tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lionel Pasquier <>
Subject JCE and classloader question
Date Fri, 17 Dec 2004 13:31:51 GMT

I have a trouble with using a JCE and multiple contexts. From what I 
could have read around here this is probably linked to a classloader 
problem. Could you guys help?

Basicaly, I generate a RSA Keypair, then create a certificate and want 
to self sign it. Finally i need to store the private key to create a 
p12. Here is the code: I am using the IAIK JCE.

KeyPair keyPair;
IAIK IAIKprovider = new IAIK();
Security.insertProviderAt(IAIKprovider, 2);
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", 
keyPair = keyPairGenerator.generateKeyPair();
X509Certificate cert;
cert.sign( AlgorithmID.sha1WithRSAEncryption ,keyPair.getPrivate(), 
    error("Generated RSA private key is not of type RSA!");
KeyBag keybag = new KeyBag((RSAPrivateKey) keyPair.getPrivate(), 
certLabel, certLabel.getBytes());

The problem is that if I have more than one tomcat context using the 
same pice of code, the 2nd context to use it triggers the "if" (that is, 
without it I get a ClassCastException). Meaning that the generated 
private key is not compatible with RSAPrivateKey, while I asked for a 
"RSA" key.

I also have the same problem with the other way around:
CertificateFactory certFactory = CertificateFactory.getInstance("X.509", 
Collection certCollection = certFactory.generateCertificates(new 
ByteArrayInputStream(  certChainBlob.getDatabinary() ));
cert = (X509Certificate)certChain.get(0); //where X509Certificate being 
gets a ClassCastException if being the second context to call this code.

Oh, one more important thing: I add the security provider dynamicaly with a:
Security.insertProviderAt(new IAIK(), 2);

Could someone help me on this?

Thank you,


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message