| Gopi,
TSIK was designed to provide simplified security APIs to
avoid these kind of decisions being taken by the programmer and instead depend
on the provider order supplied programmatically via addProvider() or via the
java.security file. Do you find that doesn't work for you?
hans
Hi,
I have a question
on TSIK and JCE provider customization within JSSE. ; If I want to use IBMJCE
implementation programmatically within Sun JRE to sign xml using TSIK like
follows:
KeyFactory
keyFactory = KeyFactory.getInstance("RSA",
"IBMJCE"); ;
PrivateKey
privateKey = keyFactory.generatePrivate(privKeySpec);
CertificateFactory
certFactory = CertificateFactory.getInstance("X.509",
"IBMJCE");
Certificate
cert=(X509Certificate)certFactory.generateCertificate(certStream);
...
//TSIK API
Signer signer =
new Signer(applicationXML, privateKey, cert);
..
signer.sign(..);
Unlike JSSE API calls for
PrivateKey and Certificate, TSIK API for Signer is not taking the custom
JCE provider name in its call. ; How am I sure that TSIK is
using IBMJCE hash implementation and NOT the default SunJCE hash
implemenatation?
Thanks
Gopi
.
|
verisign.c