Loading...

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 3.0.12.Final
Affects Version/s: 3.0.4.Final
Component/s: None
Labels:
None

Steps to Reproduce:
Hide

Client side

//encrypt SomeJSON (simple POJO) EnvelopedOutput output = new EnvelopedOutput(new SomeJSON("test"), MediaType.APPLICATION_JSON_TYPE); output.setCertificate(<certificate>); //sign encrypted SomeJSON SignedOutput signed = new SignedOutput(output, "application/pkcs7-mime"); signed.setCertificate(<certificate>); signed.setPrivateKey(<privateKey>); Response res = target.request().post(Entity.entity(signed,"multipart/signed"));

Server side

@POST @Path("/{somepath}") public SignedOutput status(@PathParam("somepath") final String somepath,SignedInput<EnvelopedInput<SomeJSON>> input) throws Exception { //get encrypted content - it is OK final EnvelopedInput<SomeJSON> envelop = input.getEntity(); //verify signature - it is OK if (!input.verify(<certificate>)) throw new WebApplicationException(500); //encrypt content - FAILED final SomeJSON someJSON = envelop.getEntity(<privateKey>,<certificate>); ...... }

The 'envelop.getEntity(<privateKey>,<certificate>)' method fails with:

stacktrace

17:25:31,888 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[default-host].[/edc-rest-service-0.0.1].[com.testapp.edc.rest.service.EDCApplication]] (http-localhost-127.0.0.1-8080-1) Servlet.service() for servlet com.testapp.edc.rest.service.EDCApplication threw exception: org.jboss.resteasy.spi.UnhandledException: java.lang.RuntimeException: org.bouncycastle.cms.CMSException: Malformed content. at org.jboss.resteasy.core.ExceptionHandler.handleApplicationException(ExceptionHandler.java:76) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.ExceptionHandler.handleException(ExceptionHandler.java:212) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.writeException(SynchronousDispatcher.java:149) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:372) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:179) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:220) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) [resteasy-jaxrs-3.0.4.Final.jar:] at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:] at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:62) [weld-core-1.1.5.AS71.Final.jar:2012-02-10 15:31] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161) [jbossweb-7.0.13.Final.jar:] at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:] at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:] at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:] at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:] at java.lang.Thread.run(Unknown Source) [rt.jar:1.6.0_27] Caused by: java.lang.RuntimeException: org.bouncycastle.cms.CMSException: Malformed content. at org.jboss.resteasy.security.smime.EnvelopedInputImpl.getEntity(EnvelopedInputImpl.java:166) [resteasy-crypto-3.0.4.Final.jar:] at org.jboss.resteasy.security.smime.EnvelopedInputImpl.getEntity(EnvelopedInputImpl.java:123) [resteasy-crypto-3.0.4.Final.jar:] at com.testapp.edc.rest.service.EDCRestService.status(EDCRestService.java:87) [classes:] at com.testapp.edc.rest.service.EDCRestService$Proxy$_$$_WeldClientProxy.status(EDCRestService$Proxy$_$$_WeldClientProxy.java) [classes:] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.6.0_27] at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) [rt.jar:1.6.0_27] at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) [rt.jar:1.6.0_27] at java.lang.reflect.Method.invoke(Unknown Source) [rt.jar:1.6.0_27] at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:137) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:280) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:234) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:221) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:356) [resteasy-jaxrs-3.0.4.Final.jar:] ... 21 more Caused by: org.bouncycastle.cms.CMSException: Malformed content. at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source) [bcmail-jdk16-1.46.jar:1.46.0] at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source) [bcmail-jdk16-1.46.jar:1.46.0] at org.bouncycastle.cms.CMSEnvelopedData.<init>(Unknown Source) [bcmail-jdk16-1.46.jar:1.46.0] at org.bouncycastle.mail.smime.SMIMEEnveloped.<init>(Unknown Source) [bcmail-jdk16-1.46.jar:1.46.0] at org.jboss.resteasy.security.smime.EnvelopedInputImpl.getEntity(EnvelopedInputImpl.java:156) [resteasy-crypto-3.0.4.Final.jar:] ... 33 more Caused by: java.lang.IllegalArgumentException: unknown object in factory: org.bouncycastle.asn1.DERApplicationSpecific at org.bouncycastle.asn1.cms.ContentInfo.getInstance(Unknown Source) [bcprov-jdk16-1.46.jar:1.46.0] ... 38 more
Show
