?
Solved

Invalid Key Exception CipherMail

Posted on 2003-03-04
37
Medium Priority
?
436 Views
Last Modified: 2012-05-05
Hi,
I'm getting the following error message when I run an application called CipherMail.(Knudsen-Java Cryptography)

encrypt:java.security.InvalidKeyException:InitSign error:
Java.lang.NullpointerException

It seems as if the public key that I've generated is OK but the private key which is used to sign session keys may be invalid for some reason.

Any ideas , suggestions would be greatly appreciated.:-}
0
Comment
Question by:JavaStarter
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 19
  • 18
37 Comments
 
LVL 35

Expert Comment

by:girionis
ID: 8067647
 It seems to me that you get a reference that points to null. Can you post the fragment of code that throws the exception and the whole stack trace?
0
 

Author Comment

by:JavaStarter
ID: 8067975
How do I output the Stack trace, I'm using NT?

 setStatus("Signing the message....." ) ;
                 
 Signature s = Signature.getInstance("md5/RSA");//ElGamal
         
 s.initSign(ourPrivateKey);
0
 
LVL 35

Expert Comment

by:girionis
ID: 8068120
 Just wrap your code in a try.. .catch block. If your exception is called "e" do a e.printStackTrace();

>Signature s = Signature.getInstance("md5/RSA");//ElGamal
>
>s.initSign(ourPrivateKey);

  Do any of the above lines throw the exception?
0
Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

 

Author Comment

by:JavaStarter
ID: 8070913
This is the stack trace.

encrypt: java.security.InvalidKeyException: InitSign error:java.lang.NullPointerException
java.security.InvalidKeyException: InitSign error: java.lang.NullPointerException

        at iaik.security.rsa.RSASignature.engineInitSign(Un
        at java.security.Signature.initSign(Unknown Source)
        at CipherMail.encrypt(CipherMail.java:169)
        at CipherMail.sendMessage(CipherMail.java:108)
        at Composer.actionPerformed(Composer.java:36)
        at java.awt.Button.processActionEvent(Unknown Sourc
        at java.awt.Button.processEvent(Unknown Source)
        at java.awt.Component.dispatchEventImpl(Unknown Sou
        at java.awt.Component.dispatchEvent(Unknown Source)
        at java.awt.EventQueue.dispatchEvent(Unknown Source
0
 
LVL 35

Expert Comment

by:girionis
ID: 8070944
 Can you post these lines:

at CipherMail.encrypt(CipherMail.java:169)
at CipherMail.sendMessage(CipherMail.java:108)
at Composer.actionPerformed(Composer.java:36)

  One of them is trying to work with a null object.
0
 

Author Comment

by:JavaStarter
ID: 8070976
Complete Stacktrace

encrypt: java.security.InvalidKeyException
: InitSign error:java.lang.NullPointerException
java.security.InvalidKeyException: InitSign error
: java.lang.NullPointerException

        at iaik.security.rsa.RSASignature.engineInitSign(Un
        at java.security.Signature.initSign(Unknown Source)
        at CipherMail.encrypt(CipherMail.java:169)
        at CipherMail.sendMessage(CipherMail.java:108)
        at Composer.actionPerformed(Composer.java:36)
        at java.awt.Button.processActionEvent(Unknown Sourc
        at java.awt.Button.processEvent(Unknown Source)
        at java.awt.Component.dispatchEventImpl(Unknown Sou
        at java.awt.Component.dispatchEvent(Unknown Source)
        at java.awt.EventQueue.dispatchEvent(Unknown Source
        at java.awt.EventDispatchThread.pumpOneEventForHier
        archy(Unknown Source)
       
        at java.awt.EventDispatchThread.pumpEventsForHier
        archy(Unknown Source)
       
        at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
       
        at java.awt.EventDispatchThread.run(Unknown Source)
       





0
 

Author Comment

by:JavaStarter
ID: 8071077
at CipherMail.encrypt(CipherMail.java:169)
169   cipher.init(Cipher.ENCRYPT_MODE, theirPublicKey);


at CipherMail.sendMessage(CipherMail.java:108)

public void sendMessage(Message m, String remoteName) {
106      try {
107     String host = mPreferences.getProperty("SMTP");
108    String email = mPreferences.getProperty("Email");

at Composer.actionPerformed(Composer.java:36)

36 mCipherMail.sendMessage(m, mKeyChoice.getSelectedIte());
           // Clean up. 37
          dispose();     //38
     
0
 
LVL 35

Expert Comment

by:girionis
ID: 8071164
 Can you make sure that the objects you are trying to pass are not null? Can you do a System.out.println("m: " + m); and System.out.println("mkeyCHoice: " + mKeyChoice.getSelectedIte()); before the mCipherMail.sendMessage(m, mKeyChoice.getSelectedIte()); line?

