If you take a look at the source code for org.mozilla.jss.provider.java.security.JSSSignatureSpi
you can see how does JSS use private key for signing, basically: CryptoToken owningToken = privKeyByCert.getOwningToken(); Signature signatureContext = owningToken.getSignatureContext(SignatureAlgorithm.RSASignatureWithSHA1Digest); signatureContext.initSign(privKeyByCert); byte[] clearText = "tosign".getBytes(); signatureContext.update(clearText); byte[] signedBytes = signatureContext.sign(); On Friday, October 8, 2010 2:57:23 PM UTC-5, Felix Alejandro Prieto Carratalá wrote: > Hi Jean-Marc, > > > That line is commented because previously I handle the privatekey > with findPrivKeyByCert, so that is only for information purpose and > the privatekey exists. > > > That code works with a privatekey stored in pkcs12 file, so i think > that the problem is with JSS and its philosophy of > "privatekeys are'nt accessible". > > > How can i use that privatekey for signing something if always its null? > > > Thanks in advanced... > Felix A -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto