You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by Dittmann Werner <we...@siemens.com> on 2004/03/29 12:54:50 UTC

AW: Fault: An unsupported signature or encryption algorithm was u sed

Christof,
 
strange. As I read it this happens at the receiver. I checked the
part of the code that throws this exception. This Exception
is thrown by Cipher when loading a Cipher instance with the
required algorithm.
 
Before I can answer you question: when did you donwload the
WSS4J code? during the last 2-3 weeks Dims and I did some
enhancements to the encryption/decryption stuff, in particular
to specifiy the Security provider (WSS4J uses Bouncycastle).
 
The Cipher factory throws this Exception if it does not find
the requested algorithm. In this case RSA/ECB/PKCS1PADDING
is used. Bouncycastle supports this algo, the standard Sun
security provider does not (CLASSPATH / class loading issue????)
 
Regards,
Werner

 
 -----Ursprüngliche Nachricht-----
Von: Christof Soehngen [mailto:Christof.Soehngen@SYRACOM.DE] 
Gesendet: Montag, 29. März 2004 11:26
An: fx-dev@ws.apache.org
Betreff: Fault: An unsupported signature or encryption algorithm was used


Hello list, another issue:
 
I created different versions of SecHttp-Service in the server side .wsdd file, to compare the different options of the security handler.
On the client side, i change the service-description in "client-config.wsdd" and the adress in the java file, when using a different service.

Sometimes i get the following fault, that can only be countered by restarting tomcat:
WSDoAllReceiver: security processing failed; nested exception is:
org.apache.ws.security.WSSecurityException:
An unsupported signature or encryption algorithm was used (unsupported key transport encryption algorithm: No such algorithm: http://www.w3.org/2001/04/xmlenc#rsa-1_5 <http://www.w3.org/2001/04/xmlenc#rsa-1_5> )
 
The algorithm mentioned is the same in normal messages, the request looks normal to me, too:
 
