Re: [Trustedjava-support] Question about XKMS

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

alberto fernandez castillo wrote:
> Hello, I’m a student from Spain. I’m working with Tommy Lindberg´s
> XKMS 2.0 server with a client that I’ve designed with the package that
> I found in IAIK page (http://trustedjava.sourceforge.net/index.php?item=xkms/readme).
> The package has the private key that I need, but I can’t obtain it with
> java to send it to the server, in the package there are a public key, a
> private key and some certificates, but when I send a private key with a
> ProofOfPossesion to the server, for example to the Reissue service
> (this service always require the ProofOfPossesion), it always generates
> an error.
>
> The code that I use is the next one:
> Security.addProvider(new BouncyCastleProvider());

IAIK XKMS requires IAIK-JCE as provider as documented in the README,
BouncyCastle is not supported/tested, if you want to use BC you are on
your own.

A demo code to import a private key would be (see also examples in IAIK-JCE docs):

  /**
   * Reads private key from PKCS8 file.
   */
  public static PrivateKey readPrivateKeyFromFile(String filename, String password) throws Exception {
    EncryptedPrivateKeyInfo epk = null;;
    epk = new EncryptedPrivateKeyInfo(new FileInputStream(filename));
    epk.decrypt(password);
    return epk.getPrivateKeyInfo();
  }

HTH

-- 
Martin Pirker
IAIK, TU Graz