search

PeculiarVentures / PKI.js

PKI.js is a pure JavaScript library implementing the formats that are used in PKI applications (signing, encryption, certificate requests, OCSP and TSP requests/responses). It is built on WebCrypto (Web Cryptography API) and requires no plug-ins.
http://pkijs.org
Other
1.25k stars 204 forks source link

Not loading pkcs12 file in the KEYSTORE Explorer #268

Closed sureshreddygovindu closed 4 years ago

sureshreddygovindu commented 4 years ago

I'm trying to use pkijs to create pkcs12 using private key, certificate and certificate chain for RSA and ECC key types.

  1. I've downloaded sample pkcs12 using PKCS12SimpleExample.html
  2. I've explore using openssl commands, it's working fine. I able to see the cert and private key.
  3. Unable to load this sample pkcs12 file using KEYSTORE Explorer tool Print stack trace below. 
    at org.kse.crypto.keystore.KeyStoreUtil.load(KeyStoreUtil.java:177)
    at org.kse.crypto.keystore.KeyStoreUtil.load(KeyStoreUtil.java:137)
    at org.kse.gui.actions.OpenAction.openKeyStore(OpenAction.java:141)
    at org.kse.gui.actions.OpenAction.openKeyStore(OpenAction.java:97)
    at org.kse.gui.MacOsIntegration.invoke(MacOsIntegration.java:87)
    at com.sun.proxy.$Proxy0.openFiles(Unknown Source)
    at com.apple.eawt._AppEventHandler$_OpenFileDispatcher.performUsing(_AppEventHandler.java:361)
    at com.apple.eawt._AppEventHandler$_OpenFileDispatcher.performUsing(_AppEventHandler.java:352)
    at com.apple.eawt._AppEventHandler$_AppEventDispatcher$1.run(_AppEventHandler.java:516)
    at java.awt.event.InvocationEvent.dispatch(InvocationEvent.java:311)
    at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:758)
    at java.awt.EventQueue.access$500(EventQueue.java:97)
    at java.awt.EventQueue$3.run(EventQueue.java:709)
    at java.awt.EventQueue$3.run(EventQueue.java:703)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:74)
    at java.awt.EventQueue.dispatchEvent(EventQueue.java:728)
    at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:205)
    at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:116)
    at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:105)
    at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101)
    at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:93)
    at java.awt.EventDispatchThread.run(EventDispatchThread.java:82)

java.io.IOException: parseAlgParameters failed: ObjectIdentifier() -- data isn't an object ID (tag = 48)
    at sun.security.pkcs12.PKCS12KeyStore.parseAlgParameters(PKCS12KeyStore.java:816)
    at sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2018)
    at java.security.KeyStore.load(KeyStore.java:1445)
    at org.kse.crypto.keystore.KeyStoreUtil.load(KeyStoreUtil.java:170)
    at org.kse.crypto.keystore.KeyStoreUtil.load(KeyStoreUtil.java:137)
    at org.kse.gui.actions.OpenAction.openKeyStore(OpenAction.java:141)
    at org.kse.gui.actions.OpenAction.openKeyStore(OpenAction.java:97)
    at org.kse.gui.MacOsIntegration.invoke(MacOsIntegration.java:87)
    at com.sun.proxy.$Proxy0.openFiles(Unknown Source)
    at com.apple.eawt._AppEventHandler$_OpenFileDispatcher.performUsing(_AppEventHandler.java:361)
    at com.apple.eawt._AppEventHandler$_OpenFileDispatcher.performUsing(_AppEventHandler.java:352)
    at com.apple.eawt._AppEventHandler$_AppEventDispatcher$1.run(_AppEventHandler.java:516)
    at java.awt.event.InvocationEvent.dispatch(InvocationEvent.java:311)
    at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:758)
    at java.awt.EventQueue.access$500(EventQueue.java:97)
    at java.awt.EventQueue$3.run(EventQueue.java:709)
    at java.awt.EventQueue$3.run(EventQueue.java:703)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:74)
    at java.awt.EventQueue.dispatchEvent(EventQueue.java:728)
    at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:205)
    at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:116)
    at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:105)
    at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101)
    at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:93)
    at java.awt.EventDispatchThread.run(EventDispatchThread.java:82)

java.io.IOException: ObjectIdentifier() -- data isn't an object ID (tag = 48)
    at sun.security.util.ObjectIdentifier.<init>(ObjectIdentifier.java:257)
    at sun.security.util.DerInputStream.getOID(DerInputStream.java:314)
    at com.sun.crypto.provider.PBES2Parameters.engineInit(PBES2Parameters.java:267)
    at java.security.AlgorithmParameters.init(AlgorithmParameters.java:293)
    at sun.security.pkcs12.PKCS12KeyStore.parseAlgParameters(PKCS12KeyStore.java:812)
    at sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2018)
    at java.security.KeyStore.load(KeyStore.java:1445)
    at org.kse.crypto.keystore.KeyStoreUtil.load(KeyStoreUtil.java:170)
    at org.kse.crypto.keystore.KeyStoreUtil.load(KeyStoreUtil.java:137)
    at org.kse.gui.actions.OpenAction.openKeyStore(OpenAction.java:141)
    at org.kse.gui.actions.OpenAction.openKeyStore(OpenAction.java:97)
    at org.kse.gui.MacOsIntegration.invoke(MacOsIntegration.java:87)
    at com.sun.proxy.$Proxy0.openFiles(Unknown Source)
    at com.apple.eawt._AppEventHandler$_OpenFileDispatcher.performUsing(_AppEventHandler.java:361)
    at com.apple.eawt._AppEventHandler$_OpenFileDispatcher.performUsing(_AppEventHandler.java:352)
    at com.apple.eawt._AppEventHandler$_AppEventDispatcher$1.run(_AppEventHandler.java:516)
    at java.awt.event.InvocationEvent.dispatch(InvocationEvent.java:311)
    at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:758)
    at java.awt.EventQueue.access$500(EventQueue.java:97)
    at java.awt.EventQueue$3.run(EventQueue.java:709)
    at java.awt.EventQueue$3.run(EventQueue.java:703)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:74)
    at java.awt.EventQueue.dispatchEvent(EventQueue.java:728)
    at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:205)
    at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:116)
    at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:105)
    at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101)
    at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:93)
    at java.awt.EventDispatchThread.run(EventDispatchThread.java:82)
rmhrisk commented 4 years ago

Looks like this is a case of unsupported ciphers? https://unmitigatedrisk.com/?p=543

YuryStrozhevsky commented 4 years ago

@sureshreddygovindu So, why you put the issue here, in PKIjs issues repository? Do you see any problems, related to PKIjs here? Can you prove it? All I can see is a trace from another software which cannot by unknown reason to read files. Report to the "keystore explorer tool".

YuryStrozhevsky commented 4 years ago

@sureshreddygovindu Just put it here: useful thread 1 useful thread 2 useful thread 3 useful thread 4

So, in conclusion: try to search for PKCS#12 issues in closed issues like I did.