You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@santuario.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2014/03/13 10:40:44 UTC

[jira] [Commented] (SANTUARIO-379) Signing XML with SHA1 with DSA throws exception when key is larger than 1024

    [ https://issues.apache.org/jira/browse/SANTUARIO-379?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13933044#comment-13933044 ] 

Colm O hEigeartaigh commented on SANTUARIO-379:
-----------------------------------------------


Looks like the SignatureDSA.convertASN1toXMLDSIG function needs to be updated to account for 2048 bit keys.

Colm.

> Signing XML with SHA1 with DSA throws exception when key is larger than 1024
> ----------------------------------------------------------------------------
>
>                 Key: SANTUARIO-379
>                 URL: https://issues.apache.org/jira/browse/SANTUARIO-379
>             Project: Santuario
>          Issue Type: Bug
>          Components: Java
>    Affects Versions: Java 1.5.6
>            Reporter: Marin Dzhigarov
>            Assignee: Colm O hEigeartaigh
>
> Getting the following exception when trying to sign xml document with SHA1 with DSA key that is 2048 bits long:
> Exception in thread "main" java.lang.RuntimeException: A problem occured when trying to sign the document
> 	at XMLSignTest$XMLDSIGGenerator.signXMLDocument(XMLSignTest.java:113)
> 	at XMLSignTest.main(XMLSignTest.java:61)
> Caused by: org.apache.xml.security.signature.XMLSignatureException: Invalid ASN.1 format of DSA signature
> Original Exception was java.io.IOException: Invalid ASN.1 format of DSA signature
> 	at org.apache.xml.security.algorithms.implementations.SignatureDSA.engineSign(SignatureDSA.java:160)
> 	at org.apache.xml.security.algorithms.SignatureAlgorithm.sign(SignatureAlgorithm.java:173)
> 	at org.apache.xml.security.signature.XMLSignature.sign(XMLSignature.java:614)
> 	at XMLSignTest$XMLDSIGGenerator.signXMLDocument(XMLSignTest.java:109)
> 	... 1 more
> Caused by: java.io.IOException: Invalid ASN.1 format of DSA signature
> 	at org.apache.xml.security.algorithms.implementations.SignatureDSA.convertASN1toXMLDSIG(SignatureDSA.java:284)
> 	at org.apache.xml.security.algorithms.implementations.SignatureDSA.engineSign(SignatureDSA.java:158)
> 	... 4 more
> See attached eclipse demo project for reproducing, keystore and xml file:
> https://drive.google.com/file/d/0B8qrjQTbDPd3Sld2bW5ncTlLQms/edit?usp=sharing



--
This message was sent by Atlassian JIRA
(v6.2#6252)