You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by "Lukasz L." <Lu...@sabre.com> on 2009/01/28 19:04:25 UTC
Exception: DerInputStream.getLength(): lengthTag=119, too big
Hi,
I use WSS4J in interceptor in CXF consumer (inside servicemix esb) to verify
Signature in incoming message (using public key store in a keystore). For
many keys it works but sometimes (for certain public key) I got an exception
below. All keys are generated using keytool from JRE.
Any idea about the reason of it?
(one more note: I am able to list the content of this faulty keystore using
keytool -list)
java.security.cert.CertificateException: Unable to initialize,
java.io.IOException: DerInputStream.getLength(): lengthTag=119, too big.
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:182)
at
sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:90)
at
java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:271)
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:745)
at java.security.KeyStore.load(KeyStore.java:1150)
at
org.apache.ws.security.components.crypto.AbstractCrypto.load(AbstractCrypto.java:141)
at
org.apache.ws.security.components.crypto.AbstractCrypto.<init>(AbstractCrypto.java:100)
at org.apache.ws.security.components.crypto.Merlin.<init>(Merlin.java:72)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:494)
at
org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:211)
at
org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:176)
at
org.apache.ws.security.handler.WSHandler.loadSignatureCrypto(WSHandler.java:372)
at
org.apache.ws.security.handler.WSHandler.decodeSignatureParameter2(WSHandler.java:897)
at
org.apache.ws.security.handler.WSHandler.doReceiverAction(WSHandler.java:256)
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:145)
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:65)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:220)
at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:77)
at
org.apache.cxf.transport.http_jetty.JettyHTTPDestination.serviceRequest(JettyHTTPDestination.java:278)
at
org.apache.cxf.transport.http_jetty.JettyHTTPDestination.doService(JettyHTTPDestination.java:252)
at
org.apache.cxf.transport.http_jetty.JettyHTTPHandler.handle(JettyHTTPHandler.java:70)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:766)
at
org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:230)
at org.mortbay.jetty.handler.HandlerList.handle(HandlerList.java:49)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:324)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:534)
at
org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:879)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:741)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:213)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:403)
at
org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)
at
org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:522)
Caused by: java.io.IOException: DerInputStream.getLength(): lengthTag=119,
too big.
at sun.security.util.DerInputStream.getLength(DerInputStream.java:530)
at sun.security.util.DerValue.<init>(DerValue.java:234)
at sun.security.util.DerInputStream.getDerValue(DerInputStream.java:386)
at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1688)
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:179)
... 35 more
--
View this message in context: http://www.nabble.com/Exception%3A-DerInputStream.getLength%28%29%3A-lengthTag%3D119%2C-too-big-tp21711285p21711285.html
Sent from the WSS4J mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
RE: Exception: DerInputStream.getLength(): lengthTag=119, too big
Posted by "Lukasz L." <Lu...@sabre.com>.
I tested both keystores with your code and it seems to be ok, I need to
verify it once again.
Thanks for help
Colm O hEigeartaigh wrote:
>
>
> Apologies, that's not required actually, this will do the job:
>
> secEngine.processSecurityHeader(doc, null, null, cryptoPub);
>
> Maybe it's a deployment problem, do you have the bouncycastle jar on the
> classpath?
>
> Maybe try and see if the following works?
>
> WSSecSignature builder = new WSSecSignature();
> builder.setUserInfo("JJ", "JJ-Password");
> Document doc = unsignedEnvelope.getAsDocument();
> WSSecHeader secHeader = new WSSecHeader();
> secHeader.insertSecurityHeader(doc);
> Document signedDoc = builder.build(doc,
> CryptoFactory.getInstance("lpriv.props"), secHeader);
>
> ...
>
> WSSecurityEngine secEngine = new WSSecurityEngine();
> secEngine.processSecurityHeader(doc, null, null,
> CryptoFactory.getInstance("lpub.props"));
>
> Where:
>
> lpriv.props:
>
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components
> .crypto.Merlin
> org.apache.ws.security.crypto.merlin.keystore.type=jks
> org.apache.ws.security.crypto.merlin.keystore.password=keyStorePassword
> org.apache.ws.security.crypto.merlin.file=keys/PrivateKeystore.jks
>
> lpub.props:
>
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components
> .crypto.Merlin
> org.apache.ws.security.crypto.merlin.keystore.type=jks
> org.apache.ws.security.crypto.merlin.keystore.password=keyStorePassword
> org.apache.ws.security.crypto.merlin.file=keys/PublicKeystore.jks
>
> Colm.
