Ah, I hadn't realized I actually need a different type of key. That
explains why RSA is what I get by default. Thanks for pointing out my error!
That does make me wonder why there's even an option to set the
algorithm, though, if it's determined by the key type.
- Dennis
Brent Putman wrote:
Well, it appears you are in fact trying to use an RSA key:
org.bouncycastle.jce.provider.JCE*RSA*PrivateCrtKey
So that won't work. Realize you do have to have an instance of a DSA
key to use the DSA signature algorithm.
Are you sure you don't have a typo somewhere when you generated the
key, or maybe you are pulling the wrong key from a keystore, etc/
--Brent
Dennis Sosnoski wrote:
I'm getting an exception when I try to use the DSA signature algorithm:
Original Exception was java.security.InvalidKeyException: No
installed provider supports this key:
org.bouncycastle.jce.provider.JCERSAPrivateCrtKey
at org.apache.xml.security.signature.XMLSignature.sign(Unknown
Source)
at
org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:659)
using wss4j 1.5.1 with xmlsec-1.4.0 (also tried 1.4.1), with Java 5
on Linux. If I instead use the RSA signature algorithm (which is
apparently the default) there's no exception.
After some online searches I installed the unlimited strength JCE
files in my JRE, since some people with the same error had received
that advice. This didn't have any effect.
Anyone have any ideas? Or, for that matter, is anyone using DSA
signatures successfully?
Thanks,
- Dennis
