tags:

views:

55

answers:

1
Q: 

PKCS10CertificationRequest creation on android

Hello:

I'm very new to android and java both, so hopefully I'm missing something easy here. All I want to do is create a simple PKCS10 certificate signing request. I have some code that will compile and run on my ubuntu box (java-6-openjdk), but throws a null pointer exception in the android emulator:

        KeyPair myKeyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
        X500Principal subject = new X500Principal("CN=Test V3 Certificate");
        PKCS10CertificationRequest csr = new PKCS10CertificationRequest
                        ( "SHA1withRSA",
                           subject,
                           myKeyPair.getPublic(),
                           null,
                           myKeyPair.getPrivate()
                );

        byte[] outBytes = csr.getEncoded();
        return new String(outBytes);

In the debugger I can see I have apparently constructed a PKCS10CertificationRequest, but I can't do anything with it (like getEncoded() or even toString()) without error. When I call getEncoded() it fails on the android emulator; this is the stack trace:

06-22 04:41:06.143: WARN/System.err(337): java.lang.NullPointerException: obj == null
06-22 04:41:06.213: WARN/System.err(337):     at org.bouncycastle.asn1.ASN1Collection.addObject(ASN1Collection.java:95)
06-22 04:41:06.353: WARN/System.err(337):     at org.bouncycastle.asn1.DERSequence.<init>(DERSequence.java:34)
06-22 04:41:06.433: WARN/System.err(337):     at org.bouncycastle.asn1.x509.AlgorithmIdentifier.toASN1Object(AlgorithmIdentifier.java:
124)
06-22 04:41:06.453: WARN/System.err(337):     at org.bouncycastle.asn1.ASN1Encodable.getDERObject(ASN1Encodable.java:
77)
06-22 04:41:06.483: WARN/System.err(337):     at org.bouncycastle.asn1.DEROutputStream.writeObject(DEROutputStream.java:
74)
06-22 04:41:06.523: WARN/System.err(337):     at org.bouncycastle.asn1.DERSequence.encode(DERSequence.java:70)
06-22 04:41:06.544: WARN/System.err(337):     at org.bouncycastle.asn1.DEROutputStream.writeObject(DEROutputStream.java:
74)
06-22 04:41:06.593: WARN/System.err(337):     at org.bouncycastle.jce.PKCS10CertificationRequest.getEncoded(PKCS10CertificationRequest.java:
443)

I've tried this with both the API levels 7 and 8. I know there's a ton of other details I could post about the versions of various components of my system. Like I said, I'm new to this, so right now I'm more looking for a direction to go in than necessarily a final answer.

Thanks very much,

Adam Mackler

A: 

You ran into a BouncyCastle bug. I am not sure it's fixed. I ended up using my own PKCS10CertificateRequest. You just need to change this one line in the constructor,

   this.sigAlgId = new AlgorithmIdentifier(sigOID, null);

to

   this.sigAlgId = new AlgorithmIdentifier(sigOID);
ZZ Coder  2010-06-22 20:42:44
Thanks for your reply, ZZ. Can you tell me whether that change you suggest--adding the null second argument--worked for you on the android platform and if so which version?
Adam Mackler  2010-06-24 23:12:10
The change is to REMOVING null, not ADDING. This was done on J2SE 5, not on Android. This bug has been there for a while. I doubt Andoid version matters.
ZZ Coder  2010-06-25 00:22:54
Ah, yes you did say that. My bad. And your fix does seem to work!I think what threw me off (besides not reading carefully) is that the most recent bouncycastle sources changed that null to an instance of DERNull (called INSTANCE). And the android sources did the same thing, but gave it a different name (THE_ONE). I didn't even think that just leaving it out would work, but apparently it does.Thank you very much for taking the time to share you knowledge. You've been very helpful.
Adam Mackler  2010-06-26 15:02:42

related questions

Java Time Zone is messed up
Eclipse on win64
Automate builds for Java RCP for deployment with JNLP
Why are professors or schools picking Java over C++ to teach to students?
Is there a real benefit of using J#?
Public/Popular Websites using JavaServer Faces
Why can't I use a try block around my super() call?
Accessing post variables using Java Servlets
Personal Linux web server
Is this really widening vs autoboxing?
How can I Java webstart multiple, dependent, native libraries?
Why can't I call toString() on a Java primitive?
How do I use Java to read from a file that is actively being written?
What code analysis tools do you use for your Java projects?
IllegalArgumentException or NullPointerException for a null parameter?
How do I configure and communicate with a serial port?
What is the best way to parse strings in Java
Getting started with a custom JXTA PeerGroup
Creating a custom button in Java
How to get started "writing" a code coverage tool?
Which Build-/Configuration Management Tool?
What is the difference between an int and an Integer in Java/C#?
What is the meaning of the type safety warning in certain Java generics casts?
How would you access Object properties from within an object method?
Converting CSV File to XML in Java