Error: Signing algorithm not matched with key algorithm

jentrata / jentrata-msh

Jentrata - Message Handler Service

jentrara.org

Other

19 stars 57 forks source link

Error: Signing algorithm not matched with key algorithm #46

Open svenamaysim opened 7 years ago

svenamaysim commented 7 years ago

We are creating our keys for message signing with

keytool -genkeypair -keyalg RSA -sigalg SHA256withRSA

The CPA contains

<tp:SignatureAlgorithm>SHA256withRSA</tp:SignatureAlgorithm>

This leads to an error:

Message: Signing algorithm not matched with key algorithm, actual key algorithum:RSA expect algorithum: SHA256withRSA

Due to the PKISignatureImpl.java which is called by OutboxTask.java

aaronwalker commented 7 years ago

@svenamaysim Can you provide some details of what version you are using 2.x or 3.x what are the values in the partnership table for the signing algorithm?

On the login screen jentrata has a version number can you also provide that. Mostly interested in the git sha value.

svenamaysim commented 7 years ago

Hi @aaronwalker - We have the version (3.x-SNAPSHOT - buildNu)

svenamaysim commented 7 years ago

DB Contents from CPA upload: partnership.ds_algorithm = 'SHA256withRSA' partnership.md_algorithm = 'SHA-2'

aaronwalker commented 7 years ago

@svenamaysim how did you generate the signing keystore that is being used by jentrata?

here is the default location of the signing keystore

https://github.com/jentrata/jentrata-msh/blob/master/Plugins/CorvusEbMS/src/main/resources/hk.hku.cecid.ebms/conf/hk/hku/cecid/ebms/spa/conf/ebms.module.xml#L42

gkatanacio commented 7 years ago

hi @aaronwalker, it was generated using the command below:

openssl pkcs12 -name XXX-SIG -export -in XXX-SIG.cer -inkey XXX-SIG-privkey.pem -out XXX-SIG.p12

cc @svenamaysim