Initializing SunPKCS11 for utilization of NSS 3.11.4 capabilities yields the following exception:
java.security.ProviderException: Could not initialize NSS at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:183) at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:90) at test.TripleDESTest.main(TripleDESTest.java:112) Caused by: java.io.IOException: The specified version of NSS is incompatible, 3.7 or later required at sun.security.pkcs11.Secmod.initialize(Secmod.java:190) at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:179) ... 2 more The version I am using is greater than 3.7, despite what the exception says. I am looking to use the FIPS 140-2 certified symmetric key algorithms in this library. I am using the following configuration: name = NSScrypto attributes = compatibility nssLibraryDirectory = ./lib nssDbMode = noDb nssModule = fips I am adding the cryptography provided dynamically with the following code: String configName = "nss.cfg"; Provider cryptoProvider = new sun.security.pkcs11.SunPKCS11 (configName); // exception occurs on this line Security.addProvider(cryptoProvider); Has anyone else run into this issue or have any insight into the problem? If this doesn't work out I will look into direct utilization of JSS. Thanks! -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto