You are viewing a plain text version of this content. The canonical link for it is here.

Posted to fx-dev@ws.apache.org by "Nathaniel A. Johnson" <na...@indiana.edu> on 2005/06/01 16:54:23 UTC

encryption not asking for the right private key

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

hi all,

i just posted this over on the axis list, but realized its probably
better suited for the wss4j dev list... sorry for the cross post for
those of you that are on both lists...

i have been stepping through the axis and wss4j code and am at a loss.
here is the code it is getting to (inside Merlin.java):

public PrivateKey getPrivateKey(String alias, String password)
    throws Exception {
  if (alias == null) {
    throw new Exception("alias is null");
  }
  boolean b = keystore.isKeyEntry(alias);
  if (!b) {
    log.error("Cannot find key for alias: " + alias);
    throw new Exception("Cannot find key for alias: " + alias);
  }
  Key keyTmp = keystore.getKey(alias, password.toCharArray());
  if (!(keyTmp instanceof PrivateKey)) {
    throw new Exception("Key is not a private key, alias: " + alias);
  }
  return (PrivateKey) keyTmp;
}

this is when the client calls to the service.  the client is sending an
encrypted/signed message.  what's happening is the server (web service)
is trying to get the private key for the client.  that just doesnt make
sense.  the server will not have a keyEntry (private key) for the
client, just public keys.

does anyone have any idea where i might be going wrong?  i have been
looking at this problem for over a week now, so maybe i am just missing
something?  i feel like i am going crazy.

thanks
nate
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (MingW32)

iD8DBQFCncwdgj8ksIjnb2wRAiRwAJ4nHpWiFC/2LSkC6kL4+LT+8RDMhgCeOFUW
yCuGO0Uiftcyn/SYnP7KLqs=
=OZpr
-----END PGP SIGNATURE-----