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv=" <http://schemas.xmlsoap.org/soap/envelope/> http://schemas.xmlsoap.org/soap/envelope/" xmlns:xenc=" <http://www.w3.org/2001/04/xmlenc> http://www.w3.org/2001/04/xmlenc#" xmlns:xsd=" <http://www.w3.org/2001/XMLSchema> http://www.w3.org/2001/XMLSchema" xmlns:xsi=" <http://www.w3.org/2001/XMLSchema-instance> http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse=" <http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd> http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<xenc:EncryptedKey>
<xenc:EncryptionMethod Algorithm=" <http://www.w3.org/2001/04/xmlenc#rsa-1_5> http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
<ds:KeyInfo xmlns:ds=" <http://www.w3.org/2000/09/xmldsig> http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference><wsse:KeyIdentifier EncodingType=" <http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary> http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="MIIBYjCCAQygAwIBAgIQIWFO9wjTxZJOxcgGtBqGVTANBgkqhkiG9w0BAQQFADAPMQ0wCwYDVQQD'> <http://www.docs.oasis-open.org/wss/2003/12/oasis-200401-wss-x509-token-profile-1.0#X509v3> http://www.docs.oasis-open.org/wss/2003/12/oasis-200401-wss-x509-token-profile-1.0#X509v3">MIIBYjCCAQygAwIBAgIQIWFO9wjTxZJOxcgGtBqGVTANBgkqhkiG9w0BAQQFADAPMQ0wCwYDVQQD
EwRkaW1zMB4XDTAzMDUxMjE2NDExN1oXDTM5MTIzMTIzNTk1OVowDzENMAsGA1UEAxMEZGltczBc
MA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDrmZ7T2MFQNwloGughSRoapkmvbtPAwBXt+21bFzqfXJ1S
pliN6CCRczIflSQCCCyBZ2j0dA51n/ZDWDizdNenAgMBAAGjRDBCMEAGA1UdAQQ5MDeAEBsIiVES
xf6DrjkLYXayxmKhETAPMQ0wCwYDVQQDEwRkaW1zghAhYU73CNPFkk7FyAa0GoZVMA0GCSqGSIb3
DQEBBAUAA0EAxSGwjZ/FOScVLlVTxic1FKmPd8WTg1DrJFDWuxMTx6n0Zxn4N8ZxkAl7TNx/JcIl
G+dlnyWZ0in3dOEtF0g5mA==</wsse:KeyIdentifier></wsse:SecurityTokenReference></ds:KeyInfo>
<xenc:CipherData><xenc:CipherValue>vyWpKb5EucfCZAj1nwuezptDaExSS3629CvsWIxGNQUyviKV7QKawVElwNdrJSXGX1UMt2piKcN8
NzbCc37N1g==</xenc:CipherValue></xenc:CipherData>
<xenc:ReferenceList><xenc:DataReference URI="#EncDataId-14615608"/></xenc:ReferenceList></xenc:EncryptedKey><wsse:BinarySecurityToken EncodingType=" <http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary> http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType=" <http://www.docs.oasis-open.org/wss/2003/12/oasis-200401-wss-x509-token-profile-1.0#X509v3> http://www.docs.oasis-open.org/wss/2003/12/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="CertId-605423" xmlns:wsu="MIIBYjCCAQygAwIBAgIQIWFO9wjTxZJOxcgGtBqGVTANBgkqhkiG9w0BAQQFADAPMQ0wCwYDVQQD'> <http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd> http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">MIIBYjCCAQygAwIBAgIQIWFO9wjTxZJOxcgGtBqGVTANBgkqhkiG9w0BAQQFADAPMQ0wCwYDVQQD
EwRkaW1zMB4XDTAzMDUxMjE2NDExN1oXDTM5MTIzMTIzNTk1OVowDzENMAsGA1UEAxMEZGltczBc
MA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDrmZ7T2MFQNwloGughSRoapkmvbtPAwBXt+21bFzqfXJ1S
pliN6CCRczIflSQCCCyBZ2j0dA51n/ZDWDizdNenAgMBAAGjRDBCMEAGA1UdAQQ5MDeAEBsIiVES
xf6DrjkLYXayxmKhETAPMQ0wCwYDVQQDEwRkaW1zghAhYU73CNPFkk7FyAa0GoZVMA0GCSqGSIb3
DQEBBAUAA0EAxSGwjZ/FOScVLlVTxic1FKmPd8WTg1DrJFDWuxMTx6n0Zxn4N8ZxkAl7TNx/JcIl
G+dlnyWZ0in3dOEtF0g5mA==</wsse:BinarySecurityToken><ds:Signature xmlns:ds=" <http://www.w3.org/2000/09/xmldsig> http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm=" <http://www.w3.org/2001/10/xml-exc-c14n#> http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm=" <http://www.w3.org/2000/09/xmldsig#rsa-sha1> http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#id-26474210">
<ds:Transforms>
<ds:Transform Algorithm=" <http://www.w3.org/2001/10/xml-exc-c14n#> http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm=" <http://www.w3.org/2000/09/xmldsig#sha1> http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>5bGNvjtkSSqxa5zFZWcKOMfK+/Y=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
DxflfiEiXIxu+rLpzI7o+1l0g9+ttNkXmPZQPfzoVZ/u2BhxIR493AgiEneEKEG3AZbWkZmlzwe0
DlQYhut2Lg==
</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-32580443">
<wsse:SecurityTokenReference wsu:Id="STRId-21854021" xmlns:wsu=" <http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd> http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsse:Reference URI="#CertId-605423"/></wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature><wsu:Timestamp xmlns:wsu=" <http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd> 2004-03-29T09:12:42Z2004-03-29T09:17:42Zhttp://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsu:Created>2004-03-29T09:12:42Z</wsu:Created><wsu:Expires>2004-03-29T09:17:42Z</wsu:Expires></wsu:Timestamp></wsse:Security></soapenv:Header>
 <soapenv:Body wsu:Id="id-26474210" xmlns:wsu=" <http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd> http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><xenc:EncryptedData Id="EncDataId-14615608" Type=" <http://www.w3.org/2001/04/xmlenc#Content> http://www.w3.org/2001/04/xmlenc#Content"><xenc:EncryptionMethod Algorithm=" <http://www.w3.org/2001/04/xmlenc#tripledes-cbc> sCYsgxDeELUvpBft5zytALzTTjh1Xhzrjtabu+2vePQ1f1+TC32t5eDeSFsDnOLODm3KK6ZNaJ3t'>http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/><xenc:CipherData><xenc:CipherValue>sCYsgxDeELUvpBft5zytALzTTjh1Xhzrjtabu+2vePQ1f1+TC32t5eDeSFsDnOLODm3KK6ZNaJ3t
Phnhd8gjTUasljS75aCLcdLm64EEAayptefrh+v1Q8SKAusGuSowAMkfM8074kMngWKannsNdroa
Cdx5I0ms843VGeaw42Jcf1dl4PIDZmX0RurXjDnDbMuh6j7/yUPFn+PNV1T1uoHsSZ16tb6U9MK0
UmGl6963ooCl003trD6WUkSqvDRlf2xoXQXS4ooEcJeJgIyoA3Xs9uEGPHOPYvD5PFa+d1p9718Y
vjD6Esh2ldT7xpUrYeP1HlZLbWORty5aZH/ftnTxKtmFnUJDCgSivoTtwN71g5UGYnUo/2aJvley
pLoT6ZvDwmOvmpHzHHrrCsmeX1EN+8NctylqttF9yow8Pbene+BvoPLPWksHZs5rXv/AipJ/bUnV
amSAxg4O7GpV68OE1Lwb+fG4q7ee/KF6Lp0qO4AaBZJI/ya9dISqNUkYFgWT2cQw2zM=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></soapenv:Body>
</soapenv:Envelope>

Is this normal if changing clientside .wsdd files?
 
Thanks,
Christof
###########################################

This message has been scanned by F-Secure Anti-Virus for Microsoft Exchange.
For more information, connect to http://www.F-Secure.com/