  Can you also make suer that the "mail" variable is nto null by doing a: System.out.println("email: " + mPreferences.getProperty("Email")); before this line: String email = mPreferences.getProperty("Email");

  Can you also do the same for the " theirPublicKey" variable and let us know the result?
0
 

Author Comment

by:JavaStarter
ID: 8071277
Heres the results of those print statements:

m:Message@4c1103
mkeychoice: John
email: john1234567@hotmail.com
TheirPublicKey: com.sun.rsajca.JSA_RSAPublicKey@231e1b

0
 

Author Comment

by:JavaStarter
ID: 8071427
Heres the results of those print statements:

m:Message@4c1103
mkeychoice: John
email: john1234567@hotmail.com
TheirPublicKey: com.sun.rsajca.JSA_RSAPublicKey@231e1b

0
 
LVL 35

Expert Comment

by:girionis
ID: 8071512
 Weird, I'd expect at least one of the variables to be null.

  I am stuck atm. Can you try recreating the keys and try again?
0
 

Author Comment

by:JavaStarter
ID: 8071696
Heres some code from the Keymanager class that generates public private key pairs.

 public static KeyManager getInstance(String file)
      throws IOException, ClassNotFoundException {
   ObjectInputStream in = new ObjectInputStream(new FileInputStream(file));
    KeyManager km = (KeyManager)in.readObject();
    in.close();
    km.mKeyFile = file;
    return km;
  }

Could it have something to do with using ObjectInputStream
- program creating an object ref when there isnt an object?
How do u use FileInputstream alone/ without ObjectInputStream?
0
 
LVL 35

Expert Comment

by:girionis
ID: 8071758
 Assuming that the object has been serialized properly you shouldn't have any problems. Can you check if the km is null? Could it be possible that any of the exceptions are thrown?
0
 

Author Comment

by:JavaStarter
ID: 8072354
No, none of the exceptions are thrown. Actually, the fact that the public and private keys print out ok implies that the ObjectInputstream is probably ok.!
0
 
LVL 35

Expert Comment

by:girionis
ID: 8072411
 The problem is with your initiSign. You call it/it is called with a null parameter and therefore I assume that your private key is null. Can you check it?
0
 
LVL 35

Expert Comment

by:girionis
ID: 8072423
 Just do a System.out.println(ourPrivateKey); before the call of the initSign.
0
 

Author Comment

by:JavaStarter
ID: 8072561
Thanks for all your help girionis.
I generated another key pair and imported its private key into my key file.This is because I should be using someone elses public key to encrypt a message. Now when I run the program I'm getting a classcastException : java.lang.string
at security.KeyManager.getInstance(KeyManager.java:81)

0
 
LVL 35

Expert Comment

by:girionis
ID: 8072605
 Are you trying to cast the key to a type String?
0
 

Author Comment

by:JavaStarter
ID: 8072733
No heres the method getInstance

public static KeyManager getInstance(String file)//java 81
     throws IOException, ClassNotFoundException {
  ObjectInputStream in = new ObjectInputStream(new FileInputStream(file));
   KeyManager km = (KeyManager)in.readObject();
   in.close();
   km.mKeyFile = file;
   return km;
 }

Could it be the ObjectInputstream?
0
 
LVL 35

Expert Comment

by:girionis
ID: 8072859
 We need to find out the type of the object the ObjectOutputStream returns.

  Can you change your code slightly:

public static KeyManager getInstance(String file)//java 81
    throws IOException, ClassNotFoundException {
 ObjectInputStream in = new ObjectInputStream(new FileInputStream(file));
  //KeyManager km = (KeyManager)in.readObject();
  Object o = in.readObject();
  System.out.println("class read from stream: " + o.getClass())
  in.close();
  //km.mKeyFile = file;
  //return km;

  return null;
}

  Don't worry about the return null; I just put it there in order for the class to compile properly. This is just a test.
0
 

Author Comment

by:JavaStarter
ID: 8073098
OK, class read from stream :class java.lang.String
There is a NullPointerException now , as opposed to the previous Classcastexception.

     at CipherMail(36)
 setStatus("Welcome to " + kBanner + ", " +

mKeyManager.getName() + ".") ;  // 36
     }

and at CipherMail (371)

public static void main(String[] args) throws Exception {

          String preferencesFile = "preferences";
       if (args.length > 0) preferencesFile = args[0];
          new CipherMail(preferencesFile); //371
     }
}
0
 
