Skip to main content

Regression, Could not create EC public key, with test case

No replies
primetomas
Offline
Joined: 2006-08-16

Hi, we have found what seems to be a regression in openjdk6.

the underlying error we get is when parsing an X.509 certificate with an EC public key:
-----
Caused by: java.io.IOException: subject key, Could not create EC public key
at sun.security.x509.X509Key.parse(X509Key.java:174)
at sun.security.x509.CertificateX509Key.(CertificateX509Key.java:75)
at sun.security.x509.X509CertInfo.parse(X509CertInfo.java:705)
at sun.security.x509.X509CertInfo.(X509CertInfo.java:169)
... 23 more
-----

We have created a trivial JUnit test with the certificate that fail. The test works on:
-----
OpenJDK Runtime Environment (IcedTea6 1.4.1) (6b14-1.4.1-0ubuntu11)
OpenJDK 64-Bit Server VM (build 14.0-b08, mixed mode)
-----

The test fails on:
-----
OpenJDK Runtime Environment (IcedTea6 1.6.1) (6b16-1.6.1-1ubuntu3)
OpenJDK 64-Bit Server VM (build 14.0-b16, mixed mode)
-----

Interestingly enough it works also in the later case if the BouncyCastle provider is installed.

The JUnit test case:
-----
package org.ejbca.util;

import java.io.ByteArrayInputStream;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;

import junit.framework.TestCase;

public class TestEC extends TestCase {
private static byte[] testcert = Base64
.decode(("MIIBgDCCATigAwIBAgIIOUMG0dGnn/gwCQYHKoZIzj0EATAlMSMwIQYDVQQDDBpU"
+ "ZXN0RXhwb3J0UmVtb3ZlUmVzdG9yZUNBMTAeFw0wOTExMDUwODQ2MDhaFw0xMDEx"
+ "MDUwODQ2MDhaMCUxIzAhBgNVBAMMGlRlc3RFeHBvcnRSZW1vdmVSZXN0b3JlQ0Ex"
+ "MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEdHtDXsK9M6MmTfZrV+X8i/RQ0gQh"
+ "o9znC7ZU1+XBCHphTGTyVe7nUqYugZbImzEmo2MwYTAdBgNVHQ4EFgQUAjAKBOnM"
+ "i+/6bl3TaFsEoHvP468wDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBQCMAoE"
+ "6cyL7/puXdNoWwSge8/jrzAOBgNVHQ8BAf8EBAMCAYYwCQYHKoZIzj0EAQM3ADA0"
+ "AhgmwQfBZhkwJYJqkDEpDJMasCZ6363eFLsCGG7BAeYe2RkKZ2ZqTTarB6TG/ILm"
+ "B7bVWQ==").getBytes());

public void testECCert() throws Exception {
//Security.addProvider(new BouncyCastleProvider());
try {
CertificateFactory cf = CertificateFactory.getInstance("X.509", "SUN");
Certificate cert = cf.generateCertificate(new ByteArrayInputStream(testcert));
} catch (CertificateException e) {
e.printStackTrace();
}
}
}
-----