santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Julien PASQUIER" <julien.pasqu...@wanadoo.fr>
Subject Re: SignatureDSA Java Implementation
Date Thu, 08 Feb 2007 15:18:20 GMT
Thanks for your answer.
I will fill this bug in the bugzilla (Security project).

Regards,

Julien PASQUIER

----- Original Message ----- 
From: "Sean Mullan" <Sean.Mullan@Sun.COM>
To: <security-dev@xml.apache.org>
Sent: Thursday, February 08, 2007 3:54 PM
Subject: Re: SignatureDSA Java Implementation


> It looks like a bug. Do you mind filing a bug at 
> http://issues.apache.org/bugzilla (Security project) so you can track the 
> issue.
>
> As a workaround, you can use the java.security.Provider API to reorder the 
> JCE providers the way you want. Or you can manually edit the list of 
> providers in the JRE/lib/security/java.security file.
>
> --Sean
>
> Julien PASQUIER wrote:
>> Hello,
>>  It is impossible to use a specific JCE provider with the 
>> org.apache.xml.security.algorithms.implementations.SignatureDSA of the 
>> XML-Security java project. However it is possible to do it with 
>> SignatureBaseRSA and with SignatureECDSA.
>> Why only the sun default DSA Signature provider can be used ??
>>  The snag is that there is just this line in the constructor of the DSA 
>> implementation :
>> this._signatureAlgorithm = Signature.getInstance(algorithmID);
>>  ------------------------------
>> I think that you should add this line to the constructor of SignatureDSA 
>> to fix this problem :
>> String provider = JCEMapper.getProviderId();
>> try {
>>    if (provider == null) {
>>       this._signatureAlgorithm = Signature.getInstance(algorithmID);
>>     } else {
>>        this._signatureAlgorithm = 
>> Signature.getInstance(algorithmID,provider);
>>     }
>> } catch (java.security.NoSuchAlgorithmException ex) {
>>     .....
>> }
>> ------------------------------
>>  Regards,
>>  Julien PASQUIER
>
> ---------------------------------------------------------------------------------------
> Orange vous informe que cet  e-mail a ete controle par l'anti-virus mail. 
> Aucun virus connu a ce jour par nos services n'a ete detecte.
>
>
> 



Mime
View raw message