IBM Support

IT22676: THE GATEWAYSCRIPT SIGN() API THAT USES SHA1 AND AN RSA KEY LENGTH OF 1024 INCORRECTLY RETURNS ERROR "INCORRECT KEY LENGTH"

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • When using the Sha1 algorithm in a gatewayscript it return
    error "Key length should be 1280 bits"
    If you use DataPower to sign messages using legacy 1024 private
    keys you get this error: "When using the 'sha1' algorithm, the
    key length shall be 1280 bits" .
    

Local fix

  • The XSLT extension function dp:sign(...) is not affected -
    different code path.
    You can replace the Gatewayscript with XSLT.
    

Problem summary

  • The gatewayscript sign() api that uses sha1 and an rsa key
    length of 1024 incorrectly returns an error about incorrect key
    length.
    

Problem conclusion

Temporary fix

Comments

APAR Information

  • APAR number

    IT22676

  • Reported component name

    DATAPOWER

  • Reported component ID

    DP1234567

  • Reported release

    752

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2017-10-05

  • Closed date

    2017-10-31

  • Last modified date

    2017-12-12

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    DATAPOWER

  • Fixed component ID

    DP1234567

Applicable component levels

  • R720 PSY

       UP

  • R750 PSY

       UP

  • R751 PSY

       UP

  • R752 PSY

       UP

  • R760 PSY

       UP



Document information

More support for: IBM DataPower Gateways
General

Software version: 752

Reference #: IT22676

Modified date: 12 December 2017