IV65166: SIGNATURE VERIFY FAILURE WITH SHA*WITHECDSA ALGORITHMS
Closed as program error.
Error Message: N/A . Stack Trace: N/A . When the digest length is longer than the EC keypair field size, the signature verify may fail (e.g. use 192 bit EC keypair with SHA256withECDSA signature).
Use EC keypair which field size is longer than the digest length.
The problem happens because the digest is not trimmed properly.
A fix is made to IBMJCE providerThe associated Hursley RTC Problem Report is 74934The associated Hursley CMVC defect is 202418The associated Austin CMVC defect is 115902The associated Austin APAR is IV65098JVMs affected: Java 5.0, Java 6.0, Java 626, Java 7.0 and Java 727The fix was delivered for Java 5.0 SR16FP8, Java 6.0 SR16FP2, Java 626 SR8FP2, Java 7.0 SR8 and Java 727 SR2The affected jar is "ibmjceprovider.jar".The build level of this jar for the affected releases is "20140919" . This APAR will be fixed in the following Java Releases: 7 SR8 (220.127.116.11) 5.0 SR16 FP8 (18.104.22.168) 6 SR16 FP2 (22.214.171.124) 7 R1 SR2 (126.96.36.199) 6 R1 SR8 FP2 (188.8.131.52) . Contact your IBM Product's Service Team for these Service Refreshes and Fix Packs. For those running stand-alone, Java maintenance is available from: https://www.ibm.com/developerworks/java/jdk/
Reported component name
Reported component ID
Last modified date
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fixed component name
Fixed component ID
Applicable component levels