You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@ws.apache.org by "Eaton, Jason" <je...@visa.com> on 2016/03/16 03:20:24 UTC
Wss4j 1.5.0 - Key Derivation Exception
Hello All.
Hopefully a simple question. We are running wss4j 1.5.0 and are trying the signature encryption calls/builder. With the below java calls we are receiving the stack trace shown. Has anybody got a quick answer for me or seen this before? I looked into the bug database and did not see the issue. Also there was no information in the release notes.
Thanks.
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(workingDocument);
//EncryptedKey
WSSecEncrypt encrKeyBuilder = new WSSecEncrypt();
encrKeyBuilder.setUserInfo(recipient.getName());
encrKeyBuilder.setKeyIdentifierType(WSConstants.X509_KEY_IDENTIFIER);
//encrKeyBuilder.setKeyEnc(WSConstants.KEYTRANSPORT_RSAOEP);
try {
encrKeyBuilder.prepare(workingDocument, localKeyStoreHandler);
} catch (WSSecurityException e) {
throw new SecuritySystemException(e.getMessage(), e);
}
//Key information from the EncryptedKey
byte[] ek = encrKeyBuilder.getEphemeralKey();
String tokenIdentifier = encrKeyBuilder.getId();
WSSecSignature sign = new WSSecSignature();
sign.setUserInfo(sender.getName(), sender.getName());
sign.setSignatureAlgorithm(XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256);
sign.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
Document signedDoc = null;
try {
signedDoc = sign.build(workingDocument, localKeyStoreHandler, secHeader);
} catch (WSSecurityException e) {
throw new SecuritySystemException(e.getMessage(), e);
}
WSSecDKEncrypt encrBuilder = new WSSecDKEncrypt();
encrBuilder.setSymmetricEncAlgorithm(WSConstants.AES_128);
encrBuilder.setExternalKey(ek, tokenIdentifier);
Document signedEncryptedDoc = null;
try {
signedEncryptedDoc = encrBuilder.build(signedDoc, localKeyStoreHandler, secHeader);
} catch (WSSecurityException e) {
throw new SecuritySystemException(e.getMessage(), e);
}
encrKeyBuilder.prependToHeader(secHeader);
encrKeyBuilder.prependBSTElementToHeader(secHeader);
com.cybersource.security.exception.SecuritySystemException: Security Data : Key Derivation : P_SHA-1: Missing argument
at com.cybersource.nta.ws.SignedAndEncryptedMessageHandler.handleMessageCreation(SignedAndEncryptedMessageHandler.java:114)
at com.cybersource.nta.ws.SignedAndEncryptedMessageHandlerTest.testIsDocEncrypted(SignedAndEncryptedMessageHandlerTest.java:83)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at org.junit.runners.BlockJUnit4ClassRunner.runNotIgnored(BlockJUnit4ClassRunner.java:79)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:71)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:49)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:193)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:52)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:191)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:42)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:184)
at org.junit.runners.ParentRunner.run(ParentRunner.java:236)
at org.junit.runners.Suite.runChild(Suite.java:128)
at org.junit.runners.Suite.runChild(Suite.java:24)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:193)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:52)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:191)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:42)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:184)
at org.junit.runners.ParentRunner.run(ParentRunner.java:236)
at org.junit.runner.JUnitCore.run(JUnitCore.java:157)
at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:78)
at com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:212)
at com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:68)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:140)
Caused by: org.apache.ws.security.conversation.ConversationException: Key Derivation : P_SHA-1: Missing argument
at org.apache.ws.security.conversation.dkalgo.P_SHA1.createKey(P_SHA1.java:65)
at org.apache.ws.security.message.WSSecDerivedKeyBase.prepare(WSSecDerivedKeyBase.java:172)
at org.apache.ws.security.message.WSSecDKEncrypt.build(WSSecDKEncrypt.java:56)
at com.cybersource.nta.ws.SignedAndEncryptedMessageHandler.handleMessageCreation(SignedAndEncryptedMessageHandler.java:112)
... 35 more
Re: Wss4j 1.5.0 - Key Derivation Exception
Posted by Colm O hEigeartaigh <co...@apache.org>.
Is the ephemeral key returned from "encrKeyBuilder.getEphemeralKey()"
non-null? BTW WSS4J 1.5.0 is ancient and no longer supported.
Colm.
On Wed, Mar 16, 2016 at 2:20 AM, Eaton, Jason <je...@visa.com> wrote:
> Hello All.
>
>
>
> Hopefully a simple question. We are running wss4j 1.5.0 and are trying the
> signature encryption calls/builder. With the below java calls we are
> receiving the stack trace shown. Has anybody got a quick answer for me or
> seen this before? I looked into the bug database and did not see the issue.
> Also there was no information in the release notes.
>
>
>
> Thanks.
