JDK-4987474 : jarsigner gives SHA1 digest error when trying to verify a signed jar files that
  • Type: Bug
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 1.4.0
  • Priority: P2
  • Status: Closed
  • Resolution: Not an Issue
  • OS: solaris
  • CPU: sparc
  • Submitted: 2004-02-03
  • Updated: 2004-02-19
  • Resolved: 2004-02-19
Description
3 9A A9   59 41 5E 8D F5 DE 77 A3  .0.S.#..YA^...w.
0080: E0 6C CA D7 1C 9F EF F1   AF 82 79 56 25 E7 3F 14  .l........yV%.?.
0090: 40 86 01 0D 6A B2 76 09   3A 07 92 9B DE BE 49 FD  @...j.v.:.....I.
00A0: 4E 28 11 75 14 1A 64 A9   15 EA 37 32 20 9F EB 6D  N(.u..d...72 ..m
00B0: E5 83 62 74 A6 85 9F CE   25 26 BE 9E 45 68 B5 05  ..bt....%&..Eh..
00C0: E9 A0 97 E3 64 3B 34 35   7B 3C 90 7D 51 DD AB 36  ....d;45.<..Q..6
00D0: 37 DE 71 3A B4 27 90 2F   5D 79 71 E6 67 0A 07 D9  7.q:.'./]yq.g...
00E0: 96 7E 71 9B 6B 95 98 25   FE 11 A5 A8 EF 04 A2 F0  ..q.k..%........
00F0: C4 2F 41 39 0C A9 4F FE   BC 7B 5B 49 97 E0 39 63  ./A9..O...[I..9c

]
jar: Signature Block File: test2.tar digest=MD5
jar:   expected 57969286dfabc836f3eb95d37fc34893
jar:   computed 57969286dfabc836f3eb95d37fc34893
jar:
jar: Signature Block File: test2.tar digest=SHA1
jar:   expected d9f925d021967da73a572d8c9077755dd71d5a40
jar:   computed d9f925d021967da73a572d8c9077755dd71d5a40
jar:
jar: processSignature signed name = test2.tar
jar: done with meta!
jar: Manifest Entry: test2.tar digest=MD5
jar:   manifest 97155dfe1ac78c1c22c1388e65659079
jar:   computed 97155dfe1ac78c1c22c1388e65659079
jar:
jar: Manifest Entry: test2.tar digest=SHA1
jar:   manifest 3a9d6bd3a95a8679abacdba6e3b1e7ee9d8967c4
jar:   computed d6905c45616341ba67715fc4ff0286c90840427c
jar:
jarsigner: java.lang.SecurityException: SHA1 digest error for test2.tar


-----------



If you could look into this, it would be appreciated
###@###.### 2004-02-02
I am signing files using netscape signtool 1.3 (signed patches on sunsolve are also signed using signtool 1.3) and have come across a bug where if the jar file contains a file that is large (my example fails on files >=20 MB), the verification fails.  

I have verified this under both solaris 9:
     % java -version
     java version "1.4.0_00"
     Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.0_00-b05)
     Java HotSpot(TM) Client VM (build 1.4.0_00-b05, mixed mode)

and under the JDS Linux client:

   % java -version
   java version "1.4.2_02"
   Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.2_02-b03)
   Java HotSpot(TM) Client VM (build 1.4.2_02-b03, mixed mode)




The following is the error I get:

     % jarsigner -verbose -certs -verify test_small2.jar	
      jarsigner: java.lang.SecurityException: SHA1 digest error for test2.tar


If I check it with signtool, the signature verifies OK.

