> Q) Is it a limitation in xml-security to only allow keys of length 40.
Number 40 is not a key length. DSA algorithm allows keys to be from 512 to 1024 bits (from 64 to 128 bytes) large and have to be multiple of 64 bits (8 bytes). DSA works only with SHA1 algorithm which is 20 bytes large and output (signature length) of DSA algorithm is exactly 40 bytes (double of input SHA1 size). It seems that after Base64 decoding signature length in your file is 46 bytes which is wrong value. Best regards, Milan
