I had a look at your original mail again. The problem is that the URI you're using is not a valid URI for the symmetric encryption algorithm, as RSA is not a symmetric algorithm. It IS a valid value for WSSecEncrypt.setKeyEnc(...) though, which specifies the algorithm to use to encrypt the symmetric key. The URI supplied to WSSecEncrypt.setSymmetricEncAlgorithm(...) must correspond to a symmetric algorithm such as AES or 3DES.
Colm. ________________________________ From: Anthony Bargnesi [mailto:[email protected]] Sent: 20 July 2009 21:51 To: Colm O hEigeartaigh Cc: [email protected] Subject: Re: Encryption Algorithm causes NullPointerException in WSS4j Colm, I build the 1.5.8 snapshot with your ported fix and re-ran. Now the algorithm "RSA" is pulled from: JCEMapper.getJCEKeyAlgorithmFromURI(<URI>); given the URI: http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p But this algorithm doesn't seem to be available from withint JDK 1.6.0_07 so it yields the following exception: Caused by: java.security.NoSuchAlgorithmException: RSA KeyGenerator not available at javax.crypto.KeyGenerator.<init>(DashoA13*..) at javax.crypto.KeyGenerator.getInstance(DashoA13*..) Is this a problem with the JDK install or dependencies on wss4j? Thanks again, Tony On Mon, Jul 20, 2009 at 7:50 AM, Anthony Bargnesi <[email protected]> wrote: Colm, This makes sense as I didn't see it on the fix branch before. I will give it a shot and let you know. Thank you, Tony On Mon, Jul 20, 2009 at 7:30 AM, Colm O hEigeartaigh <[email protected]> wrote: Hi Anthony, CXF is currently using artifacts built off the 1_5_x-fixes branch, not trunk: http://svn.apache.org/repos/asf/webservices/wss4j/branches/1_5_x-fixes/ Looks like I forgot to backport the fix to WSSecEncrypt to use JCEMapper...I've just commited it, so feel free to try again (on the 1_5_x-fixes branch) and let me know if it works! Colm. ________________________________ From: Anthony Bargnesi [mailto:[email protected]] Sent: 20 July 2009 12:01 To: [email protected] Subject: Encryption Algorithm causes NullPointerException in WSS4j Hello, I am trying to encrypt a cxf web-service request using the RSA-OAEP algorithm because it is required on the endpoint side (Microsoft). I provide the "encryptionSymAlgorithm" as the corresponding URI (http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p) and set the "org.apache.ws.security.crypto.provider" to org.apache.ws.security.components.crypto.Merlin. I am using the latest WSS4j, version 1.5.7. The first issue I received was a NullPointerException in WSSecEncrypt.java trying to use a KeyGenerator that was null. It seems like this was a bug that Dan Kulp triaged in the post: http://www.nabble.com/Re:-WS-Security-RSA-Excrytion-exception..-td239743 03.html I have checked out trunk which is building the latest 1.6 SNAPSHOT since I noticed that a fix to WSSecEncrypt.java, to use a JCEMapper, was applied. The problem is that once I build the trunk version of wss4j (using java 1.6), I am missing the Merlin provider so I'm not sure what to use for the "org.apache.ws.security.crypto.provider" property. How do I use the crypto provider under Java 1.6? Also, I've noticed that I would have to recompile CXF to work with the trunk version of WSS4j (Vector -> List type change). Am I going down the right path to make WSS4j work with RSA-OAEP? Thanks in advance, Tony
