Hello,
I have a trouble with using a JCE and multiple contexts. From what I could have read around here this is probably linked to a classloader problem. Could you guys help?
Basicaly, I generate a RSA Keypair, then create a certificate and want to self sign it. Finally i need to store the private key to create a p12. Here is the code: I am using the IAIK JCE.
KeyPair keyPair;
IAIK IAIKprovider = new IAIK();
Security.insertProviderAt(IAIKprovider, 2);
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", IAIKprovider.getName());
keyPairGenerator.initialize(keySize);
keyPair = keyPairGenerator.generateKeyPair();
X509Certificate cert;
[...]
cert.sign( AlgorithmID.sha1WithRSAEncryption ,keyPair.getPrivate(), IAIKprovider.getName());
if(!RSAPrivateKey.class.isAssignableFrom(keyPair.getPrivate().getClass())){
error("Generated RSA private key is not of type RSA!");
}
KeyBag keybag = new KeyBag((RSAPrivateKey) keyPair.getPrivate(), certLabel, certLabel.getBytes());
The problem is that if I have more than one tomcat context using the same pice of code, the 2nd context to use it triggers the "if" (that is, without it I get a ClassCastException). Meaning that the generated private key is not compatible with RSAPrivateKey, while I asked for a "RSA" key.
I also have the same problem with the other way around:
CertificateFactory certFactory = CertificateFactory.getInstance("X.509", "IAIK");
Collection certCollection = certFactory.generateCertificates(new ByteArrayInputStream( certChainBlob.getDatabinary() ));
cert = (X509Certificate)certChain.get(0); //where X509Certificate being iaik.x509.X509Certificate)
gets a ClassCastException if being the second context to call this code.
Oh, one more important thing: I add the security provider dynamicaly with a: Security.insertProviderAt(new IAIK(), 2);
Could someone help me on this?
Thank you,
Lionel
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
