Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
Description
The debug log message makes a call to Signature.getProvider() too early.
This causes Signature.chooseFirstProvider() to be called which matches the first provider always rather than the correct provider based on PrivateKey.getAlgorithm() when there are multiple providers.
This debug log was changed in this commit and introduced the issue: 1f48918
https://github.com/apache/santuario-xml-security-java/pull/240