Ability to verify certificate chains about keystore-explorer HOT 7 CLOSED

Which signature algorithm was that? RSASSA-PSS? The "stepped out of BC provider" part is only true for p12 files.

That feature would fit nicely in release 5.4 which will add verification of jar signatures. I'll consider it.

from keystore-explorer.

You read my mind :). It was indeed that one.

from keystore-explorer.

I've had this problem a couple of months ago at work. The verification code in Java (Certificate.verify()) assumes that the signature parameters are always empty which is not the case for PSS signatures.

from keystore-explorer.

Hmm you're making reopen the test project I happily closed couple of hours ago. I did step through both the java and BC code below that method. I didn't step in Java 's Signature instantiation which was throwing the algorithm not supported exception trusting it that it knew it didn't support it. BC did fail the signature and it looked an honest sig failure. Now I am going to see if I can use OpenSSL to peer-review that verification. So if I understand correctly what you're saying RSASSA-PSS is supported by JCE but the Certificate.verify() doesn't read it correctly? IIRC, it was using it's OID form as algorithm ID so I assumed it really doesn't know it. I already told the customer to go get another SSL cert from their CA because the signature is broken, I wonder if I was wrong...

from keystore-explorer.

JCA/JCE follows a plugin concept. If the BC provider is registered, then the OID for PSS is recognized by JCE and almost everything works. Except for code that is not generic enough to handle those new algorithms (like Certificate.verify()). But it is possible to verify PSS certificates in Java by using Signature.verify() (and manually reading out and setting the PSS parameters for verification).

That being said, I have never seen PSS certificates in the wild. And in my experience a lot of standard software (some relatively new Firefox versions for example) has problems with them.

from keystore-explorer.

Kai, thank you for the info on this. "openssl verify ..." passes just fine on the chain, as your info above has suggested. We do have BC registered at slot 2 in our server, but unfortunately for my customer the issue arises on SSL handshake when JSSE's handshaker verifies peer trust which uses the Java PKIX classes which in turn use the Certificate.verify() at one point. They will just get another SSL cert. Again, thanks for your help!

from keystore-explorer.

You're welcome!

from keystore-explorer.