I've sent you all necessary details to reproduce the NullReference exception.
> I'm told by the resident SSL expert ... and this RSA instance will be used > in the SSL handshake logic. I've tried to inherit from System.Security.Cryptography.RSA and use the IPrivateKey in this custom class to do the signing - CustomRSA.cs <http://mono-for-android.1047100.n5.nabble.com/file/n5712890/CustomRSA.cs> . This is the code that attempts to use the custom RSA implementation: X509Certificate[] certificateChain = KeyChain.GetCertificateChain(this, alias); IPrivateKey privateKey = KeyChain.GetPrivateKey(this, alias); KeyStore pkcs12KeyStore = KeyStore.GetInstance("PKCS12"); pkcs12KeyStore.Load(null, null); pkcs12KeyStore.SetKeyEntry(alias, privateKey, null, certificateChain); X509Certificate javaCertificate = (X509Certificate)pkcs12KeyStore.GetCertificate(alias); X509Certificate2 certificate = new X509Certificate2(javaCertificate.GetEncoded()); certificate.PrivateKey = new CustomRSA(privateKey, javaCertificate); ServicePointManager.ServerCertificateValidationCallback += ((sender, c, chain, sslPolicyErrors) => true); HttpWebRequest request = (HttpWebRequest)WebRequest.Create(serverUrl); request.ClientCertificates.Add(certificate); request.GetResponse(); The last line fails with the following horrible exception: System.Net.WebException: Error getting response stream (Write: The authentication or decryption has failed.): SendFailure ---> System.IO.IOException: The authentication or decryption has failed. ---> Java.Lang.ArrayIndexOutOfBoundsException: Exception of type 'Java.Lang.ArrayIndexOutOfBoundsException' was thrown. at Android.Runtime.JNIEnv.CallObjectMethod (IntPtr jobject, IntPtr jmethod, Android.Runtime.JValue[] parms) [0x00024] in /Users/builder/data/lanes/monodroid-mac-monodroid-4.4-series/6418373f/source/monodroid/src/Mono.Android/src/Runtime/JNIEnv.g.cs:145 at Javax.Crypto.Cipher.DoFinal (System.Byte[] input) [0x00034] in /Users/builder/data/lanes/monodroid-mac-monodroid-4.4-series/6418373f/source/monodroid/src/Mono.Android/platforms/android-14/src/generated/Javax.Crypto.Cipher.cs:141 at AndroidApplication8.CustomRSA.DecryptValue (System.Byte[] rgb) [0x00025] in C:\Users\anusevn\Documents\Visual Studio 2010\Projects\AndroidApplication8\CustomRSA.cs:62 at Mono.Security.Cryptography.PKCS1.RSASP1 (System.Security.Cryptography.RSA rsa, System.Byte[] m) [0x00000] in <filename unknown>:0 at Mono.Security.Cryptography.PKCS1.Sign_v15 (System.Security.Cryptography.RSA rsa, System.Security.Cryptography.HashAlgorithm hash, System.Byte[] hashValue) [0x00000] in <filename unknown>:0 at Mono.Security.Protocol.Tls.RSASslSignatureFormatter.CreateSignature (System.Byte[] rgbHash) [0x00000] in <filename unknown>:0 at Mono.Security.Cryptography.MD5SHA1.CreateSignature (System.Security.Cryptography.RSA rsa) [0x00000] in <filename unknown>:0 at Mono.Security.Protocol.Tls.Handshake.Client.TlsClientCertificateVerify.ProcessAsTls1 () [0x00000] in <filename unknown>:0 at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () [0x00000] in <filename unknown>:0 at Mono.Security.Protocol.Tls.RecordProtocol.BeginSendRecord (HandshakeType handshakeType, System.AsyncCallback callback, System.Object state) [0x00000] in <filename unknown>:0 at Mono.Security.Protocol.Tls.RecordProtocol.SendRecord (HandshakeType type) [0x00000] in <filename unknown>:0 at Mono.Security.Protocol.Tls.SslClientStream.OnNegotiateHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0 at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0 --- End of managed exception stack trace --- java.lang.ArrayIndexOutOfBoundsException: too much data for RSA block at com.android.org.bouncycastle.jce.provider.JCERSACipher.engineDoFinal(JCERSACipher.java:450) at javax.crypto.Cipher.doFinal(Cipher.java:1111) at dalvik.system.NativeStart.run(Native Method) --- End of inner exception stack trace --- at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0 --- End of inner exception stack trace --- at System.Net.HttpWebRequest.EndGetResponse (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0 at System.Net.HttpWebRequest.GetResponse () [0x00000] in <filename unknown>:0 at AndroidApplication8.Activity1.ConnectWithNetStack (System.String alias) [0x000af] in C:\Users\anusevn\Documents\Visual Studio 2010\Projects\AndroidApplication8\Activity1.cs:115 I am not really sure why the Mono.Security.Cryptography.PKCS1.Sign_v15 method calls the CustomRSA.DecryptValue method - I would expect that signing would involve encryption of bytes, not their decryption. But it's almost certain I am doing something wrong when inheriting from the RSA class - could your SSL expert perhaps take a look? :) -- View this message in context: http://mono-for-android.1047100.n5.nabble.com/KeyChain-API-on-Android-4-1-and-client-certificate-authentication-tp5712844p5712890.html Sent from the Mono for Android mailing list archive at Nabble.com. _______________________________________________ Monodroid mailing list Monodroid@lists.ximian.com UNSUBSCRIBE INFORMATION: http://lists.ximian.com/mailman/listinfo/monodroid
