The constructor SignedObject(Serializable,PrivateKey,Signature) throws ProviderException in case when PrivateKey and Signature parameters are created using provider "SunPKCS11-Solaris". Please see the minitest and it's output: ----------------------------------------------------------- import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.PrivateKey; import java.security.PublicKey; import java.security.Signature; import java.security.SignedObject; public class SignatureMinitest { public static void main(String[] args) throws Exception { String provider = "SunPKCS11-Solaris"; Signature sig = Signature.getInstance("SHA384withRSA", provider); KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", provider); kpg.initialize(512); KeyPair kp = kpg.generateKeyPair(); PrivateKey privKey = kp.getPrivate(); PublicKey pubKey = kp.getPublic(); sig.initSign(privKey); new SignedObject("Test string for getSignature test.", privKey, sig); } } Exception in thread "main" java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DATA_LEN_RANGE at sun.security.pkcs11.P11Signature.engineSign(P11Signature.java:483) at java.security.Signature$Delegate.engineSign(Signature.java:1128) at java.security.Signature.sign(Signature.java:522) at java.security.SignedObject.sign(SignedObject.java:227) at java.security.SignedObject.<init>(SignedObject.java:144) at SignatureMinitest.main(SignatureMinitest.java:20) Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DATA_LEN_RANGE at sun.security.pkcs11.wrapper.PKCS11.C_Sign(Native Method) at sun.security.pkcs11.P11Signature.engineSign(P11Signature.java:474) ... 5 more ----------------------------------------------------------- Possibly the root cause is the key length, because the same code with provider "SunRsaSign" produces InvalidKeyException: Exception in thread "main" java.security.InvalidKeyException: Key is too short for this signature algorithm at sun.security.rsa.RSASignature.initCommon(RSASignature.java:111) at sun.security.rsa.RSASignature.engineInitSign(RSASignature.java:93) at sun.security.rsa.RSASignature.engineInitSign(RSASignature.java:84) at java.security.Signature$Delegate.engineInitSign(Signature.java:1095) at java.security.Signature.initSign(Signature.java:480) at SignatureMinitest.main(SignatureMinitest.java:19)
|