print Print
Logo: Stiftung Secure Information and Communication Technologies SIC Stiftung Secure Information and Communication Technologies SIC

Stackoverflow in JDK 1.4 provider verification mechanism

Q:

When installing the IAIK provider (signed version) as first provider and trying to get an JCE engine a stack overflow error occurs. I am using JDK 1.4.

A:

Due to a bug in the JDK jar file verification mechanism it may be necessary that the original SUN provider is installed as first provider. So insert the Stiftung SIC provider as second provider and explicitly request an IAIK engine when calling getInstance:

Security.insertProviderAt(new IAIK(), 2);
Cipher c = Cipher.getInstance("DES/CBC/PKCS5Padding", "IAIK");

Alternatively you may use static method addAsJDK14Provider of the IAIK-JCE provider main class. This method uses a work around that allows to use IAIK as first provider for JDK1.4, too:

IAIK.addAsJDK14Provider();

JDK 1.5.0_02 and later already have fixed the jar file verification problem. For this versions the IAIK provider
 can be installed as first provider in the convential way (or registered statically):

Security.insertProviderAt(new IAIK(), 1);

print Print