[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[iaik-jce] JDK 1.2 keytool and IAIKKeyStore
>From what I can gather from the Sun JDK 1.2 keytool documentation
and IAIK's architecture, it *should* be possible to use IAIK
as a provider for the sun keytool front end to the KeyTool class.
However, I am having some difficulty doing this, and I am wondering
if it is more due to the Blackdown port (Linux) of the JDK
than anything else.
Here are the steps I have taken.
1. Modified the $JAVA_HOME/lib/java.security properties file
to include IAIK as a provider:
(I've also tried 1, for whatever that is worth; the
sun comments in this file indicate that 1 means "default")
2. (This step does not seem strickly necessary, but I
did it in the course of my experimentation) Modify
this same file to set the default keystore type to IAIKKeyStore:
(NOTE: The sun keytool documentation indicates that this property
is not case sensitive; perhaps it is therefore doing a toLowerCase()
3. Made sure the IAIK jar files are in my classpath. (NOTE: JDK1.2
makes it more difficult to overload sun's classes...)
linux% keytool -genkey -alias fred -keypass blahblah -storetype IAIKKeyStore \
-keystore iaik.keystore -storepass jeckel -v -J-verbose
I get the error
keytool error: IAIKKeyStore not found
Now, I couldn't just stop there! (Not like I have anything better to do...)
I hacked around Sun's source code that comes with the JDK, and it turns
out that the java.security.Provider.loadProvider class does not seem to
be working correctly with IAIK's iaik.security.provider.IAIK class.
In particular, the test
obj instanceof Provider
in Provider.loadProvider fails when iaik.security.provider.IAIK
is passed as a parameter.
I wonder if this is because these classes were compiled under 1.1.
Is that the case? The documentation does say that iaik.security.provider.IAIK
Interesting. Any ideas?
Fred Dushin mailto:email@example.com
Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-jce/maillist.html
To unsubscribe send an email to firstname.lastname@example.org with the folowing content: UNSUBSCRIBE iaik-jce