We are generating a digital signature (PKCS7) using Java security API. The digest algorithm is SHA-256 and the encryption algorithm is RSA (SHA256withRSA).
Using SunRsaSign provider in the local machine, a signature was generated on some content. Using IBMJCE provider in WAS 8.0.0.2, we were able to generate the same signature on the same content.
However, the problem is, we had to migrate back to WAS 6.1. Now, the signature generated is different than the one generated in above 2 cases. I checked the message-digests created in all the 3 cases, and it is the same in all the 3 cases, but the signature is different in case of WAS 6.1.
Is there any known issue with WAS 6.1's IBMJCE provider with respect to SHA256withRSA encryption? Any pointers would be greatly appreciated. Thanks
Is there really a problem? From what I know, this must apply
signature = sign(message)
verify(signature) == message
There is no requirement that all signatures must be the same. So do you really have problem with verification of those signatures?
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With