Can you also post the exception backtrace?
Regards,
On 11/3/06, Raul Benito <[EMAIL PROTECTED]> wrote:
Hi Ruchith,
It is not feasible for me to checkout the whole wss4j in order to see
the problem.
Did the problem arise when you do something like this?
PrivateKey xk; PublicKey pk=xk.getPublickKey();
XMLSignature s1=...;
XMLSignature s2=...;
s1.sign(xk);
s2.sign(xk);
s1.checkSignatureValue(pk);
Or other kind of sequence?
Regards,
On 11/3/06, Ruchith Fernando <[EMAIL PROTECTED]> wrote:
> Hi Raul,
>
> I'm using the SVN head (revision : 470741).
>
> I'm working on fixing the issue dims reported yesterday[1] and fixing
> WSS4J/Rampart and AXIOM to work with the changes :-). And I have a
> patch for [1] which I will post soon.
>
> I will try to send a test case as soon as I possible,
>
> Until then you can easily reproduce the error with WSS4J test suite.
> You can get a chackout of [2] and simply run "ant clean test" to run
> the unit tests after replacing the xml-sec-1.3.0.jar in the lib dir
> with the latest.
>
> Thanks,
> Ruchith
>
> [1] http://issues.apache.org/bugzilla/show_bug.cgi?id=40880
> [2] https://svn.apache.org/repos/asf/webservices/wss4j/trunk
>
> On 11/3/06, Raul Benito <[EMAIL PROTECTED]> wrote:
> > Hi Ruchith,
> >
> > It looks strange to me, because all the junits that we pass do in
> > essence what are you describing(several verifying in one thread). But
> > on the other hand your explanation looks sound.
> > What version of xmlsec are you using?
> > Can you post a simple test case that triggers this error?
> >
> > Regards,
> >
> > Raul
> >
> > On 11/3/06, Ruchith Fernando <[EMAIL PROTECTED]> wrote:
> > > Hi Devs,
> > >
> > > I ran into an "java.security.SignatureException: object not
> > > initialized for verification" exception when trying to do sign and
> > > verify *twice* in the same thread, using different XMLSignature
> > > instances.
> > >
> > > I tracked this down to the use of "keysVerify" thread local tracker in
> > > org.apache.xml.security.algorithms.SignatureAlgorithm to tack the
> > > initialization of the java.security.Signature instance with
> > > private/public keys.
> > >
> > > When the first signature verification occurs the public key is set in
> > > "keysVerify" in SignatureAlgorithm#initVerify(). And it verifies
> > > successfully. But when we try to carryout the second verification the
> > > "keysVerify" returns the same key for the thread and the
> > > java.security.Signature instance is not initialized with the public
> > > key. Therefore we run into the above exception.
> > >
> > > What do you folks think? Have I overlooked something in my scenario?
> > >
> > > Thanks,
> > > Ruchith
> > >
> > > --
> > > www.ruchith.org
> > >
> >
> >
> > --
> > http://r-bg.com
> >
>
>
> --
> www.ruchith.org
>
--
http://r-bg.com
--
http://r-bg.com
