tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lionel Pasquier <lpasqu...@omnikles.com>
Subject JCE and classloader question
Date Fri, 17 Dec 2004 13:31:51 GMT
Hello,

I have a trouble with using a JCE and multiple contexts. From what I 
could have read around here this is probably linked to a classloader 
problem. Could you guys help?

Basicaly, I generate a RSA Keypair, then create a certificate and want 
to self sign it. Finally i need to store the private key to create a 
p12. Here is the code: I am using the IAIK JCE.


KeyPair keyPair;
IAIK IAIKprovider = new IAIK();
Security.insertProviderAt(IAIKprovider, 2);
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", 
IAIKprovider.getName());
keyPairGenerator.initialize(keySize);
keyPair = keyPairGenerator.generateKeyPair();
X509Certificate cert;
[...]
cert.sign( AlgorithmID.sha1WithRSAEncryption ,keyPair.getPrivate(), 
IAIKprovider.getName());
if(!RSAPrivateKey.class.isAssignableFrom(keyPair.getPrivate().getClass())){
    error("Generated RSA private key is not of type RSA!");
}
KeyBag keybag = new KeyBag((RSAPrivateKey) keyPair.getPrivate(), 
certLabel, certLabel.getBytes());


The problem is that if I have more than one tomcat context using the 
same pice of code, the 2nd context to use it triggers the "if" (that is, 
without it I get a ClassCastException). Meaning that the generated 
private key is not compatible with RSAPrivateKey, while I asked for a 
"RSA" key.

I also have the same problem with the other way around:
CertificateFactory certFactory = CertificateFactory.getInstance("X.509", 
"IAIK");
Collection certCollection = certFactory.generateCertificates(new 
ByteArrayInputStream(  certChainBlob.getDatabinary() ));
cert = (X509Certificate)certChain.get(0); //where X509Certificate being 
iaik.x509.X509Certificate)
gets a ClassCastException if being the second context to call this code.


Oh, one more important thing: I add the security provider dynamicaly with a:
Security.insertProviderAt(new IAIK(), 2);


Could someone help me on this?

Thank you,

Lionel


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message