tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Antony Paul <antonypau...@gmail.com>
Subject Re: Gurus! JCE and classloader question
Date Fri, 24 Dec 2004 04:41:41 GMT
May be there are two jar files or unzipped class files of the same
class. Check for it also.

rgds
Antony Paul


On Thu, 23 Dec 2004 16:22:33 +0100, Lionel Pasquier
<lpasquier@omnikles.com> wrote:
> Well, I tried to put the library in common/lib (and I think also for a
> different try, in shared/lib). Usually it is in WEB-INF/lib.
> But the problem occured also.
> 
> I believe that the factory used by the jvm searches for the first
> instance of the JCE. Then it tries to cast it into another instance of
> the lib which is different from the first, but I am not too sure about
> that since I am no expert in Tomcat.
> 
> Have you an explanation or any solution?
> 
> 
> Antony Paul wrote:
> 
> >Where you put the provider jar file ?. WEB-INF/lib ?. Try putting it
> >in shared/lib or common/lib if the same jar file is used by multiple
> >applications.
> >
> >rgds
> >Antony Paul
> >
> >
> >On Thu, 23 Dec 2004 15:01:04 +0530, Antony Paul <antonypaul24@gmail.com> wrote:
> >
> >
> >>Which JCE provider you are using ?
> >>
> >>rgds
> >>Antony Paul
> >>
> >>
> >>On Tue, 21 Dec 2004 20:06:40 +0100, Lionel Pasquier
> >><lpasquier@omnikles.com> wrote:
> >>
> >>
> >>>Hello again!
> >>>
> >>>Any guru around to solve my problem please? :-)
> >>>
> >>>Lionel Pasquier wrote:
> >>>
> >>>
> >>>
> >>>>Hello,
> >>>>
> >>>>I have a trouble with using a JCE and multiple contexts. From what I
> >>>>could have read around here this is probably linked to a classloader
> >>>>problem. Could you guys help?
> >>>>
> >>>>Basicaly, I generate a RSA Keypair, then create a certificate and want
> >>>>to self sign it. Finally i need to store the private key to create a
> >>>>p12. Here is the code: I am using the IAIK JCE.
> >>>>
> >>>>
> >>>>KeyPair keyPair;
> >>>>IAIK IAIKprovider = new IAIK();
> >>>>Security.insertProviderAt(IAIKprovider, 2);
> >>>>KeyPairGenerator keyPairGenerator =
> >>>>KeyPairGenerator.getInstance("RSA", IAIKprovider.getName());
> >>>>keyPairGenerator.initialize(keySize);
> >>>>keyPair = keyPairGenerator.generateKeyPair();
> >>>>X509Certificate cert;
> >>>>[...]
> >>>>cert.sign( AlgorithmID.sha1WithRSAEncryption ,keyPair.getPrivate(),
> >>>>IAIKprovider.getName());
> >>>>if(!RSAPrivateKey.class.isAssignableFrom(keyPair.getPrivate().getClass())){
> >>>>
> >>>>   error("Generated RSA private key is not of type RSA!");
> >>>>}
> >>>>KeyBag keybag = new KeyBag((RSAPrivateKey) keyPair.getPrivate(),
> >>>>certLabel, certLabel.getBytes());
> >>>>
> >>>>
> >>>>The problem is that if I have more than one tomcat context using the
> >>>>same pice of code, the 2nd context to use it triggers the "if" (that
> >>>>is, without it I get a ClassCastException). Meaning that the generated
> >>>>private key is not compatible with RSAPrivateKey, while I asked for a
> >>>>"RSA" key.
> >>>>
> >>>>I also have the same problem with the other way around:
> >>>>CertificateFactory certFactory =
> >>>>CertificateFactory.getInstance("X.509", "IAIK");
> >>>>Collection certCollection = certFactory.generateCertificates(new
> >>>>ByteArrayInputStream(  certChainBlob.getDatabinary() ));
> >>>>cert = (X509Certificate)certChain.get(0); //where X509Certificate
> >>>>being iaik.x509.X509Certificate)
> >>>>gets a ClassCastException if being the second context to call this code.
> >>>>
> >>>>
> >>>>Oh, one more important thing: I add the security provider dynamicaly
> >>>>with a:
> >>>>Security.insertProviderAt(new IAIK(), 2);
> >>>>
> >>>>
> >>>>Could someone help me on this?
> >>>>
> >>>>Thank you,
> >>>>
> >>>>Lionel
> >>>>
> >>>>
> >>>>---------------------------------------------------------------------
> >>>>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> >>>>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> >>>>
> >>>>
> >>>>
> >>>>
> >>>---------------------------------------------------------------------
> >>>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> >>>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> >>>
> >>>
> >>>
> >>>
> >
> >---------------------------------------------------------------------
> >To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> >For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> >
> >
> >
> >
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
>

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message