|
Hi,
The password parameter in the KeyStore.getKey() method is ignored by JCAPI, see the method description of JCE implementation class JCAPIKeyStore.engineGetKey() in the JCAPI Javadoc:
http://pheox.com/products/jcapi/javadoc/index.html
The reason for ignoring the parameter is that JCAPI has no control of the protection mechanism of the key since it is exclusively handled by Microsoft's CryptoAPI (MS CAPI). This might be more obvious when you are trying to export a private key from MS CAPI that is password protected. In these occasions, MS CAPI will launch a native GUI password dialog for the user to enter his/her password in order to access the specific private key. This dialog, and the private key decryption mechanism is not available for JCAPI. JCAPI will either receive the private key or an error code if the private key could not be exported through MS CAPI (depending on the user's given password, and if the key is exportable or not).
You can test this yourself by creating a RSA private key in Java and store it in MS CAPI through JCAPI by running the JCAPI example program CreateKeyEntry.java. The shown dialogs (that suggests different protection/security levels) are displayed by MS CAPI and is not known, neither handled, by JCAPI i.e JCAPI will not know of you choose to protect the key with a password or not.
Regards,
Tommy
|
![[Search]](/templates/pheox/images/icon_mini_search.gif){kind=icon}
![[Recent Topics]](/templates/pheox/images/icon_mini_recentTopics.gif){kind=icon}
![[Groups]](/templates/pheox/images/icon_mini_groups.gif){kind=icon}
![[Register]](/templates/pheox/images/icon_mini_register.gif){kind=icon}
![[Login]](/templates/pheox/images/icon_mini_login.gif){kind=icon}
![[Post New]](/templates/pheox/images/icon_minipost_new.gif){kind=icon}
![[Up]](/templates/pheox/images/icon_up.gif){kind=icon}