>
>
> -----Original Message-----
> From: Lukasz L. [mailto:Lukasz.Lichota@sabre.com]
> Sent: 30 January 2009 11:25
> To: wss4j-dev@ws.apache.org
> Subject: RE: Exception: DerInputStream.getLength(): lengthTag=119, too
> big
>
>
> do you mean providing alias password? no ...
> as you advised in this thread
> http://www.nabble.com/Signature-question-tt20978463.html
> I removed password callback class from WSS4J in interceptor ...
>
>
> Colm O hEigeartaigh wrote:
>>
>>
>> Yup Dan's right I think. I tested both of the keystores and it works
>> fine:
>>
>> Crypto crypto = CryptoFactory.getInstance("lukasz.properties");
>> WSSecSignature builder = new WSSecSignature();
>> builder.setUserInfo("JJ", "JJ-Password");
>> Document doc = unsignedEnvelope.getAsDocument();
>> WSSecHeader secHeader = new WSSecHeader();
>> secHeader.insertSecurityHeader(doc);
>> Document signedDoc = builder.build(doc, crypto, secHeader);
>>
>> ...
>>
>> Crypto cryptoPub = CryptoFactory.getInstance("lukasz_pub.properties");
>> secEngine.processSecurityHeader(doc, null, this, cryptoPub);
>>
>> Where "this" is a CallbackHandler implementation where we set:
>>
>> pc.setPassword("JJ-Password");
>>
>> Are you sure that you were doing this last step?
>>
>> Colm.
>>
>>
>
> --
> View this message in context:
> http://www.nabble.com/Exception%3A-DerInputStream.getLength%28%29%3A-len
> gthTag%3D119%2C-too-big-tp21711285p21745484.html
> Sent from the WSS4J mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
>
--
View this message in context: http://www.nabble.com/Exception%3A-DerInputStream.getLength%28%29%3A-lengthTag%3D119%2C-too-big-tp21711285p21748147.html
Sent from the WSS4J mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
RE: Exception: DerInputStream.getLength(): lengthTag=119, too big
Posted by Colm O hEigeartaigh <co...@progress.com>.
Apologies, that's not required actually, this will do the job:
secEngine.processSecurityHeader(doc, null, null, cryptoPub);
Maybe it's a deployment problem, do you have the bouncycastle jar on the
classpath?
Maybe try and see if the following works?
WSSecSignature builder = new WSSecSignature();
builder.setUserInfo("JJ", "JJ-Password");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document signedDoc = builder.build(doc,
CryptoFactory.getInstance("lpriv.props"), secHeader);
...
WSSecurityEngine secEngine = new WSSecurityEngine();
secEngine.processSecurityHeader(doc, null, null,
CryptoFactory.getInstance("lpub.props"));
Where:
lpriv.props:
org.apache.ws.security.crypto.provider=org.apache.ws.security.components
.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=keyStorePassword
org.apache.ws.security.crypto.merlin.file=keys/PrivateKeystore.jks
lpub.props:
org.apache.ws.security.crypto.provider=org.apache.ws.security.components
.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=keyStorePassword
org.apache.ws.security.crypto.merlin.file=keys/PublicKeystore.jks
Colm.
-----Original Message-----
From: Lukasz L. [mailto:Lukasz.Lichota@sabre.com]
Sent: 30 January 2009 11:25
To: wss4j-dev@ws.apache.org
Subject: RE: Exception: DerInputStream.getLength(): lengthTag=119, too
big
do you mean providing alias password? no ...
as you advised in this thread
http://www.nabble.com/Signature-question-tt20978463.html
I removed password callback class from WSS4J in interceptor ...
