search

phax / as2-lib

A generic Java AS2 library, servlet and server
107 stars 43 forks source link

Private Key is Null for public key #148

Closed prashantguleria closed 7 months ago

prashantguleria commented 7 months ago

Hi phax,

I have been trying to use as2 lib for my use case. I generated a key valur pair using the open SSL and using the pfx file as sender certificate.

  AS2ClientSettings settings = new AS2ClientSettings();
         settings.setSenderData("TEST", "sender@test.com", "TEST");
         settings.setKeyStore(EKeyStoreType.PKCS12, new File(keyStorePath), "test");
 // Receiver details
         settings.setReceiverData("RCVR", "RCVR", "https://prod-24.westus2.logic.azure.com:443/as2);
         X509Certificate receiverCertificate = AS2KeyStoreHelper.readX509Certificate(drg_file);
         settings.setReceiverCertificate(receiverCertificate);

However, while sending the library is trying to find the key file for the receiver certificate and I am getting an exception that key doesn't exist.

 All contained aliases are: [RCVR, TEST]
    at com.helger.as2lib.cert.AbstractCertificateFactory.getPrivateKey(AbstractCertificateFactory.java:454)
    at com.helger.as2lib.processor.sender.AS2SenderModule.secure(AS2SenderModule.java:594)
    at com.helger.as2lib.processor.sender.AS2SenderModule.handle(AS2SenderModule.java:1020)
    at com.helger.as2lib.client.AS2Client.sendSynchronous(AS2Client.java:474)
    at com.drogevate.NoeisAS2Connector.main(NoeisAS2Connector.java:107)
com.helger.as2lib.cert.AS2KeyNotFoundException: Alias 'RCVR' for Certificate '  [0]
prashantguleria commented 7 months ago

I went through other issues and it's possible duplicate of : https://github.com/phax/as2-lib/issues/106

I'm not sure but the issue is similar.

phax commented 7 months ago

Well, a keystore can contain "private keys" and "public certificates" besides other things. Are you sure one of them is a key. Use a tool like KeyStore Explorer (https://keystore-explorer.org/) and check the types of elements inside. Items with the icon grafik are private keys - that is what you need for your key (and signing). However, items with the icon grafik are public certificates and can only be used for encrypting for the receiver.

prashantguleria commented 7 months ago

Thanks for taking your time to look into this.

Yes, I am sure that the pfx contains both certificate and corresponding private key. Check the screenshot below.

Also, I am using the same "pem" file with only certificate in receiver certificate code :

image 
 // Receiver details
         settings.setReceiverData("RCVR", "RCVR", "https://prod-24.westus2.logic.azure.com:443/as2);
         X509Certificate receiverCertificate = AS2KeyStoreHelper.readX509Certificate(drg_file);
         settings.setReceiverCertificate(receiverCertificate);

However, when setting signAlgo this seems to go ahead without any issue.

settings.setEncryptAndSign(cryptAlgo, null);

After taking the suggestion from #106 I created a custom client and overriding getPrivateKey method, It's working fine.

Still I don't know if this is a good way forward.

Also, I wanted to ask if it's possible to add a custom alias to the certificate when creating a key store or setting a receiver certificate? When I checked the alias is fetched from friendly name present inside the 

Bag Attributes
    friendlyName: TEST
phax commented 7 months ago

Thanks for remining me also on #106. I adopted the changes accordingly and will create a 5.1.2 release on it. hth