Details
-
Bug
-
Resolution: Done
-
Major
-
3.0.4.Final
-
None
-
None
-
HideClient side
//encrypt SomeJSON (simple POJO) EnvelopedOutput output = new EnvelopedOutput(new SomeJSON("test"), MediaType.APPLICATION_JSON_TYPE); output.setCertificate(<certificate>); //sign encrypted SomeJSON SignedOutput signed = new SignedOutput(output, "application/pkcs7-mime"); signed.setCertificate(<certificate>); signed.setPrivateKey(<privateKey>); Response res = target.request().post(Entity.entity(signed,"multipart/signed"));
Server side@POST @Path("/{somepath}") public SignedOutput status(@PathParam("somepath") final String somepath,SignedInput<EnvelopedInput<SomeJSON>> input) throws Exception { //get encrypted content - it is OK final EnvelopedInput<SomeJSON> envelop = input.getEntity(); //verify signature - it is OK if (!input.verify(<certificate>)) throw new WebApplicationException(500); //encrypt content - FAILED final SomeJSON someJSON = envelop.getEntity(<privateKey>,<certificate>); ...... }
The 'envelop.getEntity(<privateKey>,<certificate>)' method fails with:
stacktrace17:25:31,888 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[default-host].[/edc-rest-service-0.0.1].[com.testapp.edc.rest.service.EDCApplication]] (http-localhost-127.0.0.1-8080-1) Servlet.service() for servlet com.testapp.edc.rest.service.EDCApplication threw exception: org.jboss.resteasy.spi.UnhandledException: java.lang.RuntimeException: org.bouncycastle.cms.CMSException: Malformed content. at org.jboss.resteasy.core.ExceptionHandler.handleApplicationException(ExceptionHandler.java:76) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.ExceptionHandler.handleException(ExceptionHandler.java:212) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.writeException(SynchronousDispatcher.java:149) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:372) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:179) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:220) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) [resteasy-jaxrs-3.0.4.Final.jar:] at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:] at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:62) [weld-core-1.1.5.AS71.Final.jar:2012-02-10 15:31] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161) [jbossweb-7.0.13.Final.jar:] at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:] at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:] at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:] at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:] at java.lang.Thread.run(Unknown Source) [rt.jar:1.6.0_27] Caused by: java.lang.RuntimeException: org.bouncycastle.cms.CMSException: Malformed content. at org.jboss.resteasy.security.smime.EnvelopedInputImpl.getEntity(EnvelopedInputImpl.java:166) [resteasy-crypto-3.0.4.Final.jar:] at org.jboss.resteasy.security.smime.EnvelopedInputImpl.getEntity(EnvelopedInputImpl.java:123) [resteasy-crypto-3.0.4.Final.jar:] at com.testapp.edc.rest.service.EDCRestService.status(EDCRestService.java:87) [classes:] at com.testapp.edc.rest.service.EDCRestService$Proxy$_$$_WeldClientProxy.status(EDCRestService$Proxy$_$$_WeldClientProxy.java) [classes:] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.6.0_27] at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) [rt.jar:1.6.0_27] at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) [rt.jar:1.6.0_27] at java.lang.reflect.Method.invoke(Unknown Source) [rt.jar:1.6.0_27] at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:137) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:280) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:234) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:221) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:356) [resteasy-jaxrs-3.0.4.Final.jar:] ... 21 more Caused by: org.bouncycastle.cms.CMSException: Malformed content. at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source) [bcmail-jdk16-1.46.jar:1.46.0] at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source) [bcmail-jdk16-1.46.jar:1.46.0] at org.bouncycastle.cms.CMSEnvelopedData.<init>(Unknown Source) [bcmail-jdk16-1.46.jar:1.46.0] at org.bouncycastle.mail.smime.SMIMEEnveloped.<init>(Unknown Source) [bcmail-jdk16-1.46.jar:1.46.0] at org.jboss.resteasy.security.smime.EnvelopedInputImpl.getEntity(EnvelopedInputImpl.java:156) [resteasy-crypto-3.0.4.Final.jar:] ... 33 more Caused by: java.lang.IllegalArgumentException: unknown object in factory: org.bouncycastle.asn1.DERApplicationSpecific at org.bouncycastle.asn1.cms.ContentInfo.getInstance(Unknown Source) [bcprov-jdk16-1.46.jar:1.46.0] ... 38 more