The failing jar file contains:

% unzip -l test_small2.jar 
Archive:  test_small2.jar
 Length    Date    Time    Name
 ------    ----    ----    ----
19885568  02-03-04  15:43   test2.tar
    241  02-03-04  15:43   META-INF/manifest.mf
    349  02-03-04  15:43   META-INF/zigbert.sf
   3697  02-03-04  15:43   META-INF/zigbert.rsa
 ------                    -------
19889855                    4 files


If the file contained in the jarfile is smaller, the verification works:

% jarsigner -verbose -certs -verify test_small.jar

sm    9937465 Tue Feb 03 15:47:08 EST 2004 test.tar.gz

      X.509, CN=Tony's test certificate, O=Sun Microsystems Inc
      X.509, O=Sun Microsystems Inc, CN=Sun Microsystems Inc TEST CA
      X.509, CN=Sun Microsystems Inc TEST Root CA, O=Sun Microsystems Inc, C=US

         243 Tue Feb 03 15:47:08 EST 2004 META-INF/manifest.mf
         351 Tue Feb 03 15:47:08 EST 2004 META-INF/zigbert.sf
        3697 Tue Feb 03 15:47:08 EST 2004 META-INF/zigbert.rsa

  s = signature was verified 
  m = entry is listed in manifest
  k = at least one certificate was found in keystore
  i = at least one certificate was found in identity scope

jar verified.


The contents of this jarfile are:

% unzip -l test_small.jar
Archive:  test_small.jar
 Length    Date    Time    Name
 ------    ----    ----    ----
9937465  02-03-04  15:47   test.tar.gz
    243  02-03-04  15:47   META-INF/manifest.mf
    351  02-03-04  15:47   META-INF/zigbert.sf
   3697  02-03-04  15:47   META-INF/zigbert.rsa
 ------                    -------
9941756                    4 files



If I add some debugging information for the failing jarfile it looks like there is  a problem with the SHA1 algorithm.


------

% jarsigner -J-Djava.security.debug=jar -verbose -verify -certs test_small2.jar 
jar: beginEntry META-INF/MANIFEST.MF
jar: done with meta!
jar: nothing to verify!
jar: beginEntry META-INF/manifest.mf
jar: beginEntry META-INF/zigbert.sf
jar: processEntry: processing block
jar: beginEntry META-INF/zigbert.rsa
jar: processEntry: processing block
jar: beginEntry META-INF/MANIFEST.MF
jar: beginEntry META-INF/4JCEJARS.SF
jar: processEntry: processing block
jar: beginEntry META-INF/4JCEJARS.DSA
jar: processEntry: processing block
jar: Signature Block Certificate: [
[
  Version: V3
  Subject: CN=Sun Microsystems Inc, OU=Java Software Code Signing, O=Sun Microsystems Inc
  Signature Algorithm: SHA1withDSA, OID = 1.2.840.10040.4.3

  Key:  Sun DSA Public Key
    Parameters:DSA
	p:     fd7f5381 1d751229 52df4a9c 2eece4e7 f611b752 3cef4400 c31e3f80 b6512669
    455d4022 51fb593d 8d58fabf c5f5ba30 f6cb9b55 6cd7813b 801d346f f26660b7
    6b9950a5 a49f9fe8 047b1022 c24fbba9 d7feb7c6 1bf83b57 e7c6a8a6 150f04fb
    83f6d3c5 1ec30235 54135a16 9132f675 f3ae2b61 d72aeff2 2203199d d14801c7
	q:     9760508f 15230bcc b292b982 a2eb840b f0581cf5 
	g:     f7e1a085 d69b3dde cbbcab5c 36b857b9 7994afbb fa3aea82 f9574c0b 3d078267
    5159578e bad4594f e6710710 8180b449 167123e8 4c281613 b7cf0932 8cc8a6e1
    3c167a8b 547c8d28 e0a3ae1e 2bb3a675 916ea37f 0bfa2135 62f1fb62 7a01243b
    cca4f1be a8519089 a883dfe1 5ae59f06 928b665e 807b5525 64014c3b fecf492a

  y:
    07ccf638 3acdd358 99900f71 afaad003 273b74e1 643811bf fab7bf2c e7bba792
    2f08ce27 f8b4fdd8 141da395 bb0316a6 babc35c0 cdf9f56c a7945b23 01f9aef5
    c9e0817a e8e469eb f8f58025 042c9173 9659b406 8317b250 ac4feb9d 51253df7
    eeb02425 0efeb432 a1c40eb3 6641e057 ce9dbe33 2e939ac9 7a57dccd 8860a7ce

