[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [iaik-jce] iSaSiLk and KeyStore



Because of its provider independent architecture, you can iSaSiLk configure
to avoid compatibility problems. When using the SUN keystore you may
override the certificate related methods of class
iaik.security.ssl.SecurityProvider. At least you will have to override
method getEncodedPrincipal(Principal principal) for being able to handle
Principals as instances of sun.security.x509.X500Name (see our mailing list
archive for a more detailed description of this problem
http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-ssl/msg00375.html).

There is a known incompabiltity between IAIKKeyStore and the Java keytool.
Sun's keytool and jarsigner are not designed in a full cryptographic
provider independent way. This bug yet heas been reported to SUN.
See our mailing list archive at
http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-jce/msg00349.html for a
problem description.

Dieter Bratko



> Hi,

> I have recently downloaded the iSaSiLk product for evaluation and would
> like to know if there are any known issues with using the Java keytool
> utility to administer IAIK's KeyStore implementation? Also are there any
> issues with using the SUN KeyStore with IAIK's SSL product? I want to
> ensure that there are no compatibility problems.

> Thanks in advance
> Gary Brown


--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-jce