alex.agra...@gmail.com wrote:
I wonder how is it possible to load symmetric key that is stored inside the NSS DB via JSS API? I tried using KeyStore JCA class (as in org.mozilla.jss.tests.KeyStoreTest example): KeyStore ks = KeyStore.getInstance("Mozilla-JSS"); but it turns out that JSSProvider doesn't register JSSKeyStoreSpi class at all and therefore "Mozilla-JSS" instance of KeyStore doesn't exist. I tried fixing this by adding the following line to JSSProvider class: put("KeyStore.Mozilla-JSS", "org.mozilla.jss.provider.java.security.JSSKeyStoreSpi"); But even though "getKey" API seemed to work fine, I got the following exception when trying to use this key to init the cipher:
This is not supported: http://www.mozilla.org/projects/security/pki/jss/provider_notes.html#not-supported
not using the JCA API/Mozilla-JSS provider but you can use JSS's KeyManager classencryptCipher.init(Cipher.ENCRYPT_MODE, key, params); # An unexpected error has been detected by Java Runtime Environment: # # EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x19ea4930, pid=17900, tid=10928 # # Java VM: Java HotSpot(TM) Client VM (11.2-b01 mixed mode windows- x86) # Problematic frame: # C [nss3.dll+0x34930] # # An error report file with more information is saved as: # D:\projects\yevgeniyg_EMS_5.8\TG1000\EMS\hs_err_pid17900.log # # If you would like to submit a bug report, please visit: # http://java.sun.com/webapps/bugreport/crash.jsp # The crash happened outside the Java Virtual Machine in native code. # See problematic frame for where to report the bug. # So I wonder if there is some way to load symmetric key stored in the NSS DB via JCA API?
http://www.mozilla.org/projects/security/pki/jss/javadoc/org/mozilla/jss/SecretDecoderRing/KeyManager.html#lookupKey(org.mozilla.jss.crypto.EncryptionAlgorithm,%20byte[])Now that NSS 3.12 has the Certificate and Key shareable database I need to revisit Mozilla-JSS provider
supporting JCA KeyStore. -glen
smime.p7s
Description: S/MIME Cryptographic Signature
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto