java.security.SignatureException: Signing error:
java.lang.ArithmeticException: BigInteger: modulus not positive
at iaik.security.rsa.RSASignature.engineSign(Unknown Source)
at java.security.Signature.sign(Unknown Source)
at
robert.distributedCA.DemoApp$MyActionListener.actionPerformed(DemoApp.java:468)
at java.awt.Button.processActionEvent(Unknown Source)
at java.awt.Button.processEvent(Unknown Source)
...
If I pass a generated private Key with all information like the prime
factors and crt_coefficient, the sign method is working fine.
My explanation for this is that the signature method use additional
values like the prime factors to compute the signature by using the
chinese remainder theoreme. Maybe the sign method looks at any of these
values and throws an exception because of their zero values.
Is this a acceptable explication of my error?
Is it possible to generate X509 Certificate Signatures without using the
primefactors or crt_coefficient? Maybe i can skip the CRT because as far
as I know it is just an improvement of speed.
CODE:
PrivateKey privKey = DemoApp.mainApp.getSecurity().getCaPrivateKey();
BigInteger modulus = new BigInteger(1,
((RSAPrivateKey)privKey).getModulus().toByteArray());
BigInteger privExponent = new BigInteger(1,
((RSAPrivateKey)privKey).getPrivateExponent().toByteArray());
RSAPrivateKeySpec keySpec = new RSAPrivateKeySpec( modulus,
privExponent);
KeyFactory kFact = KeyFactory.getInstance("RSA");
privateKey = kFact.generatePrivate(keySpec);
byte[] tbs = cert.getTBSCertificate();
Signature sharsa = Signature.getInstance("SHA1withRSA", "IAIK");
sharsa.initSign(privateKey);
sharsa.update(tbs);
byte[] signatureValue = sharsa.sign(); <- exception
Thanks
Robert
--