DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=40826>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=40826 Summary: Private keys must be instance of RSAPrivate or have PKCS#8 encoding Product: Security Version: unspecified Platform: Other OS/Version: other Status: NEW Severity: normal Priority: P2 Component: Signature AssignedTo: security-dev@xml.apache.org ReportedBy: [EMAIL PROTECTED] Hello I am having a problem. My application is an applet that generate a xml and sign it with PrivateKey from SmartCard. The first time, it works fine! however when i try to sign again (second time), i get this exception: java.security.InvalidKeyException: Private keys must be instance of RSAPrivate(Crt)Key or have PKCS#8 encoding The exception occurs when calling the method: DOMSignContext dsc = new DOMSignContext(pk, doc.getDocumentElement()); This method is part of the following code: Does any body know what could i do to solve this problem ? ======= code that generates the xml signature String providerName = System.getProperty("jsr105Provider", "org.jcp.xml.dsig.internal.dom.XMLDSigRI"); XMLSignatureFactory fac = XMLSignatureFactory.getInstance( "DOM", (Provider) Class.forName(providerName).newInstance()); Reference ref = fac.newReference( "", fac.newDigestMethod(DigestMethod.SHA1, null), Collections.singletonList(fac.newTransform( Transform.ENVELOPED, (TransformParameterSpec) null)), null, null); SignedInfo si = fac.newSignedInfo( fac.newCanonicalizationMethod( CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null), fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(ref)); KeyInfoFactory kif = fac.getKeyInfoFactory(); X509Data x509 = kif.newX509Data(Collections.singletonList(cert)); KeyInfo ki = kif.newKeyInfo(Collections.singletonList(x509)); DOMSignContext dsc = new DOMSignContext(pk, doc.getDocumentElement()); XMLSignature signature = fac.newXMLSignature(si, ki); signature.sign(dsc); return doc; } ======= code that get de PrivateKey and Certificate from Smart Card: String configuracao = "name = SmartCard\n" + "library = c:\\windows\\system32\\aetpkss1.dll"; byte[] configuracaoBytes = configuracao.getBytes(); ByteArrayInputStream configuracaoStream = new ByteArrayInputStream(configuracaoBytes); sun.security.pkcs11.SunPKCS11 provider = new sun.security.pkcs11.SunPKCS11(configuracaoStream); Security.addProvider(provider); this.nomeProvider = provider.getName(); this.repositorio = KeyStore.getInstance("PKCS11", provider); repositorio.load(null, pin.toCharArray()); this.inicializarDados(pin); String keyEntry = null; boolean ok = false; Enumeration en = repositorio.aliases(); while(en.hasMoreElements()) { keyEntry = (String)en.nextElement(); if(repositorio.isKeyEntry(keyEntry)){ ok = true; break; } } if(ok){ certificado = (X509Certificate) repositorio.getCertificate(keyEntry); chavePrivada = (PrivateKey) repositorio.getKey(keyEntry, pin.toCharArray()); -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
