B4J Question SSL problem with Win 10 build

gpa

Member
Licensed User
Longtime User
Hi...

I have an app that works fine in the IDE, and the jar file runs fine under Linux.
However the build file crashes under Win 10.
I expect this is because the Windows build needs an extra file included by the packager for the TLS / SSL support, but I'm not sure what!
Or it could be a java version issue - but I thought the packager handled all the correct dependencies?

Any help or advice appreciated!


The code that crashes, is when btnConnect is pressed:

B4X:
Sub btnConnect_Action
    Dim m As Matcher = Regex.Matcher("(\d+\.\d+\.\d+\.\d+):(\d+)", txtServerIP.Text)
    If m.Find Then
        CloseExistingConnection
        Dim c As Socket = CreateTrustAllSSLSocket("client")
        c.Connect(m.Group(1), m.Group(2), 10000)
        Wait For Client_Connected (Successful As Boolean)
        If Successful Then
            NewConnection(c)
        End If
    Else
        fx.Msgbox(MainForm, "Invalid address", "")
    End If
End Sub

Private Sub CreateTrustAllSSLSocket (EventName As String) As Socket
    Dim socket As Socket
    socket.Initialize(EventName)
    Dim jo As JavaObject = socket
    jo.SetField("socket", CreateTrustAllSSLSocketFactory.RunMethod("createSocket", Null))
    Return socket
End Sub

Sub CreateTrustAllSSLSocketFactory As JavaObject
    Dim tm As CustomTrustManager
    tm.InitializeAcceptAll
    Dim SSLContext As JavaObject
    SSLContext = SSLContext.InitializeStatic("javax.net.ssl.SSLContext").RunMethod("getInstance", Array("TLS"))
    SSLContext.RunMethod("init", Array(Null, tm, Null))
    Dim Factory As JavaObject = SSLContext.RunMethod("getSocketFactory", Null)
    Return Factory
End Sub

The exception is, as captured by run_debug.bat:

B4X:
D:\Temp\Objects\temp\build>cd bin

D:\Temp\Objects\temp\build\bin>java.exe @release_java_modules.txt  -m b4j/b4j.example.main
main._createtrustallsslsocket (java line: -1)
java.lang.IllegalAccessException: class anywheresoftware.b4j.object.JavaObject (in module b4j) cannot access class sun.security.ssl.SSLSocketFactoryImpl (in module java.base) because module java.base does not export sun.security.ssl to module b4j
        at java.base/jdk.internal.reflect.Reflection.newIllegalAccessException(Unknown Source)
        at java.base/java.lang.reflect.AccessibleObject.checkAccess(Unknown Source)
        at java.base/java.lang.reflect.Method.invoke(Unknown Source)
        at b4j/anywheresoftware.b4j.object.JavaObject.RunMethod(Unknown Source)
        at b4j/b4j.example.main._createtrustallsslsocket(Unknown Source)
        at b4j/b4j.example.main$ResumableSub_btnConnect_Action.resume(Unknown Source)
        at b4j/b4j.example.main._btnconnect_action(Unknown Source)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
        at java.base/java.lang.reflect.Method.invoke(Unknown Source)
        at b4j/anywheresoftware.b4a.BA.raiseEvent2(Unknown Source)
        at b4j/anywheresoftware.b4a.BA$1.run(Unknown Source)
        at javafx.graphics/com.sun.javafx.application.PlatformImpl.lambda$runLater$10(Unknown Source)
        at java.base/java.security.AccessController.doPrivileged(Native Method)
        at javafx.graphics/com.sun.javafx.application.PlatformImpl.lambda$runLater$11(Unknown Source)
        at javafx.graphics/com.sun.glass.ui.InvokeLaterDispatcher$Future.run(Unknown Source)
        at javafx.graphics/com.sun.glass.ui.win.WinApplication._runLoop(Native Method)
        at javafx.graphics/com.sun.glass.ui.win.WinApplication.lambda$runLoop$3(Unknown Source)
        at java.base/java.lang.Thread.run(Unknown Source)
 

aeric

Expert
Licensed User
Longtime User

Not sure it would help. Maybe something similar to Tip #7.

7. If you get an error that looks like: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure, add:
B4X:
#PackagerProperty: IncludedModules = jdk.crypto.ec
 
Upvote 0

gpa

Member
Licensed User
Longtime User
Hi...
Thanks - that stops the crash, but it fails to connect - handshake fails. I think the createtrustallsocket needs something else to work?

I think this is the part that fails...
CreateTrustAllSSLSocketFactory As JavaObject
 
Last edited:
Upvote 0

gpa

Member
Licensed User
Longtime User
Yes, it works fine. On the same PC, the built version fails, as well as on another PC.
 
Upvote 0

gpa

Member
Licensed User
Longtime User
Hi...
Thanks for getting back to me.
It's on a private link, so that would be tricky.
Two suggestions - it fails in testing to openssl, if you have that -

openssl s_server -cert ..\..\usr\ssl\cert.pem -key ..\..\usr\ssl\key.pem

I could send you the keys referred - what's the best way to send that privately?

Also I could send you the complete build, or the b4j file?

It should be simple - it works in IDE and the jar file runs on Linux ok!
 
Last edited:
Upvote 0

gpa

Member
Licensed User
Longtime User
A custom application (Vb6) and openssl for testing.

The IDE ver connects to 8.8.8.8:443, the build version fails to connect too.
 
Last edited:
Upvote 0

OliverA

Expert
Licensed User
Longtime User
What is the connection error? Why are you connecting to 8.8.8.8? What does OpenSSL have to do with it?
 
Upvote 0

gpa

Member
Licensed User
Longtime User
Fails to handshake, cert trust fails. 8.8.8.8 is simply a public test address, as discussed with Erel - read above. Openssl can act as a server to test ssl/tls clients - or as a client to test servers.
The trustallsslsocket works in IDE, works standalone on Linx, fails standalone on Windows. So, something is missing in the windows build.
 
Upvote 0

OliverA

Expert
Licensed User
Longtime User
Upvote 0

OliverA

Expert
Licensed User
Longtime User
Sample project used attached
 

Attachments

  • 20210422_SSL.zip
    2.4 KB · Views: 100
Upvote 0

gpa

Member
Licensed User
Longtime User
Ah! Thanks. We'd tried the VMArgs.... addition as per Erel's suggestion. Adding the jdk.crypto.ec line fixed it!
Many thanks! :)
 
Upvote 0
Top