我已经使用Java 8签署了XML文档，没有问题，直到升级到Java 8u121版本，代码是：

    String xml_entrada = "D:\\CeslySoft\\Ivap_facturador\\CPE\\FirmaXML\\Schema-20480510144-RC-20170327-0001.xml";
    String xml_salida  = "D:\\CeslySoft\\Ivap_facturador\\CPE\\FirmaXML\\20480510144-RC-20170327-0001.xml";
    String certi_digital = "D:\\CeslySoft\\Ivap_facturador\\Certificados\\molchiclayo1.jks";
    String clave = "9ghi0nmbR0ft";
    String alias = "1";
    String tipodoc = "09";

    int indice = (tipodoc.equals("09")? 0: 1);
    XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
    Reference ref = fac.newReference("", fac.newDigestMethod(DigestMethod.SHA1,null),
            Collections.singletonList(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)),
            null,null);
    SignedInfo si = fac.newSignedInfo(fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE,
            (C14NMethodParameterSpec) null),
            fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null),
            Collections.singletonList(ref));

    KeyStore ks = KeyStore.getInstance("JKS");
    ks.load(new FileInputStream(certi_digital), clave.toCharArray());
    KeyStore.PrivateKeyEntry keyEntry
        = (KeyStore.PrivateKeyEntry) ks.getEntry(alias, new KeyStore.PasswordProtection(clave.toCharArray()));

    X509Certificate cert = (X509Certificate) keyEntry.getCertificate();

    KeyInfoFactory kif = fac.getKeyInfoFactory();
    List<Object> x509content = new ArrayList<>();
    x509content.add(cert.getSubjectX500Principal().getName());
    x509content.add(cert);
    X509Data xd = kif.newX509Data(x509content);
    KeyInfo ki = kif.newKeyInfo(Collections.singletonList(xd));

    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    dbf.setNamespaceAware(true);
    //Document doc = dbf.newDocumentBuilder().parse(new FileInputStream(xml_entrada));
    InputSource is = new InputSource(new InputStreamReader(new FileInputStream(xml_entrada), "ISO-8859-1"));
    Document doc = dbf.newDocumentBuilder().parse(is);

    Node nodePadre = doc.getElementsByTagName("ext:ExtensionContent").item(indice);
    nodePadre.getNodeValue();
    DOMSignContext dsc = new DOMSignContext(keyEntry.getPrivateKey(), nodePadre);

    XMLSignature signature = fac.newXMLSignature(si, ki, null, "SignatureSP", null);
    signature.sign(dsc);

    OutputStream os = new FileOutputStream(xml_salida);
    TransformerFactory tf = TransformerFactory.newInstance();
    Transformer trans = tf.newTransformer();
    trans.setOutputProperty(OutputKeys.ENCODING, "ISO-8859-1");

    trans.transform(new DOMSource(doc), new StreamResult(os));

   signature.sign(dsc)

javax.xml.crypto.XMLSignatureException: java.security.InvalidKeyException: Invalid RSA private key

这是由于JDK 8u121（http://www.oracle.com/technetwork/java/javase/8u121-relnotes-3315208.html）中的修复引起的错误。“向DER编码解析代码中添加了更多检查，从而向DER编码解析代码中添加了更多检查，以捕获各种编码错误。此外，包含现在，不确定的长度编码将在解析期间导致IOException。请注意，使用JDK默认提供程序生成的签名不受此更改的影响。
JDK-8168714（非公开）“

JDK-8175251（https://bugs.openjdk.java.net/browse/JDK-8175251）已修复此问题，它将在下一个JDK更新中提供。该修补程序已在JDK 8u152中提供，可以从https://jdk8.java.net/download.html下载其早期访问版本。