DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=44204>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=44204 Summary: signature/verification fails when in the same thread same key is used twice Product: Security Version: Java 1.4.1 Platform: Other OS/Version: other Status: NEW Severity: regression Priority: P1 Component: Signature AssignedTo: security-dev@xml.apache.org ReportedBy: [EMAIL PROTECTED] On debugging I found that the problem occurs due to the keysSigning and keysVerify ThreadLocal members of the SignatureAlgorithm class. Even if we may be working with two completely different documents to be verified in the same thread, and both contain say the same certificate inside the KeyInfo, somehow Java returns the same public key instance in both the cases and in the latter case the signature/verification is not initialized properly (an error message is thrown by Java). -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
