Posted by moses70
on October 3, 2008 at 3:49 AM PDT
Lately I submitted a RFE regarding support for SHA256 in digital signatures:
The issue is: SHA256 is supported as message digest in the JRE. But to create digital signatures, you need it combined with RSA:
(Because the private key provider needs to do encryption with private key)
When you want to do digital signatures with a smartcard you have only theses options:
- Use SunMSCAPI an use a windows-supported smartcard
- Or use SunPKCS11 with a smartcard-provided pkcs11-DLL
Currently, in both cases, only MD5 and SHA1 is supported. But since this year these algorithms are not strong enough anymore.
If you also want to see support for stronger signatures, you could vote for the mentioned RFE. Or give your opinion here in this thread.