[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [iaik-jce] JDK 1.2 keytool and IAIKKeyStore

IAIK listers,

Thank you for your patience and advice.  Unfortunately, I am still having
difficulty getting IAIK to work as a provider for the JDK 1.2 keytool
program, and so I'd like to 1) ask if anyone has successfully
done this using IAIK 2.51 with the Blackdown JDK1.2 port, ii)
demonstrate a discrepency I've discovered between JDK 1.1 and 1.2 which
may help explain the problem.

As I reported before, the test of whether an instance of the
iaik.security.provider.IAIK class is an instanceof of the 
java.security.Provider class fails in the java.security.Provider.
loadProvider( String ) method. 

I decided to isolate this problem, so I wrote a small test program:

	public class IAIKProviderTest
		public static void 
		main( String argv[] )
				(new iaik.security.provider.IAIK()) 
					instanceof java.security.Provider );

This program compiles using the JDK 1.1.x, as illustrated here:

>> linux% echo $CLASSPATH
>> .:/opt/IAIK-JCE2.51/lib/jdk11x_update.jar:/opt/IAIK-JCE2.51/lib/iaik_jce.jar
>> linux% java -version
>> java version "1.1.7B"
>> linux% javac IAIKProviderTest.java
>> linux% java IAIKProviderTest
>> true

However, if I use the JDK 1.2, the compiler will perform the test
itself.  Note that it reports an error:

>> linux% echo $CLASSPATH
>> .
>> linux% java -version
>> Warning: JIT compiler "sunwjit" not found. Will use interpreter.
>> java version "1.2"
>> Classic VM (build Linux_JDK_1.2_pre-release-v2, native threads, nojit)
>> linux% ls -l /opt/jdk1.2/jre/lib/ext/
>> total 816
>> -rw-r--r--   1 root     root       582647 Jul 22 09:36 iaik_jce_full_ae.jar
>> -rw-r--r--   1 root     root        86701 Jun  2 13:42 iiimp.jar
>> -rw-r--r--   1 root     root       158892 Jul 22 14:30 jce1_2-do.jar
>> linux% javac IAIKProviderTest.java
>> Warning: JIT compiler "sunwjit" not found. Will use interpreter.
>> IAIKProviderTest.java:12: Impossible for iaik.security.provider.IAIK to be instance of java.security.Provider.
>>                                 instanceof java.security.Provider );
>>                                 ^
>> 1 error

As you can see, the IAIK jar file is installed in the ext directory,
as per the JCE instructions (I have the "full" jar file there, but that
was just in case the keytool needed stuff not in the standard file), so
not having the IAIK classes in the CLASSPATH should not make a difference.

Could I ask someone who has successfully gotten IAIK to work as a
provider with *1.2* (Blackdown or otherwise) to try the test
program on their platform?  If it does work on the standard "supported"
platforms but not on linux, it may be worth a bug report to Blackdown.

Or am I completely confused?  (Wouldn't be the first time :)



Fred Dushin                      mailto:fadushin@syr.edu

Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-jce/maillist.html

To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-jce