On Tue December 15 2009 2:43:55 pm stevewu wrote:
> Hi Dan
> Is this issue resolved in CXF 2.2.4, as it shipped with wss4j-1.5.8.jar?
I believe so, yea.
Dan
>
> Thanks
> Steve
>
> dkulp wrote:
> > On Wed June 10 2009 5:21:17 pm bharath thippireddy wrote:
> >> I could get the User Token encryption working using BountyCastle.But as
> >> we
> >> cannot use bounty castle
> >
> > Any particular reason why? I'm pretty sure a lot of things WS-Security
> > related won't work with BouncyCastle. The JDK just doesn't have the
> > algorithms that are needed. (although java 6 does have a lot more)
> >
> >> can you please let me know if the exception below
> >> can be fixed with a setting in jdk/jce.When I try a different algorithm
> >> like DES instead of RSA I get a nullpointer exception on the CXF
> >> Client.
> >>
> >>
> >> java.security.NoSuchAlgorithmException: Cannot find any provider
> >> supporting RSA/NONE/PKCS1PADDING
> >
> > I did a little digging and I THINK this particular exception could be
> > fixed
> > with a simple change in WSS4J. If the line:
> >
> > cipher = Cipher.getInstance("RSA/NONE/PKCS1PADDING");
> >
> > was surrounded with a try/catch that would then try:
> >
> > cipher = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
> >
> > I THINK it would work. Bouncycastle uses "NONE" for the mode whereas
> > the Sun
> > provider uses ECB. Not sure what the Sun setting for
> > "RSA/NONE/OAEPPADDING"
> > is. That would need to be investigated more. It would be one of:
> > OAEPWITHMD5ANDMGF1PADDING, OAEPWITHSHA1ANDMGF1PADDING,
> > OAEPWITHSHA-1ANDMGF1PADDING, OAEPWITHSHA-256ANDMGF1PADDING,
> > OAEPWITHSHA-384ANDMGF1PADDING, OAEPWITHSHA-512ANDMGF1PADDING
> > but cryptography is definitely not my area.
> >
> > In any case, that would require you to patch WSS4J. If that's an option
> > for
> > you, you could give that a try.
> >
> > To the WSS4j folks: why is this method not calling XMLCipher.getInstance
> > like
> > every other cipher related thing? Should it be? Would that alone fix
> > it?
> >
> >
> > Dan
> >
> >> Jun 10, 2009 5:11:04 PM
> >> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor
> >> handleMessage
> >>
> >> WARNING:
> >>
> >> org.apache.ws.security.WSSecurityException: An unsupported signature or
> >> encryption algorithm was used (unsupported key t
> >>
> >> ransport encryption algorithm: No such algorithm:
> >> http://www.w3.org/2001/04/xmlenc#rsa-1_5); nested exception is:
> >>
> >> java.security.NoSuchAlgorithmException: Cannot find any provider
> >> supporting RSA/NONE/PKCS1PADDING
> >>
> >> at
> >> org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityU
> >>til .java:690)
> >>
> >> at
> >> org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKe
> >>y(E ncryptedKeyProcessor.java:145)
> >>
> >> at
> >> org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKe
> >>y(E ncryptedKeyProcessor.java:107)
> >>
> >> at
> >> org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(Encry
> >>pte dKeyProcessor.java:87)
> >>
> >>
> >>
> >> thanks and regards,
> >>
> >> Bharath
>
--
Daniel Kulp
[email protected]
http://www.dankulp.com/blog
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
