[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
AW: [iaik-jce] Error while decoding certificates from JKS keystore
JDK1.2 Sun has changed the algorithmIDs indicating a DSA public key from
22.214.171.124.2.12 to 1.2.840.10040.4.1. So when parsing a cert containing a DSA
public key created from SUN you may get an exception similar to "PublicKey
algorithm not implemented: 1.2.840.10040.4.1". The static registration part of the
only associates one specific object identifier with a particular AlgorithmID. For DSA this is 126.96.36.199.2.12" .
Since your sample uses "1.2.840.10040.4.1"
as OID for DSA, you also have to register this OID for the DSA algorithm by calling the
AlgorithmID(String objectID, String name,
String implementation) constructor. Thereby "objectID" indicates the
OID string in mind, "name" specifies a
name for the algorithm, and
"implementationName" a string constant (e.g. the standard name registered
by the provider) to be used for querying
for an implementaion of the algorithm by
means of the getInstance(..) method:
AlgorithmID("1.2.840.10040.4.1", "DSA", "DSA");
When using IAIK-JCE 2.6 beta this should
not be necessary, since the alternative oid already is registrated by the
I need to convert a certificate from a keystore
(JKS Keystore), generated with keytool (the certificate is generated with
keytool -genkey -keysize 512 .....).
I get the certificate into a
java.security.cert.X509Certificate, and the encode it (with getEncoded
method), and from the encoded byte array I try to instantiate a
I get the following exception: Unimplemented
This is strange, because the algorithm is
SHA1withDSA, implemented by Sun (and, by the way, this algorithm is
Am I doing something wrong, or is this a bug in
IAIK(maybe when reading the algorithm ID)?