I have a Problem with checking an XMLSignature using BouncyCastle for verifying Sigantures that use ECDSA.
Here are the relevant lines of code:
BouncyCastleProvider provider = new BouncyCastleProvider();
Security.addProvider(provider);
//some unrelated code
XMLSignatureFactory factory = XMLSignatureFactory.getInstance("DOM", provider);
At the last line, the following Exception in thrown:
javax.xml.crypto.NoSuchMechanismException: java.security.NoSuchAlgorithmException: no such algorithm: DOM for provider SC
If I change the line to
XMLSignatureFactory factory = XMLSignatureFactory.getInstance("DOM");
I get
javax.xml.crypto.MarshalException: unsupported SignatureMethod algorithm: http://www.w3.org/2007/05/xmldsig-more#ecdsa-ripemd160
Anyone got any Ideas what causes this?
In your first error, you can read in the error description that "no such algorithm: DOM for provider SC". That is weird, because it says "provider SC" (Sun PC/SC provider) and not "provider BC" (BouncyCastle Security Provider) as it should. It looks like you code (internally) is not using Bouncycastle as you want. You should find out why this is happening. It could be something regarding BC library and classpath (if you are working with an application server) or the providers order configuration.
Second error. You change your approach getting XMLSignatureFactory. This one is better, because if you do not specify the provider, because:
This method uses the standard JCA provider lookup mechanism to locate and instantiate an XMLSignatureFactory implementation of the desired mechanism type. It traverses the list of registered security Providers, starting with the most preferred Provider. A new XMLSignatureFactory object from the first Provider that supports the specified mechanism is returned.
But now, algorithm is not there. so, why? Here, I would say that BC is not being used. It is there? Review your classpath.
It may help to list all provider available:
for (Provider p : Security.getProviders()) {
log.debug(p.getName());
log.debug(p.getInfo());
}