You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@santuario.apache.org by Julien PASQUIER <ju...@wanadoo.fr> on 2007/02/08 13:53:50 UTC

SignatureDSA Java Implementation

Hello,

It is impossible to use a specific JCE provider with the org.apache.xml.security.algorithms.implementations.SignatureDSA of the XML-Security java project. However it is possible to do it with SignatureBaseRSA and with SignatureECDSA.
Why only the sun default DSA Signature provider can be used ??

The snag is that there is just this line in the constructor of the DSA implementation :
this._signatureAlgorithm = Signature.getInstance(algorithmID);

------------------------------
I think that you should add this line to the constructor of SignatureDSA to fix this problem :
String provider = JCEMapper.getProviderId();
try {
   if (provider == null) {
      this._signatureAlgorithm = Signature.getInstance(algorithmID);
    } else {
       this._signatureAlgorithm = Signature.getInstance(algorithmID,provider);
    }
} catch (java.security.NoSuchAlgorithmException ex) {
    .....
}
------------------------------

Regards,

Julien PASQUIER

Re: SignatureDSA Java Implementation

Posted by Julien PASQUIER <ju...@wanadoo.fr>.

Thanks for your answer.
I will fill this bug in the bugzilla (Security project).

Regards,

Julien PASQUIER

----- Original Message ----- 
From: "Sean Mullan" <Se...@Sun.COM>
To: <se...@xml.apache.org>
Sent: Thursday, February 08, 2007 3:54 PM
Subject: Re: SignatureDSA Java Implementation


> It looks like a bug. Do you mind filing a bug at 
> http://issues.apache.org/bugzilla (Security project) so you can track the 
> issue.
>
> As a workaround, you can use the java.security.Provider API to reorder the 
> JCE providers the way you want. Or you can manually edit the list of 
> providers in the JRE/lib/security/java.security file.
>
> --Sean
>
> Julien PASQUIER wrote:
>> Hello,
>>  It is impossible to use a specific JCE provider with the 
>> org.apache.xml.security.algorithms.implementations.SignatureDSA of the 
>> XML-Security java project. However it is possible to do it with 
>> SignatureBaseRSA and with SignatureECDSA.
>> Why only the sun default DSA Signature provider can be used ??
>>  The snag is that there is just this line in the constructor of the DSA 
>> implementation :
>> this._signatureAlgorithm = Signature.getInstance(algorithmID);
>>  ------------------------------
>> I think that you should add this line to the constructor of SignatureDSA 
>> to fix this problem :
>> String provider = JCEMapper.getProviderId();
>> try {
>>    if (provider == null) {
>>       this._signatureAlgorithm = Signature.getInstance(algorithmID);
>>     } else {
>>        this._signatureAlgorithm = 
>> Signature.getInstance(algorithmID,provider);
>>     }
>> } catch (java.security.NoSuchAlgorithmException ex) {
>>     .....
>> }
>> ------------------------------
>>  Regards,
>>  Julien PASQUIER
>
> ---------------------------------------------------------------------------------------
> Orange vous informe que cet  e-mail a ete controle par l'anti-virus mail. 
> Aucun virus connu a ce jour par nos services n'a ete detecte.
>
>
>

Re: SignatureDSA Java Implementation

Posted by Sean Mullan <Se...@Sun.COM>.

It looks like a bug. Do you mind filing a bug at 
http://issues.apache.org/bugzilla (Security project) so you can track 
the issue.

As a workaround, you can use the java.security.Provider API to reorder 
the JCE providers the way you want. Or you can manually edit the list of 
providers in the JRE/lib/security/java.security file.

--Sean

Julien PASQUIER wrote:
> Hello,
>  
> It is impossible to use a specific JCE provider with 
> the org.apache.xml.security.algorithms.implementations.SignatureDSA of 
> the XML-Security java project. However it is possible to do it with 
> SignatureBaseRSA and with SignatureECDSA.
> Why only the sun default DSA Signature provider can be used ??
>  
> The snag is that there is just this line in the constructor of the DSA 
> implementation :
> this._signatureAlgorithm = Signature.getInstance(algorithmID);
>  
> ------------------------------
> I think that you should add this line to the constructor of SignatureDSA 
> to fix this problem :
> String provider = JCEMapper.getProviderId();
> try {
>    if (provider == null) {
>       this._signatureAlgorithm = Signature.getInstance(algorithmID);
>     } else {
>        this._signatureAlgorithm = 
> Signature.getInstance(algorithmID,provider);
>     }
> } catch (java.security.NoSuchAlgorithmException ex) {
>     .....
> }
> ------------------------------
>  
> Regards,
>  
> Julien PASQUIER