You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by "BALDWIN, ALAN J [AG-Contractor/1000]" <al...@monsanto.com> on 2005/03/25 22:23:18 UTC
jks keystore Invalid keystore
Hi all, I'm trying to encrypt a soap message using symmetric AES encryption. I have generated a key, which is encrypting and decrypting correctly (it's been tested). Here is the code used to generate the key. It is a jks type keystore. I copied this file into my webservice source code, and ran a test case to pass in the security headers to the webservice. The stack trace is what I get. Is there a problem with jks keystores? Is there something I'm missing?
Thanks a lot!
-Alan Baldwin-
...key generation code...
Security.addProvider(new com.sun.crypto.provider.SunJCE());
KeyGenerator kg = KeyGenerator.getInstance("AES");
Key key = kg.generateKey();
KeyStore ks = KeyStore.getInstance("jks");
ks.load(null,"security".toCharArray());
ks.setKeyEntry("ecms",key,"security".toCharArray(), null);
ks.store(new FileOutputStream("ecms.jks"), "security".toCharArray());
...my crypto.properties file...
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=security
org.apache.ws.security.crypto.merlin.keystore.alias=ecms
org.apache.ws.security.crypto.merlin.alias.password=security
org.apache.ws.security.crypto.merlin.file=ecms.jks
...stack trace...
2005-03-25 13:59:14 INFO [org.apache.ws.security.components.crypto.CryptoFactory] - <Using Crypto Engine [org.apache.ws.security.components.crypto.Merlin]>
java.io.IOException: Invalid keystore format
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:612)
at java.security.KeyStore.load(KeyStore.java:652)
at org.apache.ws.security.components.crypto.Merlin.load(Merlin.java:524)
at org.apache.ws.security.components.crypto.Merlin.<init>(Merlin.java:116)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
......
......
Caused by: org.apache.ws.security.components.crypto.CredentialException: Failed to load credentials. Inner Exception: [Invalid keystore format]
at org.apache.ws.security.components.crypto.Merlin.load(Merlin.java:527)
at org.apache.ws.security.components.crypto.Merlin.<init>(Merlin.java:116)
... 43 more
...my wsdd...
<service name="MessageEcho" provider="java:MSG">
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="passwordCallbackClass" value="org.apache.ws.axis.oasis.PWCallback"/>
<parameter name="action" value="UsernameToken Encrypt"/>
<parameter name="decryptionPropFile" value="crypto.properties"/>
</handler>
</requestFlow>
<parameter name="allowedMethods" value="echo"/>
<parameter name="className"
value="com.monsanto.ag.cf.service.jaxrpc.JaxRpcMessageEcho"/>
<!--<wsdl/>-->
</service>
Re: jks keystore Invalid keystore
Posted by Martin Stemplinger <ms...@gmx.de>.
BALDWIN, ALAN J [AG-Contractor/1000] schrieb am 03/25/2005 10:23 PM:
> ...key generation code...
>
> Security.addProvider(new com.sun.crypto.provider.SunJCE());
>
> KeyGenerator kg = KeyGenerator.getInstance("AES");
>
> Key key = kg.generateKey();
>
> KeyStore ks = KeyStore.getInstance("jks");
>
> ks.load(null,"security".toCharArray());
> ks.setKeyEntry("ecms",key,"security".toCharArray(), null);
>
> ks.store(new FileOutputStream("ecms.jks"), "security".toCharArray());
>
>
> ...my crypto.properties file...
>
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
> org.apache.ws.security.crypto.merlin.keystore.type=jks
> org.apache.ws.security.crypto.merlin.keystore.password=security
> org.apache.ws.security.crypto.merlin.keystore.alias=ecms
> org.apache.ws.security.crypto.merlin.alias.password=security
> org.apache.ws.security.crypto.merlin.file=ecms.jks
>
>
> ...stack trace...
>
> 2005-03-25 13:59:14 INFO [org.apache.ws.security.components.crypto.CryptoFactory] - <Using Crypto Engine [org.apache.ws.security.components.crypto.Merlin]>
> java.io.IOException: Invalid keystore format
> at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:612)
> at java.security.KeyStore.load(KeyStore.java:652)
> at org.apache.ws.security.components.crypto.Merlin.load(Merlin.java:524)
> at org.apache.ws.security.components.crypto.Merlin.<init>(Merlin.java:116)
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> ......
> ......
> Caused by: org.apache.ws.security.components.crypto.CredentialException: Failed to load credentials. Inner Exception: [Invalid keystore format]
> at org.apache.ws.security.components.crypto.Merlin.load(Merlin.java:527)
> at org.apache.ws.security.components.crypto.Merlin.<init>(Merlin.java:116)
> ... 43 more
>
>
>
>
can you read the keystore using keytool? I noticed that keystore that
gave me errors when processed wtih keytools didn't work with wss4j either.
tht
Martin