[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: Fwd: AW: Re: Fwd: AW: [iaik-jce] problem withKeyAndCertificateclass



Hello,

when parsing the SubjectPublicKeyInfo field of a X.509 certificate a key
factory for the given algorithm id is required to create the public key from
its encoding. Since IAIK does not have a KeyFactory for md5/rsa the key
cannot be created. The most simple way is to allow the RSA key factory also
to be used for creating a key from its encoding if the algorithm id
specifies md5/rsa. Thatīs what I meant when saying that we may "register a
key factory for RSA based signature algorithms"

Regards,
Dieter Bratko


> -----UrsprŁngliche Nachricht-----
> Von: iaik-jce-owner@iaik.tu-graz.ac.at
> [mailto:iaik-jce-owner@iaik.tu-graz.ac.at]Im Auftrag von Steffen Haase
> Gesendet: Montag, 4. Dezember 2000 11:24
> An: iaik-jce@iaik.at
> Betreff: Re: Fwd: AW: Re: Fwd: AW: [iaik-jce] problem
> withKeyAndCertificateclass
>
>
> Hi,
>
> in my oppinion it is not the right way to register a key factory for RSA
> based signature algorithms, but using a key factory for RSA in this case
> and then using the key for initializing the signature algorithm.
>
> Regards
>
> Steffen
>
>
> >>>Delivered-To: hoppel@frolic.celocom.de
> >>>From: "SUPPORT-JCE" <jce@iaik.at>
> >>>To: "Steffen Haase" <hoppel@celocom.de>, <iaik-jce@iaik.at>
> >>>Subject: AW: Re: Fwd: AW: [iaik-jce] problem with
> KeyAndCertificateclass
> >>>Date: Fri, 1 Dec 2000 15:28:23 +0100
> >>>X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
> >>>Importance: Normal
> >>>
> >>>Hello,
> >>>
> >>>sorry, you are right; Key factories for signature algorithms MD5/RSA,
> >>>SHA/RSA,... are not supported currently, only "RSA" (JCA spec
> standard name)
> >>>key factory. Although RFC2459 expects the rsaEncryption OID in the
> >>>subjectPublicKeyInfo for RSA keys  we also might register key
> factories for
> >>>RSA based signature algorithms if actually used in practice.
> >>>
> >>>Regards,
> >>>Dieter Bratko
> >>>
> >>>-----UrsprŁngliche Nachricht-----
> >>>Von: iaik-jce-owner@iaik.tu-graz.ac.at
> >>>[mailto:iaik-jce-owner@iaik.tu-graz.ac.at]Im Auftrag von Steffen Haase
> >>>Gesendet: Donnerstag, 30. November 2000 11:47
> >>>An: iaik-jce@iaik.at
> >>>Betreff: Fwd: Re: Fwd: AW: [iaik-jce] problem with
> >>>KeyAndCertificateclass
> >>>
> >>>
> >>>Hello again,
> >>>
> >>>Yes, I'm sure that I did!!! ;)
> >>>Please see the code-example below. As I described before the problem is
> >>>that a KeyFactory for the algorithm "MD5/RSA" cannot be instantiated.
> >>>
> >>>
> >>>import iaik.security.provider.*;
> >>>import iaik.utils.*;
> >>>import java.io.*;
> >>>import javax.crypto.*;
> >>>import java.security.*;
> >>>
> >>>
> >>>public class CertTest
> >>>{
> >>>      public static void main( String args[] )
> >>>      {
> >>>         try
> >>>          {
> >>>              IAIK.addAsProvider( true );
> >>>             KeyAndCertificate key_and_cert= new
> >>>AndCertificate(
> >>>"./Certs/Root.pem" );
> >>>          }
> >>>         catch( Exception e )
> >>>          {
> >>>              e.printStackTrace();
> >>>              System.exit( 1 );
> >>>          }
> >>>      }
> >>>}
> >>>
> >>>
> >>>Steffen
> >>>
> >>>
> >>> >>>Delivered-To: hoppel@frolic.celocom.de
> >>> >>>From: "Dieter Bratko" <Dieter.Bratko@iaik.at>
> >>> >>>To: "Steffen Haase" <hoppel@celocom.de>, <iaik-jce@iaik.at>
> >>> >>>Date: Tue, 28 Nov 2000 18:21:45 +0100
> >>> >>>X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
> >>> >>>Importance: Normal
> >>> >>>Subject: AW: [iaik-jce] problem with KeyAndCertificate class