Colm O hEigeartaigh wrote:
>
>
> Yup Dan's right I think. I tested both of the keystores and it works
> fine:
>
> Crypto crypto = CryptoFactory.getInstance("lukasz.properties");
> WSSecSignature builder = new WSSecSignature();
> builder.setUserInfo("JJ", "JJ-Password");
> Document doc = unsignedEnvelope.getAsDocument();
> WSSecHeader secHeader = new WSSecHeader();
> secHeader.insertSecurityHeader(doc);
> Document signedDoc = builder.build(doc, crypto, secHeader);
>
> ...
>
> Crypto cryptoPub = CryptoFactory.getInstance("lukasz_pub.properties");
> secEngine.processSecurityHeader(doc, null, this, cryptoPub);
>
> Where "this" is a CallbackHandler implementation where we set:
>
> pc.setPassword("JJ-Password");
>
> Are you sure that you were doing this last step?
>
> Colm.
>
>
--
View this message in context:
http://www.nabble.com/Exception%3A-DerInputStream.getLength%28%29%3A-len
gthTag%3D119%2C-too-big-tp21711285p21745484.html
Sent from the WSS4J mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
RE: Exception: DerInputStream.getLength(): lengthTag=119, too big
Posted by "Lukasz L." <Lu...@sabre.com>.
do you mean providing alias password? no ...
as you advised in this thread
http://www.nabble.com/Signature-question-tt20978463.html
I removed password callback class from WSS4J in interceptor ...
Colm O hEigeartaigh wrote:
>
>
> Yup Dan's right I think. I tested both of the keystores and it works
> fine:
>
> Crypto crypto = CryptoFactory.getInstance("lukasz.properties");
> WSSecSignature builder = new WSSecSignature();
> builder.setUserInfo("JJ", "JJ-Password");
> Document doc = unsignedEnvelope.getAsDocument();
> WSSecHeader secHeader = new WSSecHeader();
> secHeader.insertSecurityHeader(doc);
> Document signedDoc = builder.build(doc, crypto, secHeader);
>
> ...
>
> Crypto cryptoPub = CryptoFactory.getInstance("lukasz_pub.properties");
> secEngine.processSecurityHeader(doc, null, this, cryptoPub);
>
> Where "this" is a CallbackHandler implementation where we set:
>
> pc.setPassword("JJ-Password");
>
> Are you sure that you were doing this last step?
>
> Colm.
>
>
--
View this message in context: http://www.nabble.com/Exception%3A-DerInputStream.getLength%28%29%3A-lengthTag%3D119%2C-too-big-tp21711285p21745484.html
Sent from the WSS4J mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
RE: Exception: DerInputStream.getLength(): lengthTag=119, too big
Posted by Colm O hEigeartaigh <co...@progress.com>.
Yup Dan's right I think. I tested both of the keystores and it works
fine:
Crypto crypto = CryptoFactory.getInstance("lukasz.properties");
WSSecSignature builder = new WSSecSignature();
builder.setUserInfo("JJ", "JJ-Password");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document signedDoc = builder.build(doc, crypto, secHeader);
...
Crypto cryptoPub = CryptoFactory.getInstance("lukasz_pub.properties");
secEngine.processSecurityHeader(doc, null, this, cryptoPub);
Where "this" is a CallbackHandler implementation where we set:
pc.setPassword("JJ-Password");
Are you sure that you were doing this last step?
Colm.
-----Original Message-----
From: Daniel Kulp [mailto:dkulp@apache.org]
Sent: 29 January 2009 18:07
To: wss4j-dev@ws.apache.org
Cc: Lukasz L.
Subject: Re: Exception: DerInputStream.getLength(): lengthTag=119, too
big
I've seen this error when the alias and/or password passed in is not
correct.
I'd double check that.
Dan
On Thursday 29 January 2009 6:04:36 am Lukasz L. wrote:
> Hi Colm,
>
> here are the details you asked for.
