APAR status
Closed as program error.
Error description
Error Message: A java.security.SignatureException with an associated message of Invalid encoding for signature is sometimes encountered when validating a XMLSignature with a DSA key. The stack trace of the exception shows that is caused by a java.io.IOException: Invalid encoding: redundant leading 0s. . Stack Trace: Exception in thread "main" javax.xml.crypto.dsig.XMLSignatureException: java.security.SignatureException: Invalid encoding for signature at com.ibm.xml.crypto.dsig.dom.SignedInfoImpl.validate(SignedInfoIm pl.java:262) at com.ibm.xml.crypto.dsig.dom.XMLSignatureImpl.validateSignedInfo( XMLSignatureImpl.java:331) at com.ibm.xml.crypto.dsig.dom.XMLSignatureImpl.validate(XMLSignatu reImpl.java:323) Caused by: java.security.SignatureException: Invalid encoding for signature at com.ibm.crypto.provider.a7.engineVerify(Unknown Source) at com.ibm.crypto.provider.a7.engineVerify(Unknown Source) at java.security.Signature$Delegate.engineVerify(Signature.java:122 8) at java.security.Signature.verify(Signature.java:658) at com.ibm.xml.crypto.dsig.SignatureEngineDSA.verify(SignatureEngin eDSA.java:101) at com.ibm.xml.crypto.dsig.dom.SignedInfoImpl.validate(SignedInfoIm pl.java:258) ... 3 more Caused by: java.io.IOException: Invalid encoding: redundant leading 0s at com.ibm.security.util.DerInputBuffer.getBigInteger(DerInputBuffe r.java:192) at com.ibm.security.util.DerValue.getBigInteger(DerValue.java:523) ... 9 more java.security.SignatureException: Invalid encoding for signature at com.ibm.crypto.provider.a7.engineVerify(Unknown Source) at com.ibm.crypto.provider.a7.engineVerify(Unknown Source) at java.security.Signature$Delegate.engineVerify(Signature.java:122 8) at java.security.Signature.verify(Signature.java:658) at com.ibm.xml.crypto.dsig.SignatureEngineDSA.verify(SignatureEngin eDSA.java:101) at com.ibm.xml.crypto.dsig.dom.SignedInfoImpl.validate(SignedInfoIm pl.java:258) at com.ibm.xml.crypto.dsig.dom.XMLSignatureImpl.validateSignedInfo( XMLSignatureImpl.java:331) at com.ibm.xml.crypto.dsig.dom.XMLSignatureImpl.validate(XMLSignatu reImpl.java:323) Caused by: java.io.IOException: Invalid encoding: redundant leading 0s at com.ibm.security.util.DerInputBuffer.getBigInteger(DerInputBuffe r.java:192) at com.ibm.security.util.DerValue.getBigInteger(DerValue.java:523) ... 9 more .
Local fix
Problem summary
A java.security.SignatureException with an associated message of Invalid encoding for signature is sometimes encountered when verifying a XMLSignature with a DSA key.
Problem conclusion
A fix is made to IBMXMLCryptoProvider provider The associated Hursley RTC Problem Report is 123520 The associated Austin CMVC defect is 117595 JVMs affected: Java 6, 626, 7, 727, and 8 The fix was delivered for Java 8 SR4FP5, Java 7 SR10FP5, Java 727 SR4FP5, Java 6 SR16FP45, Java 626 SR8FP45 The affected jar is "ibmxmlcrypto.jar". The build level of this jar for the affected releases is "20170203" . This APAR will be fixed in the following Java Releases: 8 SR4 FP5 (8.0.4.5) 6 SR16 FP45 (6.0.16.45) 7 SR10 FP5 (7.0.10.5) 6 R1 SR8 FP45 (6.1.8.45) 7 R1 SR4 FP5 (7.1.4.5) . Contact your IBM Product's Service Team for these Service Refreshes and Fix Packs. For those running stand-alone, information about the available Service Refreshes and Fix Packs can be found at: https://www.ibm.com/developerworks/java/jdk/
Temporary fix
Comments
APAR Information
APAR number
IV93534
Reported component name
SECURITY
Reported component ID
620700125
Reported release
270
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2017-02-17
Closed date
2017-02-17
Last modified date
2017-02-17
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
SECURITY
Fixed component ID
620700125
Applicable component levels
R270 PSY
UP
R600 PSY
UP
R260 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"270","Edition":"","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]
Document Information
Modified date:
07 December 2020