[ https://issues.apache.org/jira/browse/WSS-706?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17810920#comment-17810920 ]
Colm O hEigeartaigh commented on WSS-706: ----------------------------------------- [~jrihtarsic] I committed it to 3.0.x-fixes, however there's a test failure on JDK11: {code:java} [ERROR] Tests run: 18, Failures: 0, Errors: 2, Skipped: 0, Time elapsed: 0.578 s <<< FAILURE! -- in org.apache.wss4j.dom.message.EncryptionTest[ERROR] org.apache.wss4j.dom.message.EncryptionTest.testEncryptionDecryptionECDSA_ES(String, String)[1] -- Time elapsed: 0.118 s <<< ERROR!org.apache.wss4j.common.ext.WSSecurityException: The private key for the supplied alias does not exist in the keystoreOriginal Exception was org.apache.wss4j.common.ext.WSSecurityException: The private key for the supplied alias does not exist in the keystoreOriginal Exception was java.security.UnrecoverableKeyException: Get Key failed: java.security.InvalidKeyException: key length must be 32 at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.getPrivateKey(EncryptedKeyProcessor.java:301) at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:203) at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:91) at org.apache.wss4j.dom.engine.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:340) at org.apache.wss4j.dom.engine.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:221) at org.apache.wss4j.dom.engine.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:168) at org.apache.wss4j.dom.engine.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:127) at org.apache.wss4j.dom.message.EncryptionTest.testEncryptionDecryptionECDSA_ES(EncryptionTest.java:372) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at java.base/java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:183) at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195) at java.base/java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:177) at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195) at java.base/java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:183) at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195) at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195) at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195) at java.base/java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1655) at java.base/java.util.stream.ReferencePipeline$Head.forEach(ReferencePipeline.java:658) at java.base/java.util.stream.ReferencePipeline$7$1.accept(ReferencePipeline.java:274) at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195) at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195) at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195) at java.base/java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1655) at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484) at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474) at java.base/java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:150) at java.base/java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:173) at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) at java.base/java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:497) at java.base/java.util.stream.ReferencePipeline$7$1.accept(ReferencePipeline.java:274) at java.base/java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1655) at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484) at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474) at java.base/java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:150) at java.base/java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:173) at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) at java.base/java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:497) at java.base/java.util.ArrayList.forEach(ArrayList.java:1541) at java.base/java.util.ArrayList.forEach(ArrayList.java:1541)Caused by: org.apache.wss4j.common.ext.WSSecurityException: The private key for the supplied alias does not exist in the keystoreOriginal Exception was java.security.UnrecoverableKeyException: Get Key failed: java.security.InvalidKeyException: key length must be 32 at org.apache.wss4j.common.crypto.Merlin.getPrivateKey(Merlin.java:741) at org.apache.wss4j.common.crypto.Merlin.getPrivateKey(Merlin.java:642) at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.getPrivateKey(EncryptedKeyProcessor.java:297) ... 39 moreCaused by: java.security.UnrecoverableKeyException: Get Key failed: java.security.InvalidKeyException: key length must be 32 at java.base/sun.security.pkcs12.PKCS12KeyStore.engineGetKey(PKCS12KeyStore.java:422) at java.base/sun.security.util.KeyStoreDelegator.engineGetKey(KeyStoreDelegator.java:90) at java.base/java.security.KeyStore.getKey(KeyStore.java:1057) at org.apache.wss4j.common.crypto.Merlin.getPrivateKey(Merlin.java:725) ... 41 moreCaused by: java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: key length must be 32 at jdk.crypto.ec/sun.security.ec.XDHKeyFactory.engineGeneratePrivate(XDHKeyFactory.java:136) at java.base/java.security.KeyFactory.generatePrivate(KeyFactory.java:390) at java.base/sun.security.pkcs12.PKCS12KeyStore.lambda$engineGetKey$0(PKCS12KeyStore.java:382) at java.base/sun.security.pkcs12.PKCS12KeyStore$RetryWithZero.run(PKCS12KeyStore.java:252) at java.base/sun.security.pkcs12.PKCS12KeyStore.engineGetKey(PKCS12KeyStore.java:357) ... 44 moreCaused by: java.security.InvalidKeyException: key length must be 32 at jdk.crypto.ec/sun.security.ec.XDHPrivateKeyImpl.checkLength(XDHPrivateKeyImpl.java:71) at jdk.crypto.ec/sun.security.ec.XDHPrivateKeyImpl.<init>(XDHPrivateKeyImpl.java:64) at jdk.crypto.ec/sun.security.ec.XDHKeyFactory.generatePrivateImpl(XDHKeyFactory.java:169) at jdk.crypto.ec/sun.security.ec.XDHKeyFactory.engineGeneratePrivate(XDHKeyFactory.java:134) ... 48 more [ERROR] org.apache.wss4j.dom.message.EncryptionTest.testEncryptionDecryptionECDSA_ES(String, String)[2] -- Time elapsed: 0.064 s <<< ERROR!org.apache.wss4j.common.ext.WSSecurityException: The private key for the supplied alias does not exist in the keystoreOriginal Exception was org.apache.wss4j.common.ext.WSSecurityException: The private key for the supplied alias does not exist in the keystoreOriginal Exception was java.security.UnrecoverableKeyException: Get Key failed: java.security.InvalidKeyException: key length must be 56 at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.getPrivateKey(EncryptedKeyProcessor.java:301) at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:203) at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:91) at org.apache.wss4j.dom.engine.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:340) at org.apache.wss4j.dom.engine.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:221) at org.apache.wss4j.dom.engine.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:168) at org.apache.wss4j.dom.engine.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:127) at org.apache.wss4j.dom.message.EncryptionTest.testEncryptionDecryptionECDSA_ES(EncryptionTest.java:372) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at java.base/java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:183) at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195) at java.base/java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:177) at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195) at java.base/java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:183) at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195) at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195) at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195) at java.base/java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1655) at java.base/java.util.stream.ReferencePipeline$Head.forEach(ReferencePipeline.java:658) at java.base/java.util.stream.ReferencePipeline$7$1.accept(ReferencePipeline.java:274) at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195) at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195) at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195) at java.base/java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1655) at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484) at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474) at java.base/java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:150) at java.base/java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:173) at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) at java.base/java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:497) at java.base/java.util.stream.ReferencePipeline$7$1.accept(ReferencePipeline.java:274) at java.base/java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1655) at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484) at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474) at java.base/java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:150) at java.base/java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:173) at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) at java.base/java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:497) at java.base/java.util.ArrayList.forEach(ArrayList.java:1541) at java.base/java.util.ArrayList.forEach(ArrayList.java:1541)Caused by: org.apache.wss4j.common.ext.WSSecurityException: The private key for the supplied alias does not exist in the keystoreOriginal Exception was java.security.UnrecoverableKeyException: Get Key failed: java.security.InvalidKeyException: key length must be 56 at org.apache.wss4j.common.crypto.Merlin.getPrivateKey(Merlin.java:741) at org.apache.wss4j.common.crypto.Merlin.getPrivateKey(Merlin.java:642) at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.getPrivateKey(EncryptedKeyProcessor.java:297) ... 39 moreCaused by: java.security.UnrecoverableKeyException: Get Key failed: java.security.InvalidKeyException: key length must be 56 at java.base/sun.security.pkcs12.PKCS12KeyStore.engineGetKey(PKCS12KeyStore.java:422) at java.base/sun.security.util.KeyStoreDelegator.engineGetKey(KeyStoreDelegator.java:90) at java.base/java.security.KeyStore.getKey(KeyStore.java:1057) at org.apache.wss4j.common.crypto.Merlin.getPrivateKey(Merlin.java:725) ... 41 moreCaused by: java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: key length must be 56 at jdk.crypto.ec/sun.security.ec.XDHKeyFactory.engineGeneratePrivate(XDHKeyFactory.java:136) at java.base/java.security.KeyFactory.generatePrivate(KeyFactory.java:390) at java.base/sun.security.pkcs12.PKCS12KeyStore.lambda$engineGetKey$0(PKCS12KeyStore.java:382) at java.base/sun.security.pkcs12.PKCS12KeyStore$RetryWithZero.run(PKCS12KeyStore.java:252) at java.base/sun.security.pkcs12.PKCS12KeyStore.engineGetKey(PKCS12KeyStore.java:357) ... 44 moreCaused by: java.security.InvalidKeyException: key length must be 56 at jdk.crypto.ec/sun.security.ec.XDHPrivateKeyImpl.checkLength(XDHPrivateKeyImpl.java:71) at jdk.crypto.ec/sun.security.ec.XDHPrivateKeyImpl.<init>(XDHPrivateKeyImpl.java:64) at jdk.crypto.ec/sun.security.ec.XDHKeyFactory.generatePrivateImpl(XDHKeyFactory.java:169) at jdk.crypto.ec/sun.security.ec.XDHKeyFactory.engineGeneratePrivate(XDHKeyFactory.java:134) ... 48 more{code} > Support for Key Agreement using ECDH-ES > --------------------------------------- > > Key: WSS-706 > URL: https://issues.apache.org/jira/browse/WSS-706 > Project: WSS4J > Issue Type: New Feature > Components: WSS4J Core > Reporter: Joze Rihtarsic > Assignee: Colm O hEigeartaigh > Priority: Major > Fix For: 4.0.0 > > > Recently a PR was opened for the > [ECDH-ES|https://www.w3.org/TR/xmlenc-core1/#sec-ECDH-ES] implementation in > the santuario library. > See the ticket: > [https://issues.apache.org/jira/projects/SANTUARIO/issues/SANTUARIO-511] > The purpose of this request/ticket is to update the wss4j library so that it > can use the new Key Agreement method ECDH-ES. -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@ws.apache.org For additional commands, e-mail: dev-h...@ws.apache.org