You should continue following the code, but IIRC, internally "MD5andSHA1withRSA" does a Signature.getInstance("NONEwithRSA"), and then MessageDigest.getInstance("MD5") and ("SHA").
As long as your provider provides those algorithms and is prioritized ahead of other providers which do provide them, you should get them.
Note this is an implementation detail which could change, but AFAIK Oracle isn't doing any development in the Open 6 tree.
brad On 5/20/2014 7:53 AM, Marcin Kaszubski wrote:
Hi, I want to use private key stored in client TPM to establish MTLS (so both client and server will be verified) connection with server. So during ssl handshake this key will be used to sign some data. I wanted to write my own provider and implement required services to achieve it. Unfortunately during code review of jdk i found a problem. During sign operation on client side provider seems to be hardcoded. http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/6-b14/sun/security/ssl/RSASignature.java#82 How can I use my own providers and its implementation of Signature to achieve it? Is there a different implementation of SSLSocket which my be used to achieve it? This is calling stack: http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/6-b14/sun/security/ssl/ClientHandshaker.java#734 http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/6-b14/sun/security/ssl/HandshakeMessage.java#1262 http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/6-b14/sun/security/ssl/RSASignature.java#82 Best Regards, Marcin