Client side //encrypt SomeJSON (simple POJO) EnvelopedOutput output = new EnvelopedOutput( new SomeJSON( "test" ), MediaType.APPLICATION_JSON_TYPE); output.setCertificate(<certificate>); //sign encrypted SomeJSON SignedOutput signed = new SignedOutput(output, "application/pkcs7-mime" ); signed.setCertificate(<certificate>); signed.setPrivateKey(<privateKey>); Response res = target.request().post(Entity.entity(signed, "multipart/signed" )); Server side @POST @Path( "/{somepath}" ) public SignedOutput status(@PathParam( "somepath" ) final String somepath,SignedInput<EnvelopedInput<SomeJSON>> input) throws Exception { //get encrypted content - it is OK final EnvelopedInput<SomeJSON> envelop = input.getEntity(); //verify signature - it is OK if (!input.verify(<certificate>)) throw new WebApplicationException(500); //encrypt content - FAILED final SomeJSON someJSON = envelop.getEntity(<privateKey>,<certificate>); ...... } The 'envelop.getEntity(<privateKey>,<certificate>)' method fails with: stacktrace 17:25:31,888 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[ default -host].[/edc- rest -service-0.0.1].[com.testapp.edc. rest .service.EDCApplication]] (http-localhost-127.0.0.1-8080-1) Servlet.service() for servlet com.testapp.edc. rest .service.EDCApplication threw exception: org.jboss.resteasy.spi.UnhandledException: java.lang.RuntimeException: org.bouncycastle.cms.CMSException: Malformed content. at org.jboss.resteasy.core.ExceptionHandler.handleApplicationException(ExceptionHandler.java:76) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.ExceptionHandler.handleException(ExceptionHandler.java:212) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.writeException(SynchronousDispatcher.java:149) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:372) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:179) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:220) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) [resteasy-jaxrs-3.0.4.Final.jar:] at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:] at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:62) [weld-core-1.1.5.AS71.Final.jar:2012-02-10 15:31] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161) [jbossweb-7.0.13.Final.jar:] at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:] at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:] at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:] at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:] at java.lang. Thread .run(Unknown Source) [rt.jar:1.6.0_27] Caused by: java.lang.RuntimeException: org.bouncycastle.cms.CMSException: Malformed content. at org.jboss.resteasy.security.smime.EnvelopedInputImpl.getEntity(EnvelopedInputImpl.java:166) [resteasy-crypto-3.0.4.Final.jar:] at org.jboss.resteasy.security.smime.EnvelopedInputImpl.getEntity(EnvelopedInputImpl.java:123) [resteasy-crypto-3.0.4.Final.jar:] at com.testapp.edc. rest .service.EDCRestService.status(EDCRestService.java:87) [classes:] at com.testapp.edc. rest .service.EDCRestService$Proxy$_$$_WeldClientProxy.status(EDCRestService$Proxy$_$$_WeldClientProxy.java) [classes:] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.6.0_27] at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) [rt.jar:1.6.0_27] at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) [rt.jar:1.6.0_27] at java.lang.reflect.Method.invoke(Unknown Source) [rt.jar:1.6.0_27] at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:137) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:280) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:234) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:221) [resteasy-jaxrs-3.0.4.Final.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:356) [resteasy-jaxrs-3.0.4.Final.jar:] ... 21 more Caused by: org.bouncycastle.cms.CMSException: Malformed content. at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source) [bcmail-jdk16-1.46.jar:1.46.0] at org.bouncycastle.cms.CMSUtils.readContentInfo(Unknown Source) [bcmail-jdk16-1.46.jar:1.46.0] at org.bouncycastle.cms.CMSEnvelopedData.<init>(Unknown Source) [bcmail-jdk16-1.46.jar:1.46.0] at org.bouncycastle.mail.smime.SMIMEEnveloped.<init>(Unknown Source) [bcmail-jdk16-1.46.jar:1.46.0] at org.jboss.resteasy.security.smime.EnvelopedInputImpl.getEntity(EnvelopedInputImpl.java:156) [resteasy-crypto-3.0.4.Final.jar:] ... 33 more Caused by: java.lang.IllegalArgumentException: unknown object in factory: org.bouncycastle.asn1.DERApplicationSpecific at org.bouncycastle.asn1.cms.ContentInfo.getInstance(Unknown Source) [bcprov-jdk16-1.46.jar:1.46.0] ... 38 more

Hi,

I have created a small rest service, which receives an SMIME encrypted and signed request.
In the examples I found a similar one, which is decrypts and verifies a request, but in my
case the order is different: first I encrypt the base JSON message, and then sign it.
In the original examle the first step is the signing and then comes the encrytion, and this
one is working fine. My example (JSON->encryption->signing) produces different exceptions on
receiver side after signature verification, when I'm trying to decrypt it.

Tested cases (client - server):

sign - verify = OK
encrypt - decrypt = OK
sign+encrypt - decrypt-verify = OK
encrypt+sign - verify-decrypt = FAILED

Regards,
Tamás

Details

Description

Attachments

Easy Agile Planning Poker

Activity

People

Dates