>
>
>
> WSSecHeader secHeader = *new *WSSecHeader();
> secHeader.insertSecurityHeader(workingDocument);
>
>
> *//EncryptedKey *WSSecEncrypt encrKeyBuilder = *new *WSSecEncrypt();
> encrKeyBuilder.setUserInfo(recipient.getName());
> encrKeyBuilder.setKeyIdentifierType(WSConstants.*X509_KEY_IDENTIFIER*);
>
> *//encrKeyBuilder.setKeyEnc(WSConstants.KEYTRANSPORT_RSAOEP); **try *{
> encrKeyBuilder.prepare(workingDocument, *localKeyStoreHandler*);
> } *catch *(WSSecurityException e) {
> *throw new *SecuritySystemException(e.getMessage(), e);
> }
>
>
> *//Key information from the EncryptedKey **byte*[] ek =
> encrKeyBuilder.getEphemeralKey();
> String tokenIdentifier = encrKeyBuilder.getId();
>
> WSSecSignature sign = *new *WSSecSignature();
> sign.setUserInfo(sender.getName(), sender.getName());
> sign.setSignatureAlgorithm(XMLSignature.*ALGO_ID_SIGNATURE_RSA_SHA256*);
> sign.setKeyIdentifierType(WSConstants.*BST_DIRECT_REFERENCE*);
> Document signedDoc = *null*;
> *try *{
> signedDoc = sign.build(workingDocument, *localKeyStoreHandler*,
> secHeader);
> } *catch *(WSSecurityException e) {
> *throw new *SecuritySystemException(e.getMessage(), e);
> }
>
> WSSecDKEncrypt encrBuilder = *new *WSSecDKEncrypt();
> encrBuilder.setSymmetricEncAlgorithm(WSConstants.*AES_128*);
> encrBuilder.setExternalKey(ek, tokenIdentifier);
> Document signedEncryptedDoc = *null*;
> *try *{
> signedEncryptedDoc = encrBuilder.build(signedDoc,
> *localKeyStoreHandler*, secHeader);
> } *catch *(WSSecurityException e) {
> *throw new *SecuritySystemException(e.getMessage(), e);
> }
>
> encrKeyBuilder.prependToHeader(secHeader);
> encrKeyBuilder.prependBSTElementToHeader(secHeader);
>
>
>
>
>
> com.cybersource.security.exception.SecuritySystemException: Security Data
> : Key Derivation : P_SHA-1: Missing argument
>
> at
> com.cybersource.nta.ws.SignedAndEncryptedMessageHandler.handleMessageCreation(SignedAndEncryptedMessageHandler.java:114)
>
> at
> com.cybersource.nta.ws.SignedAndEncryptedMessageHandlerTest.testIsDocEncrypted(SignedAndEncryptedMessageHandlerTest.java:83)
>
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
> Method)
>
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>
> at
> org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
>
> at
> org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
>
> at
> org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
>
> at
> org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
>
> at
> org.junit.runners.BlockJUnit4ClassRunner.runNotIgnored(BlockJUnit4ClassRunner.java:79)
>
> at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:71)
>
> at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:49)
>
> at
> org.junit.runners.ParentRunner$3.run(ParentRunner.java:193)
>
> at
> org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:52)
>
> at
> org.junit.runners.ParentRunner.runChildren(ParentRunner.java:191)
>
> at
> org.junit.runners.ParentRunner.access$000(ParentRunner.java:42)
>
> at
> org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:184)
>
> at org.junit.runners.ParentRunner.run(ParentRunner.java:236)
>
> at org.junit.runners.Suite.runChild(Suite.java:128)
>
> at org.junit.runners.Suite.runChild(Suite.java:24)
>
> at
> org.junit.runners.ParentRunner$3.run(ParentRunner.java:193)
>
> at
> org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:52)
>
> at
> org.junit.runners.ParentRunner.runChildren(ParentRunner.java:191)
>
> at
> org.junit.runners.ParentRunner.access$000(ParentRunner.java:42)
>
> at
> org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:184)
>
> at org.junit.runners.ParentRunner.run(ParentRunner.java:236)
>
> at org.junit.runner.JUnitCore.run(JUnitCore.java:157)
>
> at
> com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:78)
>
> at
> com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:212)
>
> at
> com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:68)
>
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
> Method)
>
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>
> at
> com.intellij.rt.execution.application.AppMain.main(AppMain.java:140)
>
> Caused by: org.apache.ws.security.conversation.ConversationException: Key
> Derivation : P_SHA-1: Missing argument
>
> at
> org.apache.ws.security.conversation.dkalgo.P_SHA1.createKey(P_SHA1.java:65)
>
> at
> org.apache.ws.security.message.WSSecDerivedKeyBase.prepare(WSSecDerivedKeyBase.java:172)
>
> at
> org.apache.ws.security.message.WSSecDKEncrypt.build(WSSecDKEncrypt.java:56)
>
> at
> com.cybersource.nta.ws.SignedAndEncryptedMessageHandler.handleMessageCreation(SignedAndEncryptedMessageHandler.java:112)
>
> ... 35 more
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com