Ad

Why Cant Java Load This Class: Com.android.org.conscrypt.OpenSSLRSAPublicKey

- 1 answer

currently I am working on a school Project. The goal of this project is to receive data from a Server and writing data to the Server. For this purpose I am using Sockets and ServerSockets. To encrypt the messages I am using Apache Commons Codec 1.9.

(Server is a java .jar file executed on an Ubuntu Server and the client is an android app)

Server/Client

To encrypt the messages I am exchanging public keys.

private void Schluesselaustausch() {
    try {

        GenerateKeys gk = new GenerateKeys(4069);
        gk.createKeys();
        ServerPrivateKey = gk.getPrivateKey();

        ObjectOutputStream oos = new ObjectOutputStream(clientSocket.getOutputStream());
        oos.writeObject(gk.getPublicKey());
        oos.flush();
        ObjectInputStream ois = new ObjectInputStream(clientSocket.getInputStream());
        Object obj = ois.readObject();
        ClientPublicKey = (PublicKey) obj; //Line 108

    } catch (Exception e) {
        e.printStackTrace();
    }
}

The error occurs when an object is casted to an PublicKey (Line 108).

The Client has the same function, but he is receiving and then sending an object.

The Error

java.lang.ClassNotFoundException: com.android.org.conscrypt.OpenSSLRSAPublicKey
    at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:582)
    at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:190)
    at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:499)
    at java.base/java.lang.Class.forName0(Native Method)
    at java.base/java.lang.Class.forName(Class.java:374)
    at java.base/java.io.ObjectInputStream.resolveClass(ObjectInputStream.java:685)
    at java.base/java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1879)
    at java.base/java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1765)
    at java.base/java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2053)
    at java.base/java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1587)
    at java.base/java.io.ObjectInputStream.readObject(ObjectInputStream.java:422)
    at Engine.ClientVerbindung.Schluesselaustausch(ClientVerbindung.java:108)
    at Engine.ClientVerbindung.run(ClientVerbindung.java:49)

There is more

Now to the strange part: Everything works if I am using a client running on PC. So I figured out that my server was coded on Java 10 but on my Ubuntu Server there was Java 11 installed. I downgraded Java and tested it again. Nothing changed.

My Questions

Is there an error in Android? Do I have to upgrade java to 11? What is the problem?

Thank you for your help. RT

Ad

Answer

You are not sending a key (some string or number value) but the whole Java object back and forth through the Object*Streams. When you use a PC you are basically using the same Java implementation as the server, so the server can deserialize this Java object. If you System.out.println the .getClass() of the received object on the server, you will find that it does not talk about com.android.....

Yet, when you connect from your mobile device, the Android Java version is used and it obviously contains Android specific objects of class com.android.org.conscrypt.OpenSSLRSAPublicKey. The server does not have these class definitions anywhere in its library, so it cannot deserialize them.

Rather then de-/serializing the Java key objects, you should send the plain keys around.

Ad
source: stackoverflow.com
Ad