Microsoft NDES failed to decrypt client's PKC7 Message - JSCEP 2.0 on Android

[Govind Vanga]

  Getting the error 'The Network Device Enrollment Service cannot decrypt the client's PKCS7 message (0x80090005).  Bad Data.' on Microsoft 2008 server R2 NDES
  while enrolling from Android device.

 

[David Grant]

jscep doesn't work on Android due to libraries bundled with the Android runtime.  Do you have any logs to share?

Dave

Sent from my iPad

On 2 Nov 2012, at 12:26, Govind Vanga <govind...@gmail.com> wrote:

  Getting the error 'The Network Device Enrollment Service cannot decrypt the client's PKCS7 message (0x80090005).  Bad Data.' on Microsoft 2008 server R2 NDES
  while enrolling from Android device.

 

--
 
 
 

[Govind Vanga]

 
  Hi Dave,

                 Thanks for the quick response. I was able to create X509certificate and PKC10CertificationRequest on Android device succesfully. But after calling enrol method on
 client getting the Bad Data exception on Microsoft SCEP server.

                 Please check the attached log for more details.

[David Grant]

The only suspicious detail I can see is three certificates being returned for GetCACert.  Usually when three certificates are returned, two certificates are used for signing and encryption, and the other is used for issuing. However, in your case, the same certificate is used for all three cases, because jscep couldn't find a signing- or encryption- related certificate.

Does your server work with other SCEP clients?

Dave

Sent from my iPad

--
 
 
 

<android-log.txt>

[Govind Vanga]

 Yes Dave, iPhone is able to enroll successfully with our SCEP server.

[David Grant]

Do you have any logs from NDES?

Sent from my iPad

--
 
 
 

[Govind Vanga]

 NDES event logs is showing the error 'The Network Device Enrollment Service cannot decrypt the client's PKCS7 message : Bad data'

 And one more thing just now i am checking Microsoft SCEP implementation white paper. In certificate enrollment request to NDES service it was expecting

 PKCS#7 request with keyusage extension. Can we do that in jscep client?

[David Grant]

PKCS7?  Not PKCS10?  If it is the latter, check this out:

https://jscep.ci.cloudbees.com/job/jscep/site/client.html#Extensions

If NDES can't decrypt, then I suspect the RA certificate doesn't have the correct key usage defined.  It should have dataEncipherment or keyEncipherment set.  If it doesn't, jscep will use the wrong certificate.  I'm not sure how iOS detects the RA cert, but the keyUsage approach is the only way to do it in jscep.

Dave

Sent from my iPad

--
 
 
 

[Govind Vanga]

Hi Dave,

  How to configure the below mentioned KeyUsage extension in jscep client? 

  Microsoft SCEP implementation assumes the following for enrollment request:
     
  The KeyUsage extension of the enrollment request should be one of the following:

• Key Encipherment (0x20)
• Digital Signature (0x80)
• Both (0xa0)

Note  The KeyUsage extension value usually defaults to 0xa0 for most devices.

If the request does not contain a KeyUsage extension, the service will treat the request as it was sent for both cryptographic operations (0xa0).

[David Grant]

KeyUsage isn't much different to ExtendedKeyUsage in the documentation I linked.  I don't think your issue is the KeyUsage however, since hi has nothi o do with the encryption of the PKCS7 message.

Dave

Sent from my iPad

--
 
 
 

[Govind Vanga]

Even though getCACert is returning t certificates why CertStoreInspector is not selecting signer and encryption certificates?

[David Grant]

The keyUsage extensions it's looking for aren't present in the cert store.

For encryption, it looks for keyEncipherment first, then
dataEncipherment. If it finds neither, it'll use the CA cert. For
the signer cert, it'll look for the digitalSignature keyUsage, and
likewise will fall back to the CA.

Dave

Sent from my iPad

On 2 Nov 2012, at 22:38, Govind Vanga <govind...@gmail.com> wrote:

> Even though getCACert is returning t certificates why CertStoreInspector is not selecting signer and encryption certificates?
>

> --
>
>
>

[Govind Vanga]

 Hi Dave,

            I have tested latest jscep client with Microsoft SCEP using a stand alone java application.  It was able to get the signing and encryption certificates properly and the enrollment was successful. But on Android Device signing and encryption are not selected properly.  What could be the reason>

[David Grant]

jscep uses cert selection provided by JCA.  See the CertStoreInspector class for details. 

Dave

Sent from my iPad

--
 
 
 

[Govind Vanga]

I have checked it. But is there any issue bouncycastleprovider implementation?

[David Grant]

It doesn't use BC for this part.  It should be provided by the platform libraries.  As for a defect, I don't know.  As far as I know, you are the only person who has this running on Android.

Dave

Sent from my iPad

--
 
 
 

[Ryan Schipper]

Govind, can you email your certificates to the list. all CA, RA and NDES certificates.

Also, can you post another log which contains the full subject, issuer and serial number of the certificates presented by the CA when responding to GetCaCerts.

thanks

--Ryan

--
 
 
 

[Govind Vanga]

Hi,

     Look likes its an issue in android platform library. Android libraries internally uses Apache Harmony which is outdated.

     Can I do something like this to get encryption certificate?

     private static X509Certificate findEncryptionCertificate(CertStore store) throws CertStoreException{
       
         Collection<? extends Certificate> certs = store.getCertificates(null);
         for(Certificate cert : certs){
              X509Certificate x509 = (X509Certificate) cert;
              boolean matchBasicConstrainits = x509.getBasicConstraints() == -2;
              boolean[] keyUsage = x509.getKeyUsage();
              boolean matchKeyUsage = (keyUsage[2] == true);
              if(matchBasicConstrainits && matchKeyUsage){
                  return x509;
              }
         }
         return findIssuer(store);

[Govind Vanga]

 Hi Ryan,

             As per my findings so far the issue is coming due to android platform libraries which are using Apache Harmony internally.

            SCEP server is issuing the certificates properly if it is run in STANDALONE MODE ( on my eclipse with jdk 1.5 env )

            Right now i don't have access to the server. I will provide more details asap.

[David Grant]

That looks fairly accurate, although I'd double check the basic constraints comparison if I were you.  I'd be happy to accept a patch for CertStoreInspector to get it working on Android, but please make sure all unit tests pass.

Dave

Sent from my iPad

--
 
 
 

[Govind Vanga]

   Unfortunately getBasicConstraints() method is returning Integer.MAX_VALUE for SCEP server.  The problem is in the bouncy castle X509CertificateObject.java
   pathLengthConstraint is coming zero.

   Is there anyother way to check the end entity certificates?

[David Grant]

Just write the CertStoreInspector you need to get it working, and I'll provide the ability to inject it.

Dave

Sent from my iPad

--