Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

validation of xml signature

974599Nov 16 2012 — edited Aug 23 2013
Hello to all,
I have a Java application which does a verification of xml signature using standard Java libraries, XML documents come from 3-rd parties.
This application works properly with Java 6 but it fails with Java 7.
Returned exception is
Exception: javax.xml.crypto.dsig.XMLSignatureException Message: java.security.SignatureException: Signature length not correct: got 128 but was expecting 256
Example of <Signature> element below, certificate is included in XML document.
Knows anybody a reason or any solution of this incompatibility ?
Thanks
Pavel

<Signature xmlns='http://www.w3.org/2000/09/xmldsig#'>
<SignedInfo xmlns='http://www.w3.org/2000/09/xmldsig#'>
<CanonicalizationMethod Algorithm='http://www.w3.org/TR/2001/REC-xml-c14n-20010315'/>
<SignatureMethod Algorithm='http://www.w3.org/2000/09/xmldsig#rsa-sha1'/>
<Reference URI='#9e9d906b-fd9d-46a8-bc02-cd5f51520f41'>
<DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1'/>
<DigestValue>eQ3tygBwApTPgtOqXcZlmKe8Bng=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>IcfckRDIVE/vC5JmEi87It3erSe8ShkXl9QK0UTxPDd4CzVDnBTmGFlrQipxEGHReqj4bZ9/
E021iGJq3mBqxLDCK11/Mv3BTEEHCaxgiR+mKpwgz7BTlVX1QkaFkq/AhhFYJBrYlBfURb86
nTKfDfC+DYn2ig8ewOwsMC5TPrg=</SignatureValue>
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Sep 20 2013
Added on Nov 16 2012
#other-security-apis-tools-and-issues
16 comments
15,299 views