> Generation commands were as following:
>
> keytool -genkey -alias JJ -keypass JJ-Password -keystore
> PrivateKeystore.jks -storepass keyStorePassword -dname "cn=JJ" -keyalg
RSA
>
> keytool -selfcert -alias JJ -keypass JJ-Password -keystore
> PrivateKeystore.jks -storepass keyStorePassword
>
> keytool -export -alias JJ -file tmpKey.rsa -keystore
PrivateKeystore.jks
> -storepass keyStorePassword
>
> keytool -import -alias JJ -file tmpKey.rsa -keystore
PublicKeystore.jks
> -storepass keyStorePassword
>
> Merlin config:
>
>
org.apache.ws.security.crypto.provider=org.apache.ws.security.components
.cr
>ypto.Merlin org.apache.ws.security.crypto.merlin.keystore.type=jks
>
org.apache.ws.security.crypto.merlin.keystore.password=keyStorePassword
> org.apache.ws.security.crypto.merlin.keystore.alias=JJ
> org.apache.ws.security.crypto.merlin.file=PublicKeystore.jks
>
> attaching the public and private keystore
>
> http://www.nabble.com/file/p21724785/PrivateKeystore.jks
> PrivateKeystore.jks
http://www.nabble.com/file/p21724785/PublicKeystore.jks
> PublicKeystore.jks
>
> Colm O hEigeartaigh wrote:
> > Can you attach the keystore, and the Merlin config? How was the
keystore
> > in question generated, i.e. the exact parameters given to keytool?
> >
> > Colm.
--
Daniel Kulp
dkulp@apache.org
http://dankulp.com/blog
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Exception: DerInputStream.getLength(): lengthTag=119, too big
Posted by Daniel Kulp <dk...@apache.org>.
I've seen this error when the alias and/or password passed in is not correct.
I'd double check that.
Dan
On Thursday 29 January 2009 6:04:36 am Lukasz L. wrote:
> Hi Colm,
>
> here are the details you asked for.
> Generation commands were as following:
>
> keytool -genkey -alias JJ -keypass JJ-Password -keystore
> PrivateKeystore.jks -storepass keyStorePassword -dname "cn=JJ" -keyalg RSA
>
> keytool -selfcert -alias JJ -keypass JJ-Password -keystore
> PrivateKeystore.jks -storepass keyStorePassword
>
> keytool -export -alias JJ -file tmpKey.rsa -keystore PrivateKeystore.jks
> -storepass keyStorePassword
>
> keytool -import -alias JJ -file tmpKey.rsa -keystore PublicKeystore.jks
> -storepass keyStorePassword
>
> Merlin config:
>
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.cr
>ypto.Merlin org.apache.ws.security.crypto.merlin.keystore.type=jks
> org.apache.ws.security.crypto.merlin.keystore.password=keyStorePassword
> org.apache.ws.security.crypto.merlin.keystore.alias=JJ
> org.apache.ws.security.crypto.merlin.file=PublicKeystore.jks
>
> attaching the public and private keystore
>
> http://www.nabble.com/file/p21724785/PrivateKeystore.jks
> PrivateKeystore.jks http://www.nabble.com/file/p21724785/PublicKeystore.jks
> PublicKeystore.jks
>
> Colm O hEigeartaigh wrote:
> > Can you attach the keystore, and the Merlin config? How was the keystore
> > in question generated, i.e. the exact parameters given to keytool?
> >
> > Colm.
--
Daniel Kulp
dkulp@apache.org
http://dankulp.com/blog
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
RE: Exception: DerInputStream.getLength(): lengthTag=119, too big
Posted by "Lukasz L." <Lu...@sabre.com>.
Hi Colm,
here are the details you asked for.
Generation commands were as following:
keytool -genkey -alias JJ -keypass JJ-Password -keystore PrivateKeystore.jks
-storepass keyStorePassword -dname "cn=JJ" -keyalg RSA
keytool -selfcert -alias JJ -keypass JJ-Password -keystore
PrivateKeystore.jks -storepass keyStorePassword
keytool -export -alias JJ -file tmpKey.rsa -keystore PrivateKeystore.jks
-storepass keyStorePassword
keytool -import -alias JJ -file tmpKey.rsa -keystore PublicKeystore.jks
-storepass keyStorePassword
Merlin config:
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=keyStorePassword
org.apache.ws.security.crypto.merlin.keystore.alias=JJ
org.apache.ws.security.crypto.merlin.file=PublicKeystore.jks
attaching the public and private keystore
http://www.nabble.com/file/p21724785/PrivateKeystore.jks PrivateKeystore.jks
http://www.nabble.com/file/p21724785/PublicKeystore.jks PublicKeystore.jks
Colm O hEigeartaigh wrote:
>
>
> Can you attach the keystore, and the Merlin config? How was the keystore
> in question generated, i.e. the exact parameters given to keytool?
