How to save secret key in the NSS certDB and then retrieve it through Java?
843811May 15 2008 — edited May 20 2008Hi,
I 'm pretty new trying to handle keying material for NSS fips mode.
After following the guidelines from http://java.sun.com/javase/6/docs/technotes/guides/security/p11guide.html#NSS I need my code to use SecretKeyFactory method generateSecret with DESedeKeySpec parameter in the following way:
Provider nss = new sun.security.pkcs11.SunPKCS11(configFileName);
Security.addProvider(nss);
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DESede", nss);
DESedeKeySpec keySpec = new DESedeKeySpec(new String("abcdefghijklmnopqrstuvw").getBytes("UTF-8"));
SecretKey key = keyFactory.generateSecret(keySpec);
The question is: what are the steps needed to save secret key "abcdefghijklmnopqrstuvw" in NSS certDB in the fips mode (nssModule = fips in pkcs#11 conf. file) and how should it be retrieved in the Java code?
Any help will be appreciated...