You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by di...@apache.org on 2005/10/16 17:29:08 UTC
svn commit: r322484 -
/webservices/wss4j/trunk/src/org/apache/ws/security/WSSConfig.java
Author: dims
Date: Sun Oct 16 08:29:07 2005
New Revision: 322484
URL: http://svn.apache.org/viewcvs?rev=322484&view=rev
Log:
BC can't be the first..."ant clean test" fails in jdk14 and jdk15. See url's below for more info.
http://lists.apple.com/archives/Java-dev/2004/Apr/msg00557.html
http://forum.java.sun.com/thread.jspa?forumID=60&messageID=1662855&threadID=386531
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/WSSConfig.java
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/WSSConfig.java
URL: http://svn.apache.org/viewcvs/webservices/wss4j/trunk/src/org/apache/ws/security/WSSConfig.java?rev=322484&r1=322483&r2=322484&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/WSSConfig.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/WSSConfig.java Sun Oct 16 08:29:07 2005
@@ -236,8 +236,12 @@
log.debug("The provider " + id
+ " had to be added to the java.security.Security");
}
+ int pos = 1;
+ if(id.equalsIgnoreCase("BC")) {
+ pos = 2;
+ }
java.security.Security.insertProviderAt((java.security.Provider) c
- .newInstance(), 1);
+ .newInstance(), pos);
}
return true;
} catch (Throwable t) {
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: svn commit: r322484 - /webservices/wss4j/trunk/src/org/apache/ws/security/WSSConfig.java
Posted by Werner Dittmann <We...@t-online.de>.
DIms,
I'll dig into this because I use BC _only_ and I have moved the Sun JCE
and the SunProvider out of the way completely. Can you provide me the
full error info/exception? Thanks. Is it a problem during encryption
or decryption or a keystore problem?
Not removing the the JCE and the security implemetation may lead to some
problems that one uses the Sun implemetation instead of the BC
implemetation. The problem arises due to the implementation of the
Security provider class and the lookup of the security implementation.
For example Sun provides the fully qualified Cipher names (e.g.
AES/CBC/ISO10126PADDING) where BC uses the name "AES" only and sets the
properties via calls to the cipher provider. The lookup mechanism first
tries to get the full qualified name thus using the Sun implementation,
not the BC implementation. This may not the result you expect because
the Sun implementation may be slower, etc.
Even if another implementation also provides the full qualified names
but cannot be placed on position one - then the SUn implementation is
always used because it's the first in the chain. This would contradict
the documentation.
Regards,
Werner
dims@apache.org wrote:
> Author: dims
> Date: Sun Oct 16 08:29:07 2005
> New Revision: 322484
>
> URL: http://svn.apache.org/viewcvs?rev=322484&view=rev
> Log:
> BC can't be the first..."ant clean test" fails in jdk14 and jdk15. See url's below for more info.
>
> http://lists.apple.com/archives/Java-dev/2004/Apr/msg00557.html
> http://forum.java.sun.com/thread.jspa?forumID=60&messageID=1662855&threadID=386531
>
>
> Modified:
> webservices/wss4j/trunk/src/org/apache/ws/security/WSSConfig.java
>
> Modified: webservices/wss4j/trunk/src/org/apache/ws/security/WSSConfig.java
> URL: http://svn.apache.org/viewcvs/webservices/wss4j/trunk/src/org/apache/ws/security/WSSConfig.java?rev=322484&r1=322483&r2=322484&view=diff
> ==============================================================================
> --- webservices/wss4j/trunk/src/org/apache/ws/security/WSSConfig.java (original)
> +++ webservices/wss4j/trunk/src/org/apache/ws/security/WSSConfig.java Sun Oct 16 08:29:07 2005
> @@ -236,8 +236,12 @@
> log.debug("The provider " + id
> + " had to be added to the java.security.Security");
> }
> + int pos = 1;
> + if(id.equalsIgnoreCase("BC")) {
> + pos = 2;
> + }
> java.security.Security.insertProviderAt((java.security.Provider) c
> - .newInstance(), 1);
> + .newInstance(), pos);
> }
> return true;
> } catch (Throwable t) {
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: svn commit: r322484 - /webservices/wss4j/trunk/src/org/apache/ws/security/WSSConfig.java
Posted by Werner Dittmann <We...@t-online.de>.
DIms,
I'll dig into this because I use BC _only_ and I have moved the Sun JCE
and the SunProvider out of the way completely. Can you provide me the
full error info/exception? Thanks. Is it a problem during encryption
or decryption or a keystore problem?
Not removing the the JCE and the security implemetation may lead to some
problems that one uses the Sun implemetation instead of the BC
implemetation. The problem arises due to the implementation of the
Security provider class and the lookup of the security implementation.
For example Sun provides the fully qualified Cipher names (e.g.
AES/CBC/ISO10126PADDING) where BC uses the name "AES" only and sets the
properties via calls to the cipher provider. The lookup mechanism first
tries to get the full qualified name thus using the Sun implementation,
not the BC implementation. This may not the result you expect because
the Sun implementation may be slower, etc.
Even if another implementation also provides the full qualified names
but cannot be placed on position one - then the SUn implementation is
always used because it's the first in the chain. This would contradict
the documentation.
Regards,
Werner
dims@apache.org wrote:
> Author: dims
> Date: Sun Oct 16 08:29:07 2005
> New Revision: 322484
>
> URL: http://svn.apache.org/viewcvs?rev=322484&view=rev
> Log:
> BC can't be the first..."ant clean test" fails in jdk14 and jdk15. See url's below for more info.
>
> http://lists.apple.com/archives/Java-dev/2004/Apr/msg00557.html
> http://forum.java.sun.com/thread.jspa?forumID=60&messageID=1662855&threadID=386531
>
>
> Modified:
> webservices/wss4j/trunk/src/org/apache/ws/security/WSSConfig.java
>
> Modified: webservices/wss4j/trunk/src/org/apache/ws/security/WSSConfig.java
> URL: http://svn.apache.org/viewcvs/webservices/wss4j/trunk/src/org/apache/ws/security/WSSConfig.java?rev=322484&r1=322483&r2=322484&view=diff
> ==============================================================================
> --- webservices/wss4j/trunk/src/org/apache/ws/security/WSSConfig.java (original)
> +++ webservices/wss4j/trunk/src/org/apache/ws/security/WSSConfig.java Sun Oct 16 08:29:07 2005
> @@ -236,8 +236,12 @@
> log.debug("The provider " + id
> + " had to be added to the java.security.Security");
> }
> + int pos = 1;
> + if(id.equalsIgnoreCase("BC")) {
> + pos = 2;
> + }
> java.security.Security.insertProviderAt((java.security.Provider) c
> - .newInstance(), 1);
> + .newInstance(), pos);
> }
> return true;
> } catch (Throwable t) {
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org