  Validity: [From: Sat Oct 20 09:04:31 EST 2001,
               To: Tue Oct 24 09:04:31 EST 2006]
  Issuer: CN=JCE Code Signing CA, OU=Java Software Code Signing, O=Sun Microsystems Inc, L=Palo Alto, ST=CA, C=US
  SerialNumber: [    0104]

Certificate Extensions: 5
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 55 8D 1F 2A 05 AB 9B CE   86 10 AE 3B 5D F6 BA 3F  U..*.......;]..?
0010: 22 C5 6A CA                                        ".j.
]
]

[2]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
  Object Signing
]

[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 65 E2 F4 86 C9 D3 4E F0   91 4E 58 A2 6A F5 D8 78  e.....N..NX.j..x
0010: 5A 9A C1 A6                                        Z...
]

]

[4]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
[RFC822Name: ###@###.###]

[5]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
  DigitalSignature
  Non_repudiation
  Key_Encipherment
]

]
  Algorithm: [SHA1withDSA]
  Signature:
0000: 30 2C 02 14 75 4B E8 21   37 78 79 0A D0 B5 DC 7E  0,..uK.!7xy.....
0010: 36 75 B9 E4 14 B5 D0 46   02 14 6A 51 DC BA 6D 1A  6u.....F..jQ..m.
0020: 6B 5C 18 23 6A F1 CA 21   8A 77 C2 05 16 42        k\.#j..!.w...B

