santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Arshad Noor <arshad.n...@strongauth.com>
Subject Re: Keystore exception when signing document.
Date Wed, 30 Aug 2006 17:49:47 GMT
It doesn't Ed.  I was under the impression that you could not import
your key into the JKS keystore because keytool does not provide that
feature, yet.

But I think I've figured out your problem.  It most likely has to do
with the fact that your key uses the RSA algorithm, but the sample
code that you either modified or are running from the ant scripts,
specifies the DSA signing algorithm (see line 174 of the code):

//Create an XML Signature object from the document, BaseURI and
       //signature algorithm (in this case DSA)
       XMLSignature sig = new XMLSignature(doc, BaseURI, \
			XMLSignature.ALGO_ID_SIGNATURE_DSA); <----


If you modify this line to say the following:

XMLSignature sig = new XMLSignature(doc, BaseURI, \
			XMLSignature.ALGO_ID_SIGNATURE_RSA); <----

your sample should execute correctly without any errors.  I had the
exact same error message when I modified the code to use my own
certificate and keys.  These two lines from your original posting
should have provided me the clue, but I chased a red herring.  Sorry
about that:

[java] Original Exception was java.security.InvalidKeyException: No 
installed provider supports this key: sun.security.rsa.RSAPrivateCrtKeyImpl
      [java]     at 
org.apache.xml.security.algorithms.implementations.SignatureDSA.engineInitSign 
(Unknown Source)

Hope that helps.

Arshad Noor
StrongAuth, Inc.


Ed Sweet wrote:
> Hi Arshad,
> 
> Thanks for the reply.
> 
> How does the code you supplied differ from the PKCS12Import tool [1] 
> found in the Jetty distribution?
> 

Mime
View raw message