старый пень, которого даже дети боятся (dyasya) wrote in ru_java,
старый пень, которого даже дети боятся
dyasya
ru_java

[SOLVED] javax.net.ssl.SSLException: java.lang.ArithmeticException: BigInteger: modulus not positive

Всем привет.
Впервые сталкиваюсь с таким $SUBJ.
Есть некий https-сервер строго с клиентской аутентификацией по сертификату. Повсюду RSA 2048 бит.

Исключение такое.
Exception in thread "main" javax.net.ssl.SSLException: java.lang.ArithmeticException: BigInteger: modulus not positive
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1903)
	at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1886)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1402)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
	at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
	at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
	at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1334)
	at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1309)
	at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:259)
	at tut.probuem.svoj.tls.HTTPSExperiment.main(HTTPSExperiment.java:798)
Caused by: java.lang.ArithmeticException: BigInteger: modulus not positive
	at java.math.BigInteger.modPow(BigInteger.java:2580)
	at sun.security.rsa.RSACore.crtCrypt(RSACore.java:183)
	at sun.security.rsa.RSACore.rsa(RSACore.java:122)
	at sun.security.rsa.RSASignature.engineSign(RSASignature.java:175)
	at java.security.Signature$Delegate.engineSign(Signature.java:1210)
	at java.security.Signature.sign(Signature.java:582)
	at sun.security.ssl.HandshakeMessage$CertificateVerify.(HandshakeMessage.java:1594)
	at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:1171)
	at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:369)
	at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
	at sun.security.ssl.Handshaker.process_record(Handshaker.java:965)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)



Вот так делаю SSLContext.
        KeyStore ks = KeyStore.getInstance("BouncyCastle", "BC");
        ks.load(null, null);
        ks.setCertificateEntry("crtClient", crtClient);
        ks.setKeyEntry("clientPvt", clientKeyPair.getPrivate(), new char[0], new X509Certificate[]{crtClient, crtMiddle, crtCA});
        KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
        kmf.init(ks, null);
        KeyManager[] km = kmf.getKeyManagers();

        KeyStore ts = KeyStore.getInstance("BouncyCastle", "BC");
        ts.load(null, null);
        ts.setCertificateEntry("root", crtCA);
        ts.setCertificateEntry("middle", crtMiddle);
        ts.setCertificateEntry("client", crtClient);
        TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
        tmf.init(ts);
        TrustManager[] tm = tmf.getTrustManagers();

        SSLContext sslcontext = SSLContext.getInstance("TLSv1.2");
        sslcontext.init(km, tm, null);



Вот так иду на нужный мне сервер.
        URL urlToConnect = new URL(serviceUrl);
        HttpsURLConnection.setDefaultSSLSocketFactory(sslcontext.getSocketFactory());
        HttpsURLConnection huc = (HttpsURLConnection) urlToConnect.openConnection();
        huc.setDoOutput(true);
        huc.setDoInput(true);
        huc.setRequestMethod("POST");
        huc.setRequestProperty("Content-type", "application/json");

        OutputStream os = huc.getOutputStream();
        os.write(jsonRequestBody.getBytes());
        os.close();


Исключение вылетает на huc.getOutputStream().


Гуглёж пока результатов не дал.
Кто может направить на путь истинный?


Надо отлаживать а не гуглить. :)

Вылечил так:
KeyStore ks = KeyStore.getInstance("PKCS12");//"BouncyCastle", "BC");
Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 0 comments