Skip to main content

JXSE 2.6 RC 1 Issue with PSE

7 replies [Last post]
borysd
Offline
Joined: 2009-11-22
Points: 0

After upgrading from 2.6-pre-alpha3 to 2.6 RC 1 getting the following exception:

WARNING: Line 583 net.jxta.impl.membership.pse.PSEUtils.pkcs5_Decrypt_pbePrivateKey()
Incorrect key for javax.crypto.EncryptedPrivateKeyInfo@7d20b2da :
java.security.spec.InvalidKeySpecException: Cannot retrieve the PKCS8EncodedKeySpec
Line -1 javax.crypto.EncryptedPrivateKeyInfo.getKeySpec()
Line 575 net.jxta.impl.membership.pse.PSEUtils.pkcs5_Decrypt_pbePrivateKey()
Line 206 net.jxta.impl.membership.pse.StringAuthenticator.isReadyForJoin()
.....

Did anybody experience this? What can be a problem?

Thank you.

Borys

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
borysd
Offline
Joined: 2009-11-22
Points: 0

Hi Jérôme,

I tired psesample from tutorial and it has the same problem

java.security.spec.InvalidKeySpecException: Cannot retrieve the PKCS8EncodedKeySpec
Line -1 javax.crypto.EncryptedPrivateKeyInfo.getKeySpec()
Line 575 net.jxta.impl.membership.pse.PSEUtils.pkcs5_Decrypt_pbePrivateKey()
Line 206 net.jxta.impl.membership.pse.StringAuthenticator.isReadyForJoin()
Line 1313 tutorial.psesample.SwingUI.invitationPasswordFieldKeyReleased()

To run this sample I needed to change Main.java a bit as it was throwing ClassCastException

This part of code is where I made changes

Map services = params.getServices();

/* ModuleImplAdvertisement aModuleAdv = (ModuleImplAdvertisement) services.get(PeerGroup.membershipClassID);
*/
services.remove(PeerGroup.membershipClassID);

ModuleImplAdvertisement implAdv = (ModuleImplAdvertisement) AdvertisementFactory.newAdvertisement(
ModuleImplAdvertisement.getAdvertisementType());

implAdv.setModuleSpecID(PSEMembershipService.pseMembershipSpecID);
implAdv.setCompat(newGroupImpl.getCompat()/*aModuleAdv.getCompat()*/);
implAdv.setCode(PSEMembershipService.class.getName());
implAdv.setUri(newGroupImpl.getUri()/*aModuleAdv.getUri()*/);
implAdv.setProvider(newGroupImpl.getProvider()/*aModuleAdv.getProvider()*/);
implAdv.setDescription("PSE Membership Service");

After I run this example I select "Create Self-Invitation". Then when I type anything in "Invitation Password" field it throws this exception.

Something like this works
PrivateKey key = PSEUtils.pkcs5_Decrypt_pbePrivateKey("topsecret".toCharArray(), PSE_SAMPLE_GROUP_ROOT_CERT.getPublicKey().getAlgorithm(), PSE_SAMPLE_GROUP_ROOT_ENCRYPTED_KEY);

Borys

adamman71
Offline
Joined: 2007-01-31
Points: 0

Hi Borys,

I have tried to replicate your issue, but I did not manage to replicate it. I tried to follow your instructions with the PSE tutorial example (which in my honest opinion we should get rid of and replace it with a better one). I hate the GUI interface and never managed to make it work properly.

In the mean time, I have crafted another test with the proper AccessService implementation. It works for me. I have attached the zip file. I have tested it with 2.6 RC1 code (REM: with the current AlwaysAccessService, no bug is triggered, which makes sense, but that is not what we want).

I will surely create a patch to correct that PSE AccessService issue and I will include this new example in tutorial code.

If you have a complete code sample to replicate your issue, can you attach it here?

Thanks,

Jérôme

borysd
Offline
Joined: 2009-11-22
Points: 0

Thank you, Jérôme.

Your code works for me. Need to see what is the difference with my code. It's strange that you are not getting exception with psesample though.

Borys

adamman71
Offline
Joined: 2007-01-31
Points: 0

I am not saying that there is no issue with the psesample, all I am saying is I don't know how to replicate your issue with it.

adamman71
Offline
Joined: 2007-01-31
Points: 0

Hi Boris,

I don't know what code you are using, so I am going to make a wild guess.

In 2.5, the NetPeerGroup was created with the PSEMembership service, but now this has been changed to the NoneMembershipService (between beta 2 and RC1) since according to the specs, the WPG and the NPG should welcome any peer.

May this could have an impact on your issue. Do you have a code example to replicate this?

Thanks,

Jérôme

borysd
Offline
Joined: 2009-11-22
Points: 0

Ok, I see the difference, NetPeerGroup has NoneMembershipService now. This is created in my app and everything is ok. Then I try to create and log in another group which is a child of NetPeerGroup and which has PSEMembershipService and it fails to log in there. What should I do to fix it?

Thank you.

adamman71
Offline
Joined: 2007-01-31
Points: 0

Mmmm... I am currently taking a look at it.

I don't know how you create your new group, but if you use the StdPeerGroup.getDefaultModuleImplAdvertisement() method, the accessClassID is set to refAccessSpecID, which is set to AlwaysAccessService in net.jxta.platform.Module. I think this is a bug, because you would want to use the PSEAccessService with the PSEMembershipService.

I am running tests to find out.