[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: [iaik-ssl] jdk1.4 beta 3 and iaik problems



Hello,

JDK1.4 requires a JCE provider to be signed which will the case for
the next release version of IAIK-JCE.
(you may try if it would help to remove sunjce_provider.jar and jce.jar 
 from the ext directory of your JRE)

Regards,
Dieter Bratko

-----Ursprungliche Nachricht-----
Von: iaik-ssl-owner@iaik.tu-graz.ac.at
[mailto:iaik-ssl-owner@iaik.tu-graz.ac.at]Im Auftrag von Jason Novotny
Gesendet: Donnerstag, 08. November 2001 07:24
An: Polar Humenn
Cc: iaik-ssl@iaik.at
Betreff: Re: [iaik-ssl] jdk1.4 beta 3 and iaik problems



    Sadly enough I've tried every permutation of the following included in the java.security with no
success!

    security.provider.1=iaik.security.provider.IAIK
    security.provider.2=sun.security.provider.Sun
    security.provider.3=com.sun.net.ssl.internal.ssl.Provider
    security.provider.4=com.sun.rsajca.Provider
     security.provider.5=com.sun.crypto.provider.SunJCE

    Jason

Polar Humenn wrote:

> Most likely the Sun JSSE Provider is screwing it up. Try experimenting
> eliminating various security providers from the
> $JAVA_HOME/jre/lib/security/java.security file.
>
> Keep in mind that the "preference" numbers must be from 1 to n (as ooposed
> to 0), and cannot have any gaps, (i.e. 1, then 3, without 2).
>
> Cheers,
> -Polar
>
>  On Wed, 7 Nov 2001, Jason
> Novotny wrote:
>
> >
> > I'm having problems using IAIK with the JDK 1.4 beta 3 for linux from
> > java.sun.com
> >
> > Here's my test program that works with JDK 1.3 but not with JDK 1.4:
> >
> > import java.io.*;
> > import java.security.*;
> > import java.security.cert.*;
> > import java.io.*;
> > import java.net.*;
> > import java.util.*;
> >
> > import iaik.security.ssl.*;
> > import iaik.pkcs.pkcs10.*;
> >
> > public class Test {
> >
> >     static {
> >  installProvider();
> >     }
> >
> >     public static void main(String[] args) {
> >
> >  try {
> >      Signature ssl_rsa = Signature.getInstance("SSL/RSA");
> >  } catch (java.security.NoSuchAlgorithmException e) {
> >      e.printStackTrace();
> >  }
> >
> >     }
> >
> >     public synchronized static void installProvider() {
> >      Provider provider = new iaik.security.provider.IAIK();
> >      String providerName = provider.getName();
> >      java.security.Security.insertProviderAt(provider, 0);
> >      Provider[] providers = Security.getProviders();
> >      for (int i = 0; i < providers.length; i++) {
> >           System.out.println("providers= " + providers[i].getInfo());
> >      }
> >     }
> >
> > }
> >
> > Output from 1.3 gives me:
> >
> > providers= SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5
> > digests; SecureRandom; X.509 certificates; JKS keystore)
> > providers= SUN's provider for RSA signatures
> > providers= IAIK Security Provider v2.61
> >
> > and output from jdk 1.4 gives me:
> >
> > providers= SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5
> > digests; SecureRandom; X.509 certificates; JKS keystore; PKIX
> > CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores)
> > providers= Sun JSSE provider(implements RSA Signatures, PKCS12, SunX509
> > key/trust factories, SSLv3, TLSv1)
> > providers= SUN's provider for RSA signatures
> > providers= SunJCE Provider (implements DES, Triple DES, Blowfish, PBE,
> > Diffie-Hellman, HMAC-MD5, HMAC-SHA1)
> > providers= Sun (Kerberos v5)
> > providers= IAIK Security Provider v2.61
> > java.security.NoSuchAlgorithmException: Algorithm RSA not available
> >  at javax.crypto.SunJCE_b.a(DashoA6275)
> >  at javax.crypto.Cipher.getInstance(DashoA6275)
> >  at iaik.security.rsa.SSLRSASignature.<init>(Unknown Source)
> >  at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
> > Method) at
> > sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:42)
> >
> >  at
> > sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:30)
> >
> >  at java.lang.reflect.Constructor.newInstance(Constructor.java:277)
> >  at java.lang.Class.newInstance0(Class.java:301)
> >  at java.lang.Class.newInstance(Class.java:254)
> >  at java.security.Security.doGetImpl(Security.java:1126)
> >  at java.security.Security.doGetImpl(Security.java:1073)
> >  at java.security.Security.getImpl(Security.java:1034)
> >  at java.security.Signature.getInstance(Signature.java:172)
> >  at Test.main(Test.java:20)
> >
> >
> >     Thanks, Jason
> >
> > --
> > Jason Novotny                jdnovotny@lbl.gov
> > Grid Technology Group        (510) 486-8662
> > Lawrence Berkeley Laboratory http://www-itg.lbl.gov/Grid
> >
> >
> >
> > --
> > Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html
> >
> > To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl
> >
> >
>
> -------------------------------------------------------------------
> Polar Humenn                  Adiron, LLC
> mailto:polar@adiron.com       2-212 CST
> Phone: 315-443-3171           Syracuse, NY 13244-4100
> Fax:   315-443-4745          http://www.adiron.com
>
> --
> Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html
>
> To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl
>

--
Jason Novotny                jdnovotny@lbl.gov
Grid Technology Group        (510) 486-8662
Lawrence Berkeley Laboratory http://www-itg.lbl.gov/Grid



--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl
 


--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl