santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 43056] - Library does not allow specify provider for private key operations
Date Wed, 08 Aug 2007 15:40:01 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=43056>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=43056





------- Additional Comments From alon.barlev@gmail.com  2007-08-08 08:40 -------
Hello,

I am using sun JVM version 1.5 and 1.6.
I am using the PKCS#11 provider.
This provider provides SHA1withRSA.
Its priority is lower than the default provider that also provides SHA1withRSA.
So the default provider try to perform the RSA operation so it tries to 
translate the PrivateKey into RSAPrivateKey to extract the attribute, and it 
fails.
And for the up-coming question... No... PKCS#11 provider cannot be the first 
one, as many things will go wrong... :)

---

javax.xml.crypto.dsig.XMLSignatureException: java.security.InvalidKeyException: 
Private keys must be instance of RSAPrivate(Crt)Key or have PKCS#8 encoding
        at 
org.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:370)
Caused by: java.security.InvalidKeyException: Private keys must be instance of 
RSAPrivate(Crt)Key or have PKCS#8 encoding
        at 
sun.security.rsa.RSAKeyFactory.translatePrivateKey(RSAKeyFactory.java:246)
        at 
sun.security.rsa.RSAKeyFactory.engineTranslateKey(RSAKeyFactory.java:149)
        at sun.security.rsa.RSAKeyFactory.toRSAKey(RSAKeyFactory.java:79)
        at sun.security.rsa.RSASignature.engineInitSign(RSASignature.java:90)
        at sun.security.rsa.RSASignature.engineInitSign(RSASignature.java:84)
        at java.security.Signature$Delegate.init(Signature.java:1073)
        at java.security.Signature$Delegate.chooseProvider(Signature.java:1033)
        at java.security.Signature$Delegate.engineInitSign(Signature.java:1097)
        at java.security.Signature.initSign(Signature.java:480)
        at 
org.jcp.xml.dsig.internal.dom.DOMRSASignatureMethod.sign(DOMRSASignatureMethod.java:162)
        at 
org.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:367)
        ... 2 more
java.security.InvalidKeyException: Private keys must be instance of 
RSAPrivate(Crt)Key or have PKCS#8 encoding
        at 
sun.security.rsa.RSAKeyFactory.translatePrivateKey(RSAKeyFactory.java:246)
        at 
sun.security.rsa.RSAKeyFactory.engineTranslateKey(RSAKeyFactory.java:149)
        at sun.security.rsa.RSAKeyFactory.toRSAKey(RSAKeyFactory.java:79)
        at sun.security.rsa.RSASignature.engineInitSign(RSASignature.java:90)
        at sun.security.rsa.RSASignature.engineInitSign(RSASignature.java:84)
        at java.security.Signature$Delegate.init(Signature.java:1073)
        at java.security.Signature$Delegate.chooseProvider(Signature.java:1033)
        at java.security.Signature$Delegate.engineInitSign(Signature.java:1097)
        at java.security.Signature.initSign(Signature.java:480)
        at 
org.jcp.xml.dsig.internal.dom.DOMRSASignatureMethod.sign(DOMRSASignatureMethod.java:162)
        at 
org.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:367)
java.security.InvalidKeyException: Private keys must be instance of 
RSAPrivate(Crt)Key or have PKCS#8 encoding
        at 
sun.security.rsa.RSAKeyFactory.translatePrivateKey(RSAKeyFactory.java:246)
        at 
sun.security.rsa.RSAKeyFactory.engineTranslateKey(RSAKeyFactory.java:149)
        at sun.security.rsa.RSAKeyFactory.toRSAKey(RSAKeyFactory.java:79)
        at sun.security.rsa.RSASignature.engineInitSign(RSASignature.java:90)
        at sun.security.rsa.RSASignature.engineInitSign(RSASignature.java:84)
        at java.security.Signature$Delegate.init(Signature.java:1073)
        at java.security.Signature$Delegate.chooseProvider(Signature.java:1033)
        at java.security.Signature$Delegate.engineInitSign(Signature.java:1097)
        at java.security.Signature.initSign(Signature.java:480)
        at 
org.jcp.xml.dsig.internal.dom.DOMRSASignatureMethod.sign(DOMRSASignatureMethod.java:162)
        at 
org.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:367)


-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

Mime
View raw message