Bouncy castle is not picked up by jose4j
Issue #126
resolved
Hi,
I have enabled bouncy castle provider for my app . But still verify signature is happening through SunRSA and not through bouncycastle. I am guessing this could be due to java .security configurations in my JAVA_HOME/jre/lib/security. Because if I am adding bouncycastle in same file and giving higher order with respect to SUNRSA , then verfiy signature is happening through bouncycastle . But I can't change in java.security file . So I want to know is there any other way so that verfiy signature will happen through bouncycastle with out changing java.security file
Comments (2)
-
-
repo owner - changed status to resolved
- Log in to comment
You can add a provider programmatically (if you have permission). Some tests in this project do that - see https://bitbucket.org/b_c/jose4j/src/7f9624414a1baf752adbc61d4a1be16253eeec23/src/test/java/org/jose4j/jwa/JceProviderTestSupport.java?at=master#lines-78 for example. Or better yet consult the actual Oracle documentation.
The ProviderContext http://static.javadoc.io/org.bitbucket.b_c/jose4j/0.6.4/org/jose4j/jca/ProviderContext.html might also be useful as it lets the "the caller of various JOSE and JWT functionality to specify a particular Java Cryptography Architecture provider by name for various cryptographic operations as well as a SecureRandom source of randomness."