>
> Colm.
>
>
--
View this message in context: http://www.nabble.com/Exception%3A-DerInputStream.getLength%28%29%3A-lengthTag%3D119%2C-too-big-tp21711285p21724785.html
Sent from the WSS4J mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
RE: Exception: DerInputStream.getLength(): lengthTag=119, too big
Posted by Colm O hEigeartaigh <co...@progress.com>.
Can you attach the keystore, and the Merlin config? How was the keystore
in question generated, i.e. the exact parameters given to keytool?
Colm.
-----Original Message-----
From: Lukasz L. [mailto:Lukasz.Lichota@sabre.com]
Sent: 28 January 2009 18:04
To: wss4j-dev@ws.apache.org
Subject: Exception: DerInputStream.getLength(): lengthTag=119, too big
Hi,
I use WSS4J in interceptor in CXF consumer (inside servicemix esb) to
verify
Signature in incoming message (using public key store in a keystore).
For
many keys it works but sometimes (for certain public key) I got an
exception
below. All keys are generated using keytool from JRE.
Any idea about the reason of it?
(one more note: I am able to list the content of this faulty keystore
using
keytool -list)
java.security.cert.CertificateException: Unable to initialize,
java.io.IOException: DerInputStream.getLength(): lengthTag=119, too big.
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:182)
at
sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.
java:90)
at
java.security.cert.CertificateFactory.generateCertificate(CertificateFac
tory.java:271)
at
sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:745)
at java.security.KeyStore.load(KeyStore.java:1150)
at
org.apache.ws.security.components.crypto.AbstractCrypto.load(AbstractCry
pto.java:141)
at
org.apache.ws.security.components.crypto.AbstractCrypto.<init>(AbstractC
rypto.java:100)
at
org.apache.ws.security.components.crypto.Merlin.<init>(Merlin.java:72)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
Method)
at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorA
ccessorImpl.java:39)
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingCons
tructorAccessorImpl.java:27)
at
java.lang.reflect.Constructor.newInstance(Constructor.java:494)
at
org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoF
actory.java:211)
at
org.apache.ws.security.components.crypto.CryptoFactory.getInstance(Crypt
oFactory.java:176)
at
org.apache.ws.security.handler.WSHandler.loadSignatureCrypto(WSHandler.j
ava:372)
at
org.apache.ws.security.handler.WSHandler.decodeSignatureParameter2(WSHan
dler.java:897)
at
org.apache.ws.security.handler.WSHandler.doReceiverAction(WSHandler.java
:256)
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JI
nInterceptor.java:145)
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JI
nInterceptor.java:65)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorC
hain.java:220)
at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiati
onObserver.java:77)
at
org.apache.cxf.transport.http_jetty.JettyHTTPDestination.serviceRequest(
JettyHTTPDestination.java:278)
at
org.apache.cxf.transport.http_jetty.JettyHTTPDestination.doService(Jetty
HTTPDestination.java:252)
at
org.apache.cxf.transport.http_jetty.JettyHTTPHandler.handle(JettyHTTPHan
dler.java:70)
at
org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:766)
at
org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandler
Collection.java:230)
at
org.mortbay.jetty.handler.HandlerList.handle(HandlerList.java:49)
at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:324)
at
org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:534)
at
org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.j
ava:879)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:741)
at
org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:213)
at
org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:403)
at
org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:
409)
at
org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java
:522)
Caused by: java.io.IOException: DerInputStream.getLength():
lengthTag=119,
too big.
at
sun.security.util.DerInputStream.getLength(DerInputStream.java:530)
at sun.security.util.DerValue.<init>(DerValue.java:234)
at
sun.security.util.DerInputStream.getDerValue(DerInputStream.java:386)
at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1688)
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:179)
... 35 more
--
View this message in context:
http://www.nabble.com/Exception%3A-DerInputStream.getLength%28%29%3A-len
gthTag%3D119%2C-too-big-tp21711285p21711285.html
Sent from the WSS4J mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org