[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: [iaik-jce] Error while decoding certificates from JKS keystore



 
With JDK1.2 Sun has changed the algorithmIDs indicating a DSA public key from 1.3.14.3.2.12 to 1.2.840.10040.4.1. So when parsing a cert containing a DSA public key created from SUN you may get an exception similar to "PublicKey algorithm not implemented: 1.2.840.10040.4.1". The static registration part of the iaik.asn1.structures.AlgorithmID class only associates one specific object identifier with a particular AlgorithmID. For DSA this is 1.3.14.3.2.12" . Since your sample uses "1.2.840.10040.4.1" as OID for DSA, you also have to register this OID for the DSA algorithm by calling the AlgorithmID(String objectID, String name, String implementation) constructor. Thereby "objectID" indicates the OID string in mind, "name" specifies a name for the algorithm, and "implementationName" a string constant (e.g. the standard name registered by the provider) to be used for querying for an implementaion of the algorithm by means of the getInstance(..) method:

  new AlgorithmID("1.2.840.10040.4.1", "DSA", "DSA");
 
 
When using IAIK-JCE 2.6 beta this should not be necessary, since the alternative oid already is registrated by the provider.
 
Dieter Bratko
-----Ursprüngliche Nachricht-----
Von: iaik-jce-owner@iaik.tu-graz.ac.at [mailto:iaik-jce-owner@iaik.tu-graz.ac.at]Im Auftrag von Catalin
Gesendet: Sonntag, 21. Mai 2000 15:00
An: iaik-jce@iaik.tu-graz.ac.at
Betreff: [iaik-jce] Error while decoding certificates from JKS keystore

Hi,
 
I need to convert a certificate from a keystore (JKS Keystore), generated with keytool (the certificate is generated with keytool -genkey -keysize 512 .....).
I get the certificate into a java.security.cert.X509Certificate, and the encode it (with getEncoded method), and from the encoded byte array I try to instantiate a iaik.x509.x509certificate.
I get the following exception: Unimplemented algorithm: 1.2.840.10040.4.1
This is strange, because the algorithm is SHA1withDSA, implemented by Sun (and, by the way, this algorithm is 1.2.840.10040.4.3). 
Am I doing something wrong, or is this a bug in IAIK(maybe when reading the algorithm ID)?
 
Thank you
Catalin
 

smime.p7s