]
jar: Signature File: Manifest digest SHA1
jar:   sigfile  cb3249a2833537adcb04fc7aa3f5cc18dff465f4
jar:   computed cb3249a2833537adcb04fc7aa3f5cc18dff465f4
jar:
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_s.class
jar: processSignature signed name = com/sun/crypto/provider/BlowfishParameters.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_q.class
jar: processSignature signed name = com/sun/crypto/provider/DHPublicKey.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_o.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_m.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_k.class
jar: processSignature signed name = com/sun/crypto/provider/JceKeyStore.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_i.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_g.class
jar: processSignature signed name = com/sun/crypto/provider/ai.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_e.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_c.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_ad.class
jar: processSignature signed name = com/sun/crypto/provider/DESedeCipher.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_ab.class
jar: processSignature signed name = com/sun/crypto/provider/DHKeyPairGenerator.class
jar: processSignature signed name = com/sun/crypto/provider/BlowfishCipher.classjar: processSignature signed name = com/sun/crypto/provider/DHParameterGenerator.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE.class
jar: processSignature signed name = com/sun/crypto/provider/PBEKeyFactory.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_z.class
jar: processSignature signed name = com/sun/crypto/provider/PBEParameters.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_x.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_v.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_t.class
jar: processSignature signed name = com/sun/crypto/provider/HmacMD5.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_r.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_p.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_n.class
jar: processSignature signed name = com/sun/crypto/provider/PBEWithMD5AndTripleDESCipher.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_l.class
jar: processSignature signed name = com/sun/crypto/provider/HmacSHA1.class
jar: processSignature signed name = com/sun/crypto/provider/PBEWithMD5AndDESCipher.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_j.class
jar: processSignature signed name = com/sun/crypto/provider/DESedeKey.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_h.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_f.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_d.class
jar: processSignature signed name = com/sun/crypto/provider/DESKeyGenerator.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_b.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_ae.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_ac.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_aa.class
jar: processSignature signed name = com/sun/crypto/provider/DESKeyFactory.class
jar: processSignature signed name = com/sun/crypto/provider/DESParameters.class
jar: processSignature signed name = com/sun/crypto/provider/DHKeyFactory.class
jar: processSignature signed name = com/sun/crypto/provider/DHKeyAgreement.classjar: processSignature signed name = com/sun/crypto/provider/DHParameters.class
jar: processSignature signed name = com/sun/crypto/provider/DESKey.class
jar: processSignature signed name = com/sun/crypto/provider/PBEKey.class
jar: processSignature signed name = com/sun/crypto/provider/HmacMD5KeyGenerator.class
jar: processSignature signed name = com/sun/crypto/provider/DESedeKeyGenerator.class
jar: processSignature signed name = com/sun/crypto/provider/HmacSHA1KeyGenerator.class
jar: processSignature signed name = com/sun/crypto/provider/DHPrivateKey.class
jar: processSignature signed name = com/sun/crypto/provider/DESedeKeyFactory.class
jar: processSignature signed name = com/sun/crypto/provider/SealedObjectForKeyProtector.class
jar: processSignature signed name = com/sun/crypto/provider/BlowfishKeyGenerator.class
jar: processSignature signed name = com/sun/crypto/provider/DESedeParameters.class
jar: processSignature signed name = com/sun/crypto/provider/DESCipher.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_y.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_w.class
jar: processSignature signed name = com/sun/crypto/provider/SunJCE_u.class
jar: done with meta!
jar: beginEntry com/sun/crypto/provider/SunJCE.class
jar: Manifest Entry: com/sun/crypto/provider/SunJCE.class digest=SHA1
jar:   manifest 0fe82e2de1fb12e454f2d0040a5f03fed540137c
jar:   computed 0fe82e2de1fb12e454f2d0040a5f03fed540137c
jar:
jar: beginEntry com/sun/crypto/provider/SunJCE_b.class
jar: Manifest Entry: com/sun/crypto/provider/SunJCE_b.class digest=SHA1
jar:   manifest 9eeb08cf129453b71839ae5eaab988d419eda23d
jar:   computed 9eeb08cf129453b71839ae5eaab988d419eda23d
jar:
jar: Signature Block Certificate: [
[
  Version: V3
  Subject: CN=Tony's test certificate, O=Sun Microsystems Inc
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@66e815
  Validity: [From: Tue Feb 03 09:07:52 EST 2004,
               To: Wed Feb 02 09:07:52 EST 2005]
  Issuer: O=Sun Microsystems Inc, CN=Sun Microsystems Inc TEST CA
  SerialNumber: [    11000708 ]

Certificate Extensions: 8
[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 5A 30 58 30 2B 06 08   2B 06 01 05 05 07 30 01  .Z0X0+..+.....0.
0010: 86 1F 68 74 74 70 3A 2F   2F 74 65 73 74 76 61 2E  ..http://testva.
0020: 73 69 6E 67 61 70 6F 72   65 2E 73 75 6E 2E 63 6F  singapore.sun.co
0030: 6D 30 29 06 08 2B 06 01   05 05 07 30 01 86 1D 68  m0)..+.....0...h
0040: 74 74 70 3A 2F 2F 74 65   73 74 76 61 2E 63 65 6E  ttp://testva.cen
0050: 74 72 61 6C 2E 73 75 6E   2E 63 6F 6D              tral.sun.com


[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 16 B1 22 00 32 E3 2F 00   0D BD 43 F9 5D 75 73 92  ..".2./...C.]us.
0010: C0 03 43 9A                                        ..C.
]
]

[3]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
   Object Signing
]

[4]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: AB A5 A4 68 74 43 B9 0E   0F 45 B6 0C 08 2D 40 C9  ...htC...E...-@.
0010: 8C 1E 38 D4                                        ..8.
]

]

