Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

PKCS#12 : DerInputStream.getLength() exception

Tags:

I generate a certificate using the keytool command:

keytool -genkeypair -alias myRSAKey -keyalg RSA -keysize 1024 -keystore test.p12 -storepass test -storetype pkcs12

Then if I try to load it using java security API, after getting the file as a byte[] :

KeyStore ks = KeyStore.getInstance("PKCS12"); try{    ks.load(new ByteArrayInputStream(data), "test".toCharArray()) } catch (Exception e){    ... }

I get a DerInputStream.getLength(): lengthTag=127, too big exception.

What is wrong?

like image 624
koni Avatar asked Sep 13 '11 08:09

koni

People also ask

What is PKCS for?

The Public-Key Cryptography Standards (PKCS) comprise a group of cryptographic standards that provide guidelines and application programming interfaces (APIs) for the usage of cryptographic methods. As the name PKCS suggests, these standards put an emphasis on the usage of public key (that is, asymmetric) cryptography.

What is PKCS format?

PKCS#12 (also known as PKCS12 or PFX) is a binary format for storing a certificate chain and private key in a single, encryptable file. PKCS#12 files are commonly used to import and export certificates and private keys on Windows and macOS computers, and usually have the filename extensions .

What is a PKCS token?

A PKCS#11 token is a software or hardware interface to a Public-Key Cryptography Standards (PKCS) 11-compliant security database in which digital certificates and keys can be stored.

Is PKCS12 safe?

PKCS12 (aka PFX) files, on the other hand, are language-neutral and is more secure and has been around long enough that it's supported just about everywhere.

1 Answers

I had this problem and I've searched the depths of google and still couldn't find the answer. After some days battling with a terrible quality legacy code, I found what was causing this error.

KeyStore.load(InputStream is, String pass);

this method takes an InputStream and if there's any problem with such InputStream, this exception is thrown, some problems that I've encountered:

  • The InputStream points to the wrong / blank / just created file
  • The InputStream is already open or something else is holding the resource
  • The InputStream was already used and read, thus the position of the next byte of InputStream is it's end

The last one was the responsible for my problem. The code was creating an InputStream from a certificate, and proceeding to use it in two KeyStore.load() calls, the first one was successful, the second one always got me this error.

like image 101
ibrabeicker Avatar answered Sep 20 '22 06:09

ibrabeicker
Sign in to Comment

Related questions

Where can I find a decent transparent ajax spinner? [closed]
Strange bug in usage of abs() I encountered recently
c# select text from messagebox.show popup
ASP.net MVC 3 jQuery Validation; Disable Unobtrusive OnKeyUp?
R: matrix by vector multiplication
can't java unchecked exceptions be handled using try/catch block?
Redirect Devise before_filter :authenticate_user to sign in path
How do you get Amazon's ELB with HTTPS/SSL to work with Web Sockets?
How do i do an update statement where a condition
pretty print to a file in ruby
How to change logback log level programmatically in Java? [duplicate]
Android: How to get kernel logs after kernel panic?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!