[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [iaik-jce] Applet Edition JCE: DEREncoder exception



Hi Greg,
 
That's right, I did use that constructor:
 
     SignerInfo signerInfo = new SignerInfo(new IssuerAndSerialNumber(X509cert), AlgorithmID.sha, privateK);
 
So is the problem to do with my using a DSA certificate?   I tried setting the AlgorithmID to dsaWithSha(there are three different algorithmID's for this listed)
 
Is there a solution for this using the DSA cert, or do I need to use an RSA cert, or is there a solution at all?  It seems like a bit of a catch22 if there is no solution, the Applet Edition JCE only allows you to create a DSA certificate, yet doesn't support signing with this cert...
 
Any ideas?
 
Cheers,
 
Kevin
-----Original Message-----
From: Greg Stark [mailto:gstark@ethentica.com]
Sent: Saturday, September 09, 2000 5:10 PM
To: Kevin Crosbie
Subject: Re: [iaik-jce] Applet Edition JCE: DEREncoder exception

The signing algorithm is also described as the "digest encryption algorithm" in the JCE documentation and various standards such as PKCS#7 and, unfortunately, JCE2.6 claims to only support RSA for this. The algorithm is set in the SignerInfo structure of the SignedData object, see the iaik.pkcs.pkcs7.SignerInfo class. I am curious which constructor you used for this class. I'll bet it was the
 
public SignerInfo(IssuerAndSerialNumber issuerAndSerialNumber,  AlgorithmID digestAlgorithm,   PrivateKey privateKey)
 
constructor. I think these constructors should throw an UnsupportedAlgorithm exception in cases like yours, but they don't.
 
 
Greg Stark, gstark@ethentica.com
Chief Security Architect
Ethentica, Inc.
www.ethentica.com
 
 
----- Original Message -----
From: Kevin Crosbie
 
To: iaik-jce@iaik.at
Sent: Friday, September 08, 2000 10:16 PM
Subject: [iaik-jce] Applet Edition JCE: DEREncoder exception

Hi,
 
I have written a signed applet which creates a DSA certificate, stores it on disk, and signs data with it.
 
When I call the SignedData.getEncoded(), I get the following exception:
 
java.lang.RuntimeException: Error from EncodeListener: Unable to encrypt digest: Cipher::getInstance(String) - no Cipher could be found for this algorithm - RSA/ECB/PKCS1Padding - amongst any of the providers.
 at iaik/asn1/DerCoder.encode
 at iaik/asn1/DerCoder.encodeTo
 at iaik/asn1/ConstructedType.encode
 at iaik/asn1/ASN1Object.encodeObject
 at iaik/asn1/DerCoder.encodeTo
 at iaik/asn1/DerCoder.encodeTo
 at iaik/pkcs/pkcs7/SignedData.getEncoded
 at IaikApplet.engineSignData
 at IaikApplet.signData
 at IaikApplet$HandleButton.actionPerformed
 at java/awt/Button.processActionEvent
 at java/awt/Button.processEvent
 at java/awt/Component.dispatchEventImpl
 at java/awt/Component.dispatchEvent
 at java/awt/EventDispatchThread.run
 
 
I don't know where you can set the encryption type, I figured if the cert was DSA it should sign using DSA.   Is this exception there because this is the Applet edition, as I know that it does not implement everything, and I know it does not implement RSA(does it??)
 
Can anyone tell me a workaround?
 
Thanks,
 
Kevin