[5]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 7A 30 78 30 76 A0 28   A0 26 86 24 68 74 74 70  .z0x0v.(.&.$http
0010: 3A 2F 2F 70 6B 69 2E 63   6F 72 70 2E 73 75 6E 2E  ://pki.corp.sun.
0020: 63 6F 6D 2F 70 6B 69 73   6D 69 71 61 2E 63 72 6C  com/pkismiqa.crl
0030: A2 4A A4 48 30 46 31 25   30 23 06 03 55 04 03 13  .J.H0F1%0#..U...
0040: 1C 53 75 6E 20 4D 69 63   72 6F 73 79 73 74 65 6D  .Sun Microsystem
0050: 73 20 49 6E 63 20 54 45   53 54 20 43 41 31 1D 30  s Inc TEST CA1.0
0060: 1B 06 03 55 04 0A 13 14   53 75 6E 20 4D 69 63 72  ...U....Sun Micr
0070: 6F 73 79 73 74 65 6D 73   20 49 6E 63              osystems Inc


[6]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
[1.3.6.1.5.5.7.3.3]]

[7]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
  [CertificatePolicyId: [2.16.840.1.113536.509.2527]
[PolicyQualifierInfo: [
  qualifierID: 1.3.6.1.5.5.7.2.1
  qualifier: 0000: 16 1F 68 74 74 70 3A 2F   2F 77 77 77 2E 73 75 6E  ..http://www.sun
0010: 2E 63 6F 6D 2F 70 6B 69   2F 63 70 73 2E 68 74 6D  .com/pki/cps.htm
0020: 6C                                                 l

]]  ]
]

[8]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
  DigitalSignature
]

]
  Algorithm: [SHA1withRSA]
  Signature:
0000: A3 5E BF 19 7D 4C 2D B0   22 05 39 FC 17 7A 33 D2  .^...L-.".9..z3.
0010: 13 E7 42 BE AB 27 77 48   DC 1C F6 97 D5 07 52 4A  ..B..'wH......RJ
0020: 05 92 AF 2F 5E 1A 97 58   8A CA 06 0F 4F BA 42 23  .../^..X....O.B#
0030: DA 56 AC DC 82 66 A1 FB   73 5D 99 52 46 C4 D4 42  .V...f..s].RF..B
0040: CE 99 D0 AC 75 8C B0 0C   09 96 77 02 17 EB 0D 54  ....u.....w....T
0050: F9 82 09 51 DB 2C 10 5C   FC 48 D8 C8 B5 2D D2 99  ...Q.,.\.H...-..
0060: 30 DC B8 D8 2E AD 50 0E   00 8E DB 67 13 04 1D BC  0.....P....g....
0070: FE 30 13 53 8C 2

Comments
EVALUATION I recommended that the user try using the signtool 1.3 utility from Mozilla NSS version 3.9 instead of the signtool 1.3 utility from Netscape. Although there are a number of minor configuration differences between the two signtool utilities the result is that the problem does not occur when using the version from Mozilla. The user's report is provided below. -------- Original Message -------- Subject: Re: bug id 4987474 Date: Thu, 19 Feb 2004 16:23:52 +1000 From: tony shepherd <###@###.###> To: Vincent Ryan <###@###.###> Hi Vincent Seems you are right. I downloaded and tested with the products you suggested and have since generated and verified a large signed jar file. The signtool I was using came from: <http://developer.netscape.com/software/signedobj/signtool13/signtool13SunO S56.tar.gz> There are a number of differences between this one and the precompiled one you pointed me to. I had to do a few things like: * create a cert8.db - your version wanted one of these; not the cert7.db file. You can create one of these from the cert7.db file using the ..../nss3.9/bin/dbtest utility. * My signtool wanted the security module DB to be in secmodule.db where yours wanted it to be in secmod.db. Copying mine across just worked. * My signtool asked for the token pin when it signed the file; yours did not give me that opportunity so I had to put the password on the command line with the -p option. All in all, quite confusing but at least we now know what is causing the problem. Feel free to close this bug out as "not a bug".... thanks for your time on this. tony -------------------------------------------------------------------------------
11-06-2004

WORK AROUND Use the signtool 1.3 utility from Mozilla NSS 3.9 instead. The problem does not occur in that version.
11-06-2004