DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=40826>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=40826 ------- Additional Comments From [EMAIL PROTECTED] 2006-11-02 07:42 ------- > Each time i sign, i add the provider (Security.addProvider(p)) and create a > new > PrivateKey object. Im not reusing nothing.. is it correct ? or i must have to > remove and add the provider each time? from what i know...when we use the > addProvider, it add the provider in the available slot, but we can add in a > specific slot, just using addProviderAt(p, 2) for instance. Ahh, here's what I think is happening: The first time you call Security.addProvider(p), your provider is added correctly, you create a new PrivateKey object using that same provider and the xml signing operation works ok. The next time you create a new provider and call Security.addProvider(p), I bet the provider is not added because it is already installed (from the APIs standpoint, it is the same provider even though it is a new instance). Check the return value of addProvider to see if it returns -1. *But* (and this is a major but), you then use the new provider instance to create a PrivateKey object. There's the problem. When you use this PrivateKey to sign, the xml signature cannot find the provider that you used to create it (since it is not installed, it only finds the old provider but that won't work with the new PrivateKey) and therefore the signing operation fails because it cannot find a provider that the key can be used with. Workarounds: Either, 1) explicitly remove the provider before you reinstall it each time, or 2) only create and install the provider once and always use this provider to create the PrivateKeys. Please confirm if this is the case. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
