santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 43239] - "No installed provider supports this key" when checking a RSA signature against a DSA key before RSA key
Date Fri, 07 Sep 2007 05:34:12 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=43239>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=43239





------- Additional Comments From matthias.germann@dvbern.ch  2007-09-06 22:34 -------
(In reply to comment #7)

Thanks for your explanations.

> I see. I'll look into this a little bit more. A relatively recent enhancement
> was made to cache and reuse java.security.Signature objects per thread. I 
> think the problem is that it is caching and reusing Signature objects that are
> incorrectly initialized. Now, I still believe that this bug will go away 
> once the JDK bug is fixed, but maybe in the meantime I can fix the cache such 
> that incorrectly initialized Signature objects are not cached 
> (or are flushed from the cache).

This fix for the cache would be very helpful for us.

 
> Also, can you use the standard JSR 105 API instead? That API doesn't use 
> the same underlying code and caching mechanism for Signature objects.

We can't use the JSR 105 API because we are using the OpenSAML Library wich uses
the Apache XML Security Library. As a workaround, we decided to use only RSA
keys in our environment.


-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

Mime
View raw message