-
Bug
-
Resolution: Not an Issue
-
P4
-
None
-
7
-
x86
-
windows_7
FULL PRODUCT VERSION :
java version "1.7.0"
Java(TM) SE Runtime Environment (build 1.7.0-b147)
Java HotSpot(TM) Client VM (build 21.0-b17, mixed mode, sharing)
ADDITIONAL OS VERSION INFORMATION :
32-bit jdk on Windows 7 x64
A DESCRIPTION OF THE PROBLEM :
We need to sign data using java.security classes. We use the following steps to have this done:
Signature signer = Signature.getInstance("NONEwithRSA");
signer.initSign(privateKey);
signer.update(data); // data is varying in length
byte[] signature = signer.sign();
When using SunJCE provider, all works just fine. Now we'd like to add support for Windows certificates storage. We tried to use the same steps using SunMSCAPI provider and we've got the following exception:
java.security.SignatureException: Message digest length is not supported
at sun.security.mscapi.RSASignature$Raw.getDigestValue(RSASignature.java:188)
at sun.security.mscapi.RSASignature.engineSign(RSASignature.java:383)
at java.security.Signature$Delegate.engineSign(Unknown Source)
at java.security.Signature.sign(Unknown Source)
It seems this provider does expect to have a digest on the input but we need to sign a DigestInfo structure which is used in different widely known standards like TLS, CMS, CAdES, etc.
REGRESSION. Last worked in version 7
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Signature signer = Signature.getInstance("NONEwithRSA");
signer.initSign(privateKey); // privateKey must be stored in Windows system storage
signer.update(data); // data length must differ from 160 (SHA-1) and 128 (MD-5) bits
byte[] signature = signer.sign();
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
RSA signature for the specified data
ACTUAL -
java.security.SignatureException: Message digest length is not supported
ERROR MESSAGES/STACK TRACES THAT OCCUR :
java.security.SignatureException: Message digest length is not supported at sun.security.mscapi.RSASignature$Raw.getDigestValue(RSASignature.java:188)
at sun.security.mscapi.RSASignature.engineSign(RSASignature.java:383)
at java.security.Signature$Delegate.engineSign(Unknown Source)
at java.security.Signature.sign(Unknown Source)
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
Available upon request.
---------- END SOURCE ----------
java version "1.7.0"
Java(TM) SE Runtime Environment (build 1.7.0-b147)
Java HotSpot(TM) Client VM (build 21.0-b17, mixed mode, sharing)
ADDITIONAL OS VERSION INFORMATION :
32-bit jdk on Windows 7 x64
A DESCRIPTION OF THE PROBLEM :
We need to sign data using java.security classes. We use the following steps to have this done:
Signature signer = Signature.getInstance("NONEwithRSA");
signer.initSign(privateKey);
signer.update(data); // data is varying in length
byte[] signature = signer.sign();
When using SunJCE provider, all works just fine. Now we'd like to add support for Windows certificates storage. We tried to use the same steps using SunMSCAPI provider and we've got the following exception:
java.security.SignatureException: Message digest length is not supported
at sun.security.mscapi.RSASignature$Raw.getDigestValue(RSASignature.java:188)
at sun.security.mscapi.RSASignature.engineSign(RSASignature.java:383)
at java.security.Signature$Delegate.engineSign(Unknown Source)
at java.security.Signature.sign(Unknown Source)
It seems this provider does expect to have a digest on the input but we need to sign a DigestInfo structure which is used in different widely known standards like TLS, CMS, CAdES, etc.
REGRESSION. Last worked in version 7
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Signature signer = Signature.getInstance("NONEwithRSA");
signer.initSign(privateKey); // privateKey must be stored in Windows system storage
signer.update(data); // data length must differ from 160 (SHA-1) and 128 (MD-5) bits
byte[] signature = signer.sign();
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
RSA signature for the specified data
ACTUAL -
java.security.SignatureException: Message digest length is not supported
ERROR MESSAGES/STACK TRACES THAT OCCUR :
java.security.SignatureException: Message digest length is not supported at sun.security.mscapi.RSASignature$Raw.getDigestValue(RSASignature.java:188)
at sun.security.mscapi.RSASignature.engineSign(RSASignature.java:383)
at java.security.Signature$Delegate.engineSign(Unknown Source)
at java.security.Signature.sign(Unknown Source)
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
Available upon request.
---------- END SOURCE ----------
- relates to
-
-
- Closed
-