ShowClient side //encrypt SomeJSON (simple POJO) EnvelopedOutput output = new EnvelopedOutput( new SomeJSON( "test" ), MediaType.APPLICATION_JSON_TYPE); output.setCertificate(<certificate>); //sign encrypted SomeJSON SignedOutput signed = new SignedOutput(output, "application/pkcs7-mime" ); signed.setCertificate(<certificate>); signed.setPrivateKey(<privateKey>); Response res = target.request().post(Entity.entity(signed, "multipart/signed" )); Server side @POST @Path( "/{somepath}" ) public SignedOutput status(@PathParam( "somepath" ) final String somepath,SignedInput<EnvelopedInput<SomeJSON>> input) throws Exception { //get encrypted content - it is OK final EnvelopedInput<SomeJSON> envelop = input.getEntity(); //verify signature - it is OK if (!input.verify(<certificate>)) throw new WebApplicationException(500); //encrypt content - FAILED final SomeJSON someJSON = envelop.getEntity(<privateKey>,<certificate>); ...... } The 'envelop.getEntity(<privateKey>,<certificate>)' method fails with: stacktrace 17:25:31,888 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[ default -host].[/edc- rest -service-0.0.1].[com.testapp.edc. rest .service.EDCApplication]] (http-localhost-127.0.0.1-8080-1) Servlet.service() for servlet com.testapp.edc. rest .service.EDCApplication threw exception: org.jboss.resteasy.spi.UnhandledException: java.lang.RuntimeException: org.bouncycastle.cms.CMSException: Malformed content. at org.jboss.resteasy.core.ExceptionHandler.handleApplicationException(ExceptionHandler.java:76) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.ExceptionHandler.handleException(ExceptionHandler.java:212) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.writeException(SynchronousDispatcher.java:149) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:372) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:179) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:220) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) [resteasy-jaxrs-3.0.4.Final.jar:] at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:] at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:62) [weld-core-1.1.5.AS71.Final.jar:2012-02-10 15:31] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161) [jbossweb-7.0.13.Final.jar:] at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:] at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:] at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:] at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:] at java.lang. Thread .run(Unknown Source) [rt.jar:1.6.0_27] Caused by: java.lang.RuntimeException: org.bouncycastle.cms.CMSException: Malformed content. at org.jboss.resteasy.security.smime.EnvelopedInputImpl.getEntity(EnvelopedInputImpl.java:166) [resteasy-crypto-3.0.4.Final.jar:] at org.jboss.resteasy.security.smime.EnvelopedInputImpl.getEntity(EnvelopedInputImpl.java:123) [resteasy-crypto-3.0.4.Final.jar:] at com.testapp.edc. rest .service.EDCRestService.status(EDCRestService.java:87) [classes:] at com.testapp.edc. rest .service.EDCRestService$Proxy$_$$_WeldClientProxy.status(EDCRestService$Proxy$_$$_WeldClientProxy.java) [classes:] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.6.0_27] at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) [rt.jar:1.6.0_27] at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) [rt.jar:1.6.0_27] at java.lang.reflect.Method.invoke(Unknown Source) [rt.jar:1.6.0_27] at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:137) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:280) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:234) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:221) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:356) [resteasy-jaxrs-3.0.4.Final.jar:] ... 21 more Caused by: org.bouncycastle.cms.CMSException: Malformed content. at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source) [bcmail-jdk16-1.46.jar:1.46.0] at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source) [bcmail-jdk16-1.46.jar:1.46.0] at org.bouncycastle.cms.CMSEnvelopedData.<init>(Unknown Source) [bcmail-jdk16-1.46.jar:1.46.0] at org.bouncycastle.mail.smime.SMIMEEnveloped.<init>(Unknown Source) [bcmail-jdk16-1.46.jar:1.46.0] at org.jboss.resteasy.security.smime.EnvelopedInputImpl.getEntity(EnvelopedInputImpl.java:156) [resteasy-crypto-3.0.4.Final.jar:] ... 33 more Caused by: java.lang.IllegalArgumentException: unknown object in factory: org.bouncycastle.asn1.DERApplicationSpecific at org.bouncycastle.asn1.cms.ContentInfo.getInstance(Unknown Source) [bcprov-jdk16-1.46.jar:1.46.0] ... 38 more
Description
Hi,
I have created a small rest service, which receives an SMIME encrypted and signed request.
In the examples I found a similar one, which is decrypts and verifies a request, but in my
case the order is different: first I encrypt the base JSON message, and then sign it.
In the original examle the first step is the signing and then comes the encrytion, and this
one is working fine. My example (JSON->encryption->signing) produces different exceptions on
receiver side after signature verification, when I'm trying to decrypt it.
Tested cases (client - server):
- sign - verify = OK
- encrypt - decrypt = OK
- sign+encrypt - decrypt-verify = OK
- encrypt+sign - verify-decrypt = FAILED
Regards,
Tamás