Signing operation on client side during SSL Handshake
Marcin Kaszubski
mkaszub at tlen.pl
Tue May 20 14:53:24 UTC 2014
Hi,
I want to use private key stored in client TPM to establish MTLS (so both client and server will be verified) connection with server. So during ssl handshake this key will be used to sign some data. I wanted to write my own provider and implement required services to achieve it. Unfortunately during code review of jdk i found a problem. During sign operation on client side provider seems to be hardcoded.
http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/6-b14/sun/security/ssl/RSASignature.java#82
How can I use my own providers and its implementation of Signature to achieve it? Is there a different implementation of SSLSocket which my be used to achieve it?
This is calling stack:
http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/6-b14/sun/security/ssl/ClientHandshaker.java#734http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/6-b14/sun/security/ssl/HandshakeMessage.java#1262http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/6-b14/sun/security/ssl/RSASignature.java#82
Best Regards,
Marcin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20140520/7176479e/attachment.htm>
More information about the security-dev
mailing list