> >>> >>>Sender: iaik-jce-owner@iaik.tu-graz.ac.at
> >>> >>>
> >>> >>>Hello,
> >>> >>>
> >>> >>>Are you sure that you have added the IAIK provider
> respectively not
> >>> using
> >>> >>>iaik_jce.jar only?
> >>> >>>
> >>> >>>Regards,
> >>> >>>Dieter Bratko
> >>> >>>
> >>> >>>-----UrsprŁngliche Nachricht-----
> >>> >>>Von: iaik-jce-owner@iaik.tu-graz.ac.at
> >>> >>>[mailto:iaik-jce-owner@iaik.tu-graz.ac.at]Im Auftrag von
> Steffen Haase
> >>> >>>Gesendet: Freitag, 24. November 2000 15:23
> >>> >>>An: iaik-jce@iaik.at
> >>> >>>Betreff: [iaik-jce] problem with KeyAndCertificate class
> >>> >>>
> >>> >>>
> >>> >>>Hello,
> >>> >>>
> >>> >>>we try to use the iaik.utils.KeyAndCertificate class. By
> invoking the
> >>> >>>contructor with a .PEM or .DER certificate file as parameter the
> >>> following
> >>> >>>exception occurs.
> >>> >>>
> >>> >>>java.io.IOException: Unable to decode private key:
> >>> >>>java.security.InvalidKeyException: PublicKey algorithm not
> implemented:
> >>> >>>md5WithRSAEncryption
> >>> >>>
> >>> >>>I tried to find out the problem with by going through the jce
> >>> sources. It
> >>> >>>seems that the instanciation of the KeyFactory fails. This
> occurs in the
> >>> >>>the iaik.asn1.structures.AlgorithmID class in the
> geKeyFactoryInstance()
> >>> >>>method.
> >>> >>>
> >>> >>>Can anybody verify the problem or has anybody a solution?
> >>> >>>
> >>> >>>Thanks in Advance.
> >>> >>>
> >>> >>>Steffen
> >>> >>>+--- This message is printed on 100% recycled electrons ---+
> >>> >>>Steffen Haase                       mailto:hoppel@celocom.de
> >>> >>>Java SmartCard Development         http://www.celocom.com
> >>> >>>                                     http://www.java-club.de
> >>> >>>Celo Communications GmbH - The provider of secure e-business
> >>> >>>Weissenfelser Str. 46a
> >>> >>>D-06217 Merseburg
> >>> >>>+--------------- cÍlo, ‚vi, ‚tum, (latin) 1 ---------------+
> >>> >>>
> >>> >>>--
> >>> >>>Mailinglist-archive at
> >>> >>>http://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html
> >>> >>>
> >>> >>>To unsubscribe send an email to listserv@iaik.at with the folowing
> >>> content:
> >>> >>>UNSUBSCRIBE iaik-jce
> >>> >>>
> >>> >>>
> >>> >>
> >>> >
> >>>
> >>>+--- This message is printed on 100% recycled electrons ---+
> >>>Steffen Haase                       mailto:hoppel@celocom.de
> >>>Java SmartCard Development         http://www.celocom.com
> >>>                                     http://www.java-club.de
> >>>Celo Communications GmbH - The provider of secure e-business
> >>>Weissenfelser Str. 46a
> >>>D-06217 Merseburg
> >>>+--------------- cÍlo, ‚vi, ‚tum, (latin) 1 ---------------+
> >>>
> >>>--
> >>>Mailinglist-archive at ht
> >>>tp://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html
> >>>
> >>>To unsubscribe send an email to listserv@iaik.at with the
> folowing content:
> >>>UNSUBSCRIBE iaik-jce
> >
>
> +--- This message is printed on 100% recycled electrons ---+
> Steffen Haase                       mailto:hoppel@celocom.de
> Java SmartCard Development         http://www.celocom.com
>                                     http://www.java-club.de
> Celo Communications GmbH - The provider of secure e-business
> Weissenfelser Str. 46a
> D-06217 Merseburg
> +--------------- cÍlo, ‚vi, ‚tum, (latin) 1 ---------------+
>
> --
> Mailinglist-archive at
http://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content:
UNSUBSCRIBE iaik-jce



--
Mailinglist-archive at
http://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content:
UNSUBSCRIBE iaik-jce