[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [iaik-ssl] Third party provider with isasilk



Hi Jose Carlos,
to use your own jce provider you have to implement a subclass of the iaik
security provider class(iaik.security.ssl.SecurityProvider). You have to set
an instance of your class with the static "setSecurityProvider" function.
The SecurityProvider has several functions like "getMac, getCipher,
getMessageDigest" which are called whenever such an object is needed by the
isasilk implementation. 
There are two existing implementations.
Tthe "iaikprovider" is used when an installation of IAIK JCE is detected.
This provider is hardcoded to use the IAIK JCE. 
The default implementation of iaik.security.ssl.SecurityProvider is used if
the IAIK is not installed in the java.security file. This provider uses the
JCE provider as listed in the java.security file, or a fixed provider passed
to the constructor.

The security provider model is described in the isasilk documentation.
jcewww.iaik.at (products/isasilk/documentation/security provider)

Michael

--
Michael SchlŘter
secunet 
Security Networks AG       		Tel   :  +49(2054)123-223
Im Teelbruch 116           		Fax   : +49(2054)123-123

D-45219 Essen              		E-Mail: schlueter@secunet.de


> -----Original Message-----
> From: Jose Carlos dos Santos Danado [mailto:jose.danado@isp.novis.pt]
> Sent: Friday, June 29, 2001 1:43 PM
> To: V.RaviSankar; iaik-ssl@iaik.at
> Subject: Re: [iaik-ssl] Third party provider with isasilk
> 
> 
> Hi,
> 
> Just to make things more clear, what I want is that isasilk 
> doesn't call
> something like:
> 
> Cipher cipher1 = 
> Cipher.getInstance("Rijndael/ECB/PKCS5Padding","IAIK");
> Signature sign1 =Signature.getInstance("MD5","IAIK")
> 
> but rather
> 
> Cipher cipher2 = Cipher.getInstance("Rijndael/ECB/PKCS5Padding");
> Signature sign2 = Signature.getInstance("MD5")
> 
> so that the instances are provided by the first registered 
> provider that
> is able to supply them.
> 
> I don't have access to the code in isasilk, but my experiments make me
> suspect that it does something like cipher1 and sign1 above.
> 
> So, Ravi's suggestions make perfect sense *IF* I'm able to control the
> calls, which is not the case here.
> 
> Hope things are more clear now...
> 
> Thanks,
> 
> Jose Carlos
> 
> "V.RaviSankar" wrote:
> > 
> > Call Ur provider name also when u create a Cipher Instance..
> > Ex:
> > Cipher cipher =
> > Cipher.getInstance("Rijndael/ECB/PKCS5Padding","MyProvider");
> > Signature sign =Signature.getInstance("MD5","MyProvider");
> > ravi
> > 
> > -----Original Message-----
> > From: Jose Carlos dos Santos Danado 
[mailto:jose.danado@isp.novis.pt]
> Sent: Thursday, June 28, 2001 7:40 PM
> To: iaik-ssl@iaik.at
> Subject: [iaik-ssl] Third party provider with isasilk
> 
> Hi,
> 
> I'm developping an SSL Server to be used for a particular purpose. In
> that server I want to use iaik-jce and isasilk but i also want to use my
> own provider. The problem is that I always have iaik provider doing all
> ciphers instead of my own. In the begining of the application I've
> registred my provider as the first one to be used. I really need my
> provider to perform some particular operations such as RSA cipher and
> Signature, MD5 digests, SHA digests, and some others.
> 
> Is there a way for me to make isasilk just use iaik mthods that are not
> available from my provider, or does it always use iaik for some
> purposes, regardless of the provider registration order?
> 
> Thanks.
> 
> Jose Carlos
> --
> JosÚ Carlos dos Santos Danado      jose.danado@isp.novis.pt
> Novis - ISP - Trusted Services     http://www.novis.pt
> Praša Duque de Saldanha, 1 - 7║    Tel: +351 2 1010 43 06
> 1050-094 Lisboa - Portugal
> --
> Mailinglist-archive at
> http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html
> 
> To unsubscribe send an email to listserv@iaik.at with the folowing
> content: UNSUBSCRIBE iaik-ssl
> 

-- 
JosÚ Carlos dos Santos Danado      jose.danado@isp.novis.pt
Novis - ISP - Trusted Services     http://www.novis.pt
Praša Duque de Saldanha, 1 - 7║    Tel: +351 2 1010 43 06
1050-094 Lisboa - Portugal
--
Mailinglist-archive at
http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content:
UNSUBSCRIBE iaik-ssl
 
--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl