I wonder how is it possible to load symmetric key that is stored inside the NSS DB via JSS API? I tried using KeyStore JCA class (as in org.mozilla.jss.tests.KeyStoreTest example):
KeyStore ks = KeyStore.getInstance("Mozilla-JSS"); but it turns out that JSSProvider doesn't register JSSKeyStoreSpi class at all and therefore "Mozilla-JSS" instance of KeyStore doesn't exist. I tried fixing this by adding the following line to JSSProvider class: put("KeyStore.Mozilla-JSS", "org.mozilla.jss.provider.java.security.JSSKeyStoreSpi"); But even though "getKey" API seemed to work fine, I got the following exception when trying to use this key to init the cipher: encryptCipher.init(Cipher.ENCRYPT_MODE, key, params); # An unexpected error has been detected by Java Runtime Environment: # # EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x19ea4930, pid=17900, tid=10928 # # Java VM: Java HotSpot(TM) Client VM (11.2-b01 mixed mode windows- x86) # Problematic frame: # C [nss3.dll+0x34930] # # An error report file with more information is saved as: # D:\projects\yevgeniyg_EMS_5.8\TG1000\EMS\hs_err_pid17900.log # # If you would like to submit a bug report, please visit: # http://java.sun.com/webapps/bugreport/crash.jsp # The crash happened outside the Java Virtual Machine in native code. # See problematic frame for where to report the bug. # So I wonder if there is some way to load symmetric key stored in the NSS DB via JCA API? I found the similar question in this newsgroup that is almost 2 years old: http://groups.google.com/group/mozilla.dev.tech.crypto/browse_thread/thread/3102368d651d5cb1/92b48da59a16a2cc?lnk=gst&q=jss+keystore#92b48da59a16a2cc - and it seems to suggest using Sun PKCS11 provider with NSS instead. Unfortunately AFAIK one can not mix Sun PKCS11 NSS provider with JSS in the same code - and I'm using JSS API for the rest of my application (due to the limitations in Sun PKCS11 NSS provider) - so this doesn't seem to be a valid alternative to me... Thank you in advance, Alex Agranov -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto