You are viewing a plain text version of this content. The canonical link for it is here.

Posted to wss4j-dev@ws.apache.org by Benjamin Pieritz <de...@wistedter-jungs.de> on 2006/03/24 13:09:03 UTC

An unsupported signature or encryption algorithm was used (unsupported key transport encryption algorithm: no provider: http://www.w3.org/2001/04/xmlenc#rsa-1_5)

Hey!

I got the same problem that Julien described in this mailing list
on 3 August 2005. I'm simply trying to encrypt the UsernameToken and 
getting an

org.apache.ws.security.WSSecurityException: WSHandler: Encryption: error 
during message processingorg.apache.ws.security.WSSecurityException: An 
unsupported signature or encryption algorithm was used (unsupported key 
transport encryption algorithm: no provider: 
http://www.w3.org/2001/04/xmlenc#rsa-1_5)


Werners answer was the following:

"usually the handlers that are included with WSS4J (Axis
handlers and JAX-RPC handlers are availiable) are controling
the setup of SOAP requests. Pls have a look in the Javadoc
of the **/axis/ directory / paackage."

Maybe I'm stupid in this case, but it just doesn't help me.

## My client wsdd: ##
<deployment xmlns="http://xml.apache.org/axis/wsdd/" 
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
  <transport name="http" 
pivot="java:org.apache.axis.transport.http.HTTPSender"/>
   <globalConfiguration >
    <requestFlow >
     <handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
      <parameter name="action" value="UsernameToken Encrypt"/>
      <parameter name="encryptionPropFile" value="crypto.properties" />
      <parameter name="encryptionKeyIdentifier" value="X509KeyIdentifier" />
      <parameter name="encryptionUser" value="pubcert" />
      <parameter name="encryptionParts" 
value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken" 
/>
     </handler>
    </requestFlow >
   </globalConfiguration >
</deployment>

## My crpto.properties at client side: ##
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=secret
org.apache.ws.security.crypto.merlin.keystore.alias=pubcert
org.apache.ws.security.crypto.merlin.alias.password=secret
org.apache.ws.security.crypto.merlin.file=pub.keystore

## The key was generated with the following command: ##
keytool -genkey -keyalg RSA -keystore pub.keystore -alias pubcert

This is quite urgend since I have to finish this project by sunday.

Thank you very much in advance!
-Benjamin


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org

Re: An unsupported signature or encryption algorithm was used (unsupported key transport encryption algorithm: no provider: http://www.w3.org/2001/04/xmlenc#rsa-1_5)

Posted by Werner Dittmann <We...@t-online.de>.

The standard JCE that comes with Java does not support RSA
with the requiered key-length AFAIK.

We always require/recommend to have the BouncyCastle crypto
lib installed abd in the classpath.

Regards,
Werner

Benjamin Pieritz wrote:
> Hey!
> 
> I got the same problem that Julien described in this mailing list
> on 3 August 2005. I'm simply trying to encrypt the UsernameToken and
> getting an
> 
> org.apache.ws.security.WSSecurityException: WSHandler: Encryption: error
> during message processingorg.apache.ws.security.WSSecurityException: An
> unsupported signature or encryption algorithm was used (unsupported key
> transport encryption algorithm: no provider:
> http://www.w3.org/2001/04/xmlenc#rsa-1_5)
> 
> 
> Werners answer was the following:
> 
> "usually the handlers that are included with WSS4J (Axis
> handlers and JAX-RPC handlers are availiable) are controling
> the setup of SOAP requests. Pls have a look in the Javadoc
> of the **/axis/ directory / paackage."
> 
> Maybe I'm stupid in this case, but it just doesn't help me.
> 
> ## My client wsdd: ##
> <deployment xmlns="http://xml.apache.org/axis/wsdd/"
> xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
>  <transport name="http"
> pivot="java:org.apache.axis.transport.http.HTTPSender"/>
>   <globalConfiguration >
>    <requestFlow >
>     <handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
>      <parameter name="action" value="UsernameToken Encrypt"/>
>      <parameter name="encryptionPropFile" value="crypto.properties" />
>      <parameter name="encryptionKeyIdentifier" value="X509KeyIdentifier" />
>      <parameter name="encryptionUser" value="pubcert" />
>      <parameter name="encryptionParts"
> value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken"
> />
>     </handler>
>    </requestFlow >
>   </globalConfiguration >
> </deployment>
> 
> ## My crpto.properties at client side: ##
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
> 
> org.apache.ws.security.crypto.merlin.keystore.type=jks
> org.apache.ws.security.crypto.merlin.keystore.password=secret
> org.apache.ws.security.crypto.merlin.keystore.alias=pubcert
> org.apache.ws.security.crypto.merlin.alias.password=secret
> org.apache.ws.security.crypto.merlin.file=pub.keystore
> 
> ## The key was generated with the following command: ##
> keytool -genkey -keyalg RSA -keystore pub.keystore -alias pubcert
> 
> This is quite urgend since I have to finish this project by sunday.
> 
> Thank you very much in advance!
> -Benjamin
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org

Re: An unsupported signature or encryption algorithm was used (unsupported key transport encryption algorithm: no provider: http://www.w3.org/2001/04/xmlenc#rsa-1_5)

Posted by Werner Dittmann <We...@t-online.de>.

The standard JCE that comes with Java does not support RSA
