You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by Markus Lindner <ma...@catbull.com> on 2006/01/26 03:27:09 UTC
problem with Algorithm ecdsa-sha1
Hi there,
I use xmlsecurity to verify Signatures (dsig) in xml-files.
I got some _new_ files, which via xmlsecurity do not work the way I expected:
org.apache.xml.security.signature.XMLSignatureException: The requested
algorithm http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1 does not
exist. Original Message was: null
Original Exception was java.lang.NullPointerException
at
org.apache.xml.security.algorithms.SignatureAlgorithm.<init>(Unknown
Source)
at org.apache.xml.security.signature.SignedInfo.<init>(Unknown
Source)
at org.apache.xml.security.signature.XMLSignature.<init>(Unknown
Source)
I use bouncycastle as my provider. I add the provider dynamically before
verifying.
When I list all the algorithms, I got:
[long list left out]
Signatures:
[long list left out]
SHA1WITHECNR
OID.1.2.840.113549.1.1.5
SHA512withRSA
ECDSA
SHA512WITHRSAENCRYPTION
[long list left out]
I think that "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1" should
point to ECDSA.
I use xmlsecurity-1.3 (just the jar from the web
http://xml.apache.org/security/dist/java-library/ )
I am aware of the xalan/endorsed problem. I tested on linux java 1.4/1.5
and winxp 1.4/1.5.
I am not sure if xmlsecurity can handle this anyway...just wanted to ask
what is the problem here...
greetings
m.
--
"0x07: Signature not present. Press any key."