LVL 35

Expert Comment

by:girionis
ID: 8073322
 The object you read is of type String and therefore you cannot cast it to KeyManager, that's why you get the ClassCastException. You can only cast objects to their own type. This makes me think that the mKeyManager would be invalid or null, since you did not manage to read it properly from the stream. Can you do a:

  System.out.println("mKeyManager: " + mKeyManager);

  at CipherMail before the setStatus method?
0
 
LVL 35

Expert Comment

by:girionis
ID: 8073345
> There is a NullPointerException

  This is because we return null at the end of the statement. But this is just a test, so do not worry about it right now. We need to find a way to reconstruct the object properly.
0
 

Author Comment

by:JavaStarter
ID: 8073706
Putting the print statement b4 the setstatus message had no effect so I placed it further up the program in the actual Ciphermail method. The output was:

mKeyManager: null

along with the usual exception in thread main classcastexcept
0
 
LVL 35

Expert Comment

by:girionis
ID: 8075849
 Is the mKeyManager what you get from the public static KeyManager getInstance(String file)? If yes then you will never get a proper instance since you try to create a KeyManager form a String object and you will always be getting the ClassCastException. I am afraid you will have to find another way to do it. It is imperative to make sure that when you deserialize the file you get the exact same type as the one when you serialized it.
0
 

Author Comment

by:JavaStarter
ID: 8079377
The code should really work,its from Knudsen's Java Cryptography.
http://examples.oreilly.com/javacrypt/files/oreilly/jonathan/security/

It's weird because when I was only using my own public-private key pair the public key seemed to deserialise ok since I got an error message later in the program. I'll keep trying, maybe I can cast the inputstream to an object and then cast the object to a keymanager??

Thanks for all your help girionis :-)
0
 
LVL 35

Expert Comment

by:girionis
ID: 8079535
 I really think that they is nothing wrong with your java code. It is just that you expect a KeyManager object and instead you get a String object. You need to use a proper serialized KeyManager object. How do you obtain the serialized file? Do you do it yourself or you get it ready from somewhere else?
0
 

Author Comment

by:JavaStarter
ID: 8079743
I call the keymanager class from a Ciphermail class.

http://netwk.hannam.ac.kr/data/java_info/chap11.ppt.

http://www.google.ie/search?q=cache:gx0MdZsc_hoC:netwk.hannam.ac.kr/data/java_info/chap11.ppt+ciphermail.class&hl=en&ie=UTF-8

The KeyManager getInstance method takes a string as input.
The string, say "keys.ser", represents a file where a Keymanager is located. it is then up to the getInstance method to read this file (deserialise) and reconstruct a KeyManager object????????????
0
 
LVL 35

Expert Comment

by:girionis
ID: 8079882
 Then there are two things that could be happening.

1) The "keys.cer" file you are reading is invalid

2) The "keys.cer" file you are reading contains more data that you might not be reading.

  In case of the 1) nothign can be doen I am afraid, apart form obtainign a proper .cer file. In case of the 2) then you simply have to read more data:

public static KeyManager getInstance(String file)//java 81
    throws IOException, ClassNotFoundException {
 ObjectInputStream in = new ObjectInputStream(new FileInputStream(file));

  // Read the first string object
  String s = (String) in.readObject();

  //KeyManager km = (KeyManager)in.readObject();
  // Read the second object.
  Object o = in.readObject();
  System.out.println("type: " + o.getClass());
  in.close();
  //km.mKeyFile = file;
  //return km;
  return null;
}

  Can you try the following and tell me what the output is?
0
 

Author Comment

by:JavaStarter
ID: 8080293
OK the result of that print statement is

type: class com.sun.rsajca.JSA_RSAPublickey

I also put in a print statement after in.close()
   System.out.println("type string: " + s) ;

The result of which is :

type: string jimmy

jimmy is the name of one of the public keys in the keymanager class. Basically I generated a public-private key pair (my key pair)in Keys.ser the Keymanager class. I then imported jimmy's public key into this keymanager class 'key.ser'. Therefore in my keymanager class there's my key pair and jimmy's public key , so the output of the above statements is strange, maybe only jimmys key is the only one in the Keymanager class?

