'Re: Antwort: Re: JDK6 and xmlsec-1.4.2 issue (unsupported signature'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       xml-security-dev
Subject:    Re: Antwort: Re: JDK6 and xmlsec-1.4.2 issue (unsupported signature
From:       Sean Mullan <Sean.Mullan () Sun ! COM>
Date:       2009-09-08 14:38:32
Message-ID: 4AA66C68.40108 () sun ! com
[Download RAW message or body]

Hi Torsten,

Our JDK release schedule was changed a little and this will now be fixed 
in JDK 6u18. See http://bugs.sun.com/view_bug.do?bug_id=6845600

It should be fixed in the 6u18 early access release, available here: 
http://download.java.net/jdk6/

--Sean

torsten.reinhard@gi-de.com wrote:
> 
> Hi Sean and all others,
> 
> JDK6u16 is out now since a while, but I still get
> 
> _java.lang.RuntimeException_: _javax.xml.crypto.MarshalException_: 
> unsupported signature algorithm: 
> http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
> 
> => Are the stronger algorithms SHA256-RSA re-targeted to another Update 
> of JDK6 ?
> 
> Please let me know, if there is any solution in sight, or any other 
> workaround,
> since I can´t use the endorsed mechanism due to a lot of side-effects 
> for others.....
> 
> thanx, Torsten
> 
> 
> 
> *Sean Mullan <Sean.Mullan@Sun.COM>*
> Gesendet von: Sean.Mullan@Sun.COM
> 
> 27.05.2009 20:37
> Bitte antworten an
> security-dev@xml.apache.org
> 
> 
> 	
> An
> 	security-dev@xml.apache.org
> Kopie
> 	
> Thema
> 	Re: JDK6 and xmlsec-1.4.2 issue (unsupported signature algorithm)
> 
> 
> 	
> 
> 
> 
> 
> 
> torsten.reinhard@gi-de.com wrote:
> > 
> > Hi,
> > 
> > I migrated my application from JDK5 (with external xmlsec-1.4.2.jar) to
> > JDK6 (where xmlsec is included now).
> > 
> > After that I got
> > javax.xml.crypto.MarshalException: unsupported signature algorithm:
> > http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
> > at
> > 
> org.jcp.xml.dsig.internal.dom.DOMSignatureMethod.unmarshal(DOMSignatureMethod.java:86)
> 
> > at
> > 
> org.jcp.xml.dsig.internal.dom.DOMSignedInfo.<init>(DOMSignedInfo.java:122)
> > at
> > 
> org.jcp.xml.dsig.internal.dom.DOMXMLSignature.<init>(DOMXMLSignature.java:119)
> > at
> > 
> org.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory.unmarshal(DOMXMLSignatureFactory.java:152)
> 
> > at
> > 
> org.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory.unmarshalXMLSignature(DOMXMLSignatureFactory.java:116)
> 
> > 
> > so I tried the lib\endorsed workaround, and put xmlsec-1.4.2 and
> > commons-logging into that folder.
> > That worked fine for me - but not for my collegues.
> > 
> > They than run into "NoClassDefFoundError" from different points - one
> > were missing the Log4J Logger class implementation (could be resolved by
> > putting log4j.jar to lib\endorsed), the others had trouble with WSS4J
> > and so on.
> > 
> > I wouldn´t like to put all our libraries in the lib\endorsed folder - is
> > there another way to use xmlsec-1.4.2 in JDK6.0 ?
> 
> > Is there a plan to include xmlsec-1.4.2 in one of the next JDK patches
> > (>=1.6.0_14) ?
> 
> We don't have plans to integrate the entire xmlsec-1.4.2 in Sun's JDK 6.
> XMLSec 1.4.2 is already in JDK 7 (via OpenJDK:
> https://jdk7.dev.java.net/). However, I have just opened an RFE to add
> support for the stronger SHA256-RSA and SHA512-RSA algorithms and
> targeted it to JDK 6u16. In the meantime the only workaround I know is
> to use the endorsed libraries mechanism.
> 
> --Sean
> 


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic