C:\java\jdk1.3.1\jre\lib\security\jssecacerts
trustStore type is : jks
init truststore
adding as trusted cert: [
[
  Version: V3
  Subject: CN=CertiNomis, OU=AC Racine - Root CA, O=CertiNomis, C=FR
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  com.sun.rsajca.JSA_RSAPublicKey@19681b
  Validity: [From: Thu Nov 09 01:00:00 CET 2000,
               To: Fri Nov 09 01:00:00 CET 2012]
  Issuer: CN=CertiNomis, OU=AC Racine - Root CA, O=CertiNomis, C=FR
  SerialNumber: [    30303030 39373337 35373338 36303030 ]

Certificate Extensions: 3
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: [...]
]
]

[2]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
  DigitalSignature
  Key_CertSign
  Crl_Sign
]

[3]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
]
  Algorithm: [SHA1withRSA]
  Signature:
0000: [...]
]

adding as trusted cert: [
[
  Version: V3
  Subject: CN=CertiNomis Classe 2, O=CertiNomis, C=FR
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  com.sun.rsajca.JSA_RSAPublicKey@bc49d
  Validity: [From: Wed Nov 29 01:00:00 CET 2000,
               To: Mon Nov 29 01:00:00 CET 2004]
  Issuer: CN=CertiNomis, OU=AC Racine - Root CA, O=CertiNomis, C=FR
  SerialNumber: [    30303030 39373534 38383434 39303030 ]

Certificate Extensions: 6
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
   SSL CA
   S/MIME CA
   Object Signing CA]

[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: [...]
]
]

[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: [...]
]
]

[4]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: [...]

[5]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
  DigitalSignature
  Key_CertSign
  Crl_Sign
]

[6]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
]
  Algorithm: [SHA1withRSA]
  Signature:
0000: [...]
]

init context
trigger seeding of SecureRandom
done seeding SecureRandom

%% No cached client session
*** ClientHello, v3.1
RandomCookie:  GMT: 993394508 bytes = { 24, 22, 81, 16, 235, 187, 118, 86, 45, 

138, 98, 195, 
 155, 110, 203, 166, 77, 227, 57, 128, 191, 247, 109, 154, 243, 212, 78, 25 }
Session ID:  {}
Cipher Suites:  { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17 }
Compression Methods:  { 0 }
***
[write] MD5 and SHA1 hashes:  len = 59
0000: [...]
AWT-EventQueue-0, WRITE:  SSL v3.1 Handshake, length = 59
[write] MD5 and SHA1 hashes:  len = 77
0000: [...]
AWT-EventQueue-0, WRITE:  SSL v2, contentType = 22, translated length = 16310
AWT-EventQueue-0, READ:  SSL v3.1 Handshake, length = 74
*** ServerHello, v3.1
RandomCookie:  GMT: 993394166 bytes = { 7, 124, 93, 170, 159, 46, 253, 150, 76, 

123, 239,
 155, 27, 14, 132, 20, 203, 83, 219, 221, 217, 201, 21, 212, 79, 18, 122, 73 }
Session ID:  {179, 250, 40, 17, 25, 73, 235, 228, 229, 141, 93, 207, 137, 204, 71, 

144, 235, 
 210, 99, 135, 15, 169, 170, 141, 156, 3, 58, 135, 178, 196, 112, 222}
Cipher Suite:  { 0, 5 }
Compression Method: 0
***
%% Created:  [Session-1, SSL_RSA_WITH_RC4_128_SHA]
** SSL_RSA_WITH_RC4_128_SHA
[read] MD5 and SHA1 hashes:  len = 74
0000: [...]
AWT-EventQueue-0, READ:  SSL v3.1 Handshake, length = 1088
*** Certificate chain
chain [0] = [
[
  Version: V3
  Subject: OID.2.5.4.5=10052821, OU=Certificat Mercatis, 

EmailAddress=xxxxxxx@xxxx.xxxxxxxx.com, CN=xxxxxx.xxxxxxxx.com, OU=FC, 

O=XXXXXXXXX-XXXXXXXXX, L=Paris, ST=Paris, C=FR
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
  Key:  com.sun.rsajca.JSA_RSAPublicKey@4a0115
  Validity: [From: Fri Mar 23 11:54:32 CET 2001,
               To: Sun Mar 24 11:54:32 CET 2002]
  Issuer: CN=CertiNomis Classe 2, O=CertiNomis, C=FR
  SerialNumber: [    39383533 34313237 32353633 ]

Certificate Extensions: 8
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
   SSL server
   S/MIME
   Object Signing
]

[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: [...]
]
]

[3]: ObjectId: 2.5.29.32 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: [...]

[4]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: [...]
]
]

[5]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: [...]

[6]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
[RFC822Name: xxxxxxx@xxxx.xxxxxxxx.fr]]

[7]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
  DigitalSignature
  Non_repudiation
  Key_Encipherment
  Data_Encipherment
]

[8]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
]
]
  Algorithm: [SHA1withRSA]
  Signature:
0000: [...]
]

***
add missing root cert: [
[
  Version: V3
  Subject: CN=CertiNomis Classe 2, O=CertiNomis, C=FR
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  com.sun.rsajca.JSA_RSAPublicKey@bc49d
  Validity: [From: Wed Nov 29 01:00:00 CET 2000,
               To: Mon Nov 29 01:00:00 CET 2004]
  Issuer: CN=CertiNomis, OU=AC Racine - Root CA, O=CertiNomis, C=FR
  SerialNumber: [    30303030 39373534 38383434 39303030 ]

Certificate Extensions: 6
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
   SSL CA
   S/MIME CA
   Object Signing CA]

[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: [...]
]
]

[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: [...]
]
]

[4]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: [...]

[5]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
  DigitalSignature
  Key_CertSign
  Crl_Sign
]

[6]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
]
  Algorithm: [SHA1withRSA]
  Signature:
0000: [...]
]

stop on trusted cert: [
[
  Version: V3
  Subject: CN=CertiNomis Classe 2, O=CertiNomis, C=FR
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
  Key:  com.sun.rsajca.JSA_RSAPublicKey@bc49d
  Validity: [From: Wed Nov 29 01:00:00 CET 2000,
               To: Mon Nov 29 01:00:00 CET 2004]
  Issuer: CN=CertiNomis, OU=AC Racine - Root CA, O=CertiNomis, C=FR
  SerialNumber: [    30303030 39373534 38383434 39303030 ]

Certificate Extensions: 6
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
   SSL CA
   S/MIME CA
   Object Signing CA]

[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: [...]
]
]

[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: [...]
]
]

[4]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: [...]

[5]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
  DigitalSignature
  Key_CertSign
  Crl_Sign
]

[6]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
]
  Algorithm: [SHA1withRSA]
  Signature:
0000: [...]
]

[read] MD5 and SHA1 hashes:  len = 1088
0000: [...]
AWT-EventQueue-0, READ:  SSL v3.1 Handshake, length = 4
*** ServerHelloDone
[read] MD5 and SHA1 hashes:  len = 4
0000: [...]
*** ClientKeyExchange, RSA PreMasterSecret, v3.1
Random Secret:  { 3, 1, 94, 206, 199, 220, 80, 40, 86, 42, 59, 54, 23, 92, 139,
 128, 16, 86, 141, 241, 78, 190, 245, 233, 179, 240, 248, 239, 144, 179, 120,
 41, 52, 117, 74, 230, 249, 185, 175, 141, 182, 0, 207, 81, 217, 66, 216, 69 }
[write] MD5 and SHA1 hashes:  len = 134
0000: [...]
AWT-EventQueue-0, WRITE:  SSL v3.1 Handshake, length = 134
SESSION KEYGEN:
PreMaster Secret:
0000: [...]
CONNECTION KEYGEN:
Client Nonce:
0000: [...]
Server Nonce:
0000: [...]
Master Secret:
0000: [...]
Client MAC write Secret:
0000: [...]
Server MAC write Secret:
0000: [...]
Client write key:
0000: [...]
Server write key:
0000: [...]
... no IV for cipher
AWT-EventQueue-0, WRITE:  SSL v3.1 Change Cipher Spec, length = 1
*** Finished, v3.1
verify_data:  { 48, 119, 230, 86, 67, 207, 57, 59, 18, 222, 4, 107 }
***
[write] MD5 and SHA1 hashes:  len = 16
0000: [...]
Plaintext before ENCRYPTION:  len = 36
0000: [...]

AWT-EventQueue-0, WRITE:  SSL v3.1 Handshake, length = 36

AWT-EventQueue-0, READ:  SSL v3.1 Change Cipher Spec, length = 1
AWT-EventQueue-0, READ:  SSL v3.1 Handshake, length = 36
Plaintext after DECRYPTION:  len = 36
0000: [...]
*** Finished, v3.1
verify_data:  { 238, 82, 186, 214, 115, 130, 241, 249, 113, 52, 93, 58 }
***
%% Cached client session: [Session-1, SSL_RSA_WITH_RC4_128_SHA]
[read] MD5 and SHA1 hashes:  len = 16
0000: [...]
Finalizer, SEND SSL v3.1 ALERT:  warning, description = close_notify
Plaintext before ENCRYPTION:  len = 22
0000: [...]
Finalizer, WRITE:  SSL v3.1 Alert, length = 22