Once again, thanks girionis:-).
0
 

Author Comment

by:JavaStarter
ID: 8080366
OK the result of that print statement is

type: class com.sun.rsajca.JSA_RSAPublickey

I also put in a print statement after in.close()
   System.out.println("type string: " + s) ;

The result of which is :

type: string jimmy

jimmy is the name of one of the public keys in the keymanager class. Basically I generated a public-private key pair (my key pair)in Keys.ser the Keymanager class. I then imported jimmy's public key into this keymanager class 'key.ser'. Therefore in my keymanager class there's my key pair and jimmy's public key , so the output of the above statements is strange, maybe only jimmys key is the only one in the Keymanager class?

Once again, thanks girionis:-).
0
 
LVL 35

Expert Comment

by:girionis
ID: 8080785
 Well I am not sure what's in the .cer file, that's for sure. In your KeyManager class should be whatever is in the .cer file since you create the KeyManager from the data read from the file. The thing is that you have to read the serialized objects in the exact same order as you put them in the file. So there might be more objects down the line that you do not know. I suggest you try to read all of them till you get an exception and try to see their type.

  Just do a:

public static KeyManager getInstance(String file)//java 81
   throws IOException, ClassNotFoundException {
ObjectInputStream in = new ObjectInputStream(new FileInputStream(file));
 
  Object o = in.readObject();

  while (o != null)
  {
    System.out.println("type: " + o.getClass());
    o = in.readLine();
  }
 
 in.close();
 //km.mKeyFile = file;
 //return km;
 return null;
}

  By doign this you can find out all the objects serialized in the file.
0
 

Author Comment

by:JavaStarter
ID: 8081251
Ok, I've created new key pairs and a private key. I've managed to import the private key successfully. The keymanager class is working ok because there is a method to print out the contents of Keys.ser and it says that my public key pair and jimmys private key are in it.

So basically I'm back to square one. I'm now getting a initsign error , nullpointer exception, invalidkey exception. When I do a KeyManager print statement I get :
richard[1] which seems ok, when i do a theirpublic key print statement i get :com.sun.rsajca.JSA_RSAPrivateKey@118c1 which also seems ok , when I do a Ourprivatekey print statement that seems ok and when I print out the variable s from

Sinature s= = Signature.getInstance("md5/RSA");//ElGamal

I get s:Signatureobject: MD5 with RSA<not initialised>

which also seems ok.

Ultimately the line
s.initSign(ourPrivateKey);  
seems to be causing the errors which is weird because none of the variables are null!!!!!
0
 
LVL 35

Expert Comment

by:girionis
ID: 8081964
 Sorry I hve run out of ideas. I thought the problem was the ClassCastException but it's obviously not. Since the "s" object is not null and the "ourPrivateKey" is also not null then I really do not know what else could be happening. What I suggest is:

  Could the following:

 Signature.getInstance("md5/RSA");

  be

  Signature.getInstance("MD5/RSA"); Would it change anything?

  The last thing I have to say is that since you are getting also an InvalidKey exception your private key, with which you try to initialise your Signature object, could be invalid. Maybe if you could do a fresh install from scratch woudl help, but not sure.
0
 

Author Comment

by:JavaStarter
ID: 8082394
Changing md5 to MD5 had no effect. I've run the program a number of times with 2 print statements printing the values of Theirpublic key and Ourpublickey.

e.g. TheirPublicKey: com.sun.rsajca.JSA_RSAPublicKey@231e1b

 OurprivateKey: com.sun.rsajca.JSA_RSAPrivateKey@394894

Both values change (the number following the @) or one of the values change each time the program is run, they should be the same every time. It's strange that the program is reading different values.????
0
 
LVL 35

Accepted Solution

by:
girionis earned 800 total points
ID: 8082895
 This is normal behaviour. When you deserialize the data and load it into a variable then you allocate a new memory location (the content stays the same though), that's why you get different numbers after the @ symbol. Everytime you will load the data from the serialized object the number will be changing.
0
 
LVL 35

Expert Comment

by:girionis
ID: 8110348
 Thank you :-) Did you find a solution/workaround to your original problem though?
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction Java can be integrated with native programs using an interface called JNI(Java Native Interface). Native programs are programs which can directly run on the processor. JNI is simply a naming and calling convention so that the JVM (Java…
Introduction This article is the last of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article covers our test design approach and then goes through a simple test case example, how …
Viewers will learn about arithmetic and Boolean expressions in Java and the logical operators used to create Boolean expressions. We will cover the symbols used for arithmetic expressions and define each logical operator and how to use them in Boole…
Viewers will learn about basic arrays, how to declare them, and how to use them. Introduction and definition: Declare an array and cover the syntax of declaring them: Initialize every index in the created array: Example/Features of a basic arr…
Suggested Courses

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question