Re: initVerify in JSS

Mon, 26 Nov 2001 14:11:51 -0800 

I believe your JSS doc calls for a Sun public key: It shows public void
initVerify(java.security.PublicKey publicKey)...
Incorrect doc?

-- P

"Jamie Nicolson" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> OK. The public key is obtained from Sun's classes. It is not an NSS key.
>
> For now, the way to create an NSS/PKCS #11 public key is to call
> PK11PubKey.fromRaw(). I believe you can call getEncoded() on the key you
> got from the Sun class, and pass that as the raw key to fromRaw().
>
> Patrick wrote:
>
> > The public key is gotten from the certificate stored in certFile (in
> > base64 encoding). So the logic looks something like:
> >
> >
> >
> > Signature sig =
> >
nssToken.getSignatureContext(SignatureAlgorithm.RSASignatureWithSHA1Digest);
> >
> > InputStream inStream = new FileInputStream(certFile);
> > java.security.cert.CertificateFactory cf =
> > java.security.cert.CertificateFactory.getInstance("X.509");
> > java.security.PublicKey pubKey =
> >
((java.security.cert.X509Certificate)cf.generateCertificate(inStream)).getPu
blicKey();
> >
> > sig.initVerify(pubKey);
> >
> >
> >
> > -- P
> >
> >     "Jamie Nicolson" <[EMAIL PROTECTED]
> >     <mailto:[EMAIL PROTECTED]> > wrote in message
> >     [EMAIL PROTECTED]">news:[EMAIL PROTECTED] ...
> >
> >     Patrick wrote:
> >
> >>Yes it is. The private key is my NSS internal key token (NSS cert db).
> >>
> >>-- P
> >>
> >     OK, the private key is on an NSS token. But where did the public
> >     key come from?
> >
> >>
> >>
> >>"Jamie Nicolson" <[EMAIL PROTECTED]> <mailto:[EMAIL PROTECTED]>
wrote in message
> >>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> >>
> >>>Well, is it a PKCS #11 public key? JSS can only work with keys that it
> >>>possesses. You can't give it a public key you created with the JDK.
> >>>
> >>>Patrick wrote:
> >>>
> >>>>I get this error when doing a sig.initVerify(pubKey), using JSS'
> >>>>
> >>Signature:
> >>
> >>>>java.security.InvalidKeyException: publicKey is not a PKCS #11 public
key
> >>>>
> >>>>at
> >>>>
>
>>>org.mozilla.jss.pkcs11.PK11Signature.engineInitVerify(PK11Signature.java:
17
> >>>
> >>2
> >>
> >>>>)
> >>>>
> >>>>at org.mozilla.jss.crypto.Signature.initVerify(Signature.java:95)
> >>>>
> >>>>when I use Sun's java.security.Signature, I don't get that error...
> >>>>
> >>>>-- P
> >>>>
> >>>>
> >>>>
> >>>
> >>
> >>
> >
> >
>
>

Reply via email to