Util.getPublicKey/getPrivateKey uses this code to read the DSA keys from an
InputStream:
byte[] bytes = new byte[pubKey.available()];
pubKey.read(bytes);
pubKey.close();
This only works if the whole key contents are available().
It does not work if the buffer is too small.
In my case, it did not work, and only a truncated key was read.
Worst thing, this produced no error, but a "working" DSA key pair.
Of course, the signature could not be verified.
Please fix this to read the whole contents of the stream,
see for example Commons IO IOUtils.toByteArray(InputStream)