Hello,
I have a trouble with using a JCE and multiple contexts. From what I
could have read around here this is probably linked to a classloader
problem. Could you guys help?
Basicaly, I generate a RSA Keypair, then create a certificate and want
to self sign it. Finally i need to store the private key to create a
p12. Here is the code: I am using the IAIK JCE.
KeyPair keyPair;
IAIK IAIKprovider = new IAIK();
Security.insertProviderAt(IAIKprovider, 2);
KeyPairGenerator keyPairGenerator =
KeyPairGenerator.getInstance("RSA", IAIKprovider.getName());
keyPairGenerator.initialize(keySize);
keyPair = keyPairGenerator.generateKeyPair();
X509Certificate cert;
[...]
cert.sign( AlgorithmID.sha1WithRSAEncryption ,keyPair.getPrivate(),
IAIKprovider.getName());
if(!RSAPrivateKey.class.isAssignableFrom(keyPair.getPrivate().getClass())){
error("Generated RSA private key is not of type RSA!");
}
KeyBag keybag = new KeyBag((RSAPrivateKey) keyPair.getPrivate(),
certLabel, certLabel.getBytes());
The problem is that if I have more than one tomcat context using the
same pice of code, the 2nd context to use it triggers the "if" (that
is, without it I get a ClassCastException). Meaning that the generated
private key is not compatible with RSAPrivateKey, while I asked for a
"RSA" key.
I also have the same problem with the other way around:
CertificateFactory certFactory =
CertificateFactory.getInstance("X.509", "IAIK");
Collection certCollection = certFactory.generateCertificates(new
ByteArrayInputStream( certChainBlob.getDatabinary() ));
cert = (X509Certificate)certChain.get(0); //where X509Certificate
being iaik.x509.X509Certificate)
gets a ClassCastException if being the second context to call this code.
Oh, one more important thing: I add the security provider dynamicaly
with a:
Security.insertProviderAt(new IAIK(), 2);
Could someone help me on this?
Thank you,
Lionel
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
