santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 40343] - sun.security.pkcs11.P11Key$P11PrivateKey not accepted
Date Wed, 30 Aug 2006 19:40:03 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=40343>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40343





------- Additional Comments From sean.mullan@sun.com  2006-08-30 19:40 -------
(In reply to comment #0)
> When I sign via my eID card using xmlsec 1.3.0 everything works.
> When I perform the same via xmlsec 1.4.Beta2 I get the following exception:
> 
> org.apache.xml.security.signature.XMLSignatureException: Private keys must be
> instance of RSAPrivate(Crt)Key or have PKCS#8 encoding
> Original Exception was java.security.InvalidKeyException: Private keys must be
> instance of RSAPrivate(Crt)Key or have PKCS#8 encoding

This exception usually indicates that your PKCS#11 token Key object has been
passed to a Java Signature impl. that does not understand it (i.e. - it is not a
PKCS#11 based provider). This could happen if you passed a non-PKCS#11 provider 
name explicitly to the Signature.getInstance call. Hmm, by any chance have 
you called the JCEMapper.setProviderId method in your code? How are your
providers configured in the JRE/lib/security/java.security file?

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

Mime
View raw message