Hi, Just wondering if this is related to JCE Unlimited Strength Jurisdiction Policy? https://cds.sun.com/is-bin/INTERSHOP.enfinity/WFS/CDS-CDS_Developer-Site/en_US/-/USD/viewproductdetail-start?productref=jce_policy-6-oth-...@cds-cds_developer
Regards, Herbert --- On Tue, 21/7/09, Anthony Bargnesi <[email protected]> wrote: From: Anthony Bargnesi <[email protected]> Subject: Re: Encryption Algorithm causes NullPointerException in WSS4j To: "Colm O hEigeartaigh" <[email protected]> Cc: [email protected] Date: Tuesday, 21 July, 2009, 4:51 AM Colm, I build the 1.5.8 snapshot with your ported fix and re-ran. Now the algorithm "RSA" is pulled from: JCEMapper.getJCEKeyAlgorithmFromURI(<URI>); given the URI: http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p But this algorithm doesn't seem to be available from withint JDK 1.6.0_07 so it yields the following exception: Caused by: java.security.NoSuchAlgorithmException: RSA KeyGenerator not available at javax.crypto.KeyGenerator.<init>(DashoA13*..) at javax.crypto.KeyGenerator.getInstance(DashoA13*..) Is this a problem with the JDK install or dependencies on wss4j? Thanks again, Tony On Mon, Jul 20, 2009 at 7:50 AM, Anthony Bargnesi <[email protected]> wrote: Colm, This makes sense as I didn't see it on the fix branch before. I will give it a shot and let you know. Thank you, Tony On Mon, Jul 20, 2009 at 7:30 AM, Colm O hEigeartaigh <[email protected]> wrote: Hi Anthony, CXF is currently using artifacts built off the 1_5_x-fixes branch, not trunk: http://svn.apache.org/repos/asf/webservices/wss4j/branches/1_5_x-fixes/ Looks like I forgot to backport the fix to WSSecEncrypt to use JCEMapper…I’ve just commited it, so feel free to try again (on the 1_5_x-fixes branch) and let me know if it works! Colm. From: Anthony Bargnesi [mailto:[email protected]] Sent: 20 July 2009 12:01 To: [email protected] Subject: Encryption Algorithm causes NullPointerException in WSS4j Hello, I am trying to encrypt a cxf web-service request using the RSA-OAEP algorithm because it is required on the endpoint side (Microsoft). I provide the "encryptionSymAlgorithm" as the corresponding URI (http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p) and set the "org.apache.ws.security.crypto.provider" to org.apache.ws.security.components.crypto.Merlin. I am using the latest WSS4j, version 1.5.7. The first issue I received was a NullPointerException in WSSecEncrypt.java trying to use a KeyGenerator that was null. It seems like this was a bug that Dan Kulp triaged in the post: http://www.nabble.com/Re:-WS-Security-RSA-Excrytion-exception..-td23974303.html I have checked out trunk which is building the latest 1.6 SNAPSHOT since I noticed that a fix to WSSecEncrypt.java, to use a JCEMapper, was applied. The problem is that once I build the trunk version of wss4j (using java 1.6), I am missing the Merlin provider so I'm not sure what to use for the "org.apache.ws.security.crypto.provider" property. How do I use the crypto provider under Java 1.6? Also, I've noticed that I would have to recompile CXF to work with the trunk version of WSS4j (Vector -> List type change). Am I going down the right path to make WSS4j work with RSA-OAEP? Thanks in advance, Tony New Email names for you! Get the Email name you've always wanted on the new @ymail and @rocketmail. Hurry before someone else does! http://mail.promotions.yahoo.com/newdomains/sg/
