[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [iaik-ssl] jdk1.4 beta 3 and iaik problems




Most likely the Sun JSSE Provider is screwing it up. Try experimenting
eliminating various security providers from the
$JAVA_HOME/jre/lib/security/java.security file.

Keep in mind that the "preference" numbers must be from 1 to n (as ooposed
to 0), and cannot have any gaps, (i.e. 1, then 3, without 2).

Cheers,
-Polar



 On Wed, 7 Nov 2001, Jason
Novotny wrote:

>
> I'm having problems using IAIK with the JDK 1.4 beta 3 for linux from
> java.sun.com
>
> Here's my test program that works with JDK 1.3 but not with JDK 1.4:
>
> import java.io.*;
> import java.security.*;
> import java.security.cert.*;
> import java.io.*;
> import java.net.*;
> import java.util.*;
>
> import iaik.security.ssl.*;
> import iaik.pkcs.pkcs10.*;
>
> public class Test {
>
>     static {
>  installProvider();
>     }
>
>     public static void main(String[] args) {
>
>  try {
>      Signature ssl_rsa = Signature.getInstance("SSL/RSA");
>  } catch (java.security.NoSuchAlgorithmException e) {
>      e.printStackTrace();
>  }
>
>     }
>
>     public synchronized static void installProvider() {
>      Provider provider = new iaik.security.provider.IAIK();
>      String providerName = provider.getName();
>      java.security.Security.insertProviderAt(provider, 0);
>      Provider[] providers = Security.getProviders();
>      for (int i = 0; i < providers.length; i++) {
>           System.out.println("providers= " + providers[i].getInfo());
>      }
>     }
>
> }
>
> Output from 1.3 gives me:
>
> providers= SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5
> digests; SecureRandom; X.509 certificates; JKS keystore)
> providers= SUN's provider for RSA signatures
> providers= IAIK Security Provider v2.61
>
> and output from jdk 1.4 gives me:
>
> providers= SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5
> digests; SecureRandom; X.509 certificates; JKS keystore; PKIX
> CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores)
> providers= Sun JSSE provider(implements RSA Signatures, PKCS12, SunX509
> key/trust factories, SSLv3, TLSv1)
> providers= SUN's provider for RSA signatures
> providers= SunJCE Provider (implements DES, Triple DES, Blowfish, PBE,
> Diffie-Hellman, HMAC-MD5, HMAC-SHA1)
> providers= Sun (Kerberos v5)
> providers= IAIK Security Provider v2.61
> java.security.NoSuchAlgorithmException: Algorithm RSA not available
>  at javax.crypto.SunJCE_b.a(DashoA6275)
>  at javax.crypto.Cipher.getInstance(DashoA6275)
>  at iaik.security.rsa.SSLRSASignature.<init>(Unknown Source)
>  at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
> Method) at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:42)
>
>  at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:30)
>
>  at java.lang.reflect.Constructor.newInstance(Constructor.java:277)
>  at java.lang.Class.newInstance0(Class.java:301)
>  at java.lang.Class.newInstance(Class.java:254)
>  at java.security.Security.doGetImpl(Security.java:1126)
>  at java.security.Security.doGetImpl(Security.java:1073)
>  at java.security.Security.getImpl(Security.java:1034)
>  at java.security.Signature.getInstance(Signature.java:172)
>  at Test.main(Test.java:20)
>
>
>     Thanks, Jason
>
> --
> Jason Novotny                jdnovotny@lbl.gov
> Grid Technology Group        (510) 486-8662
> Lawrence Berkeley Laboratory http://www-itg.lbl.gov/Grid
>
>
>
> --
> Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html
>
> To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl
>
>

-------------------------------------------------------------------
Polar Humenn                  Adiron, LLC
mailto:polar@adiron.com       2-212 CST
Phone: 315-443-3171           Syracuse, NY 13244-4100
Fax:   315-443-4745           http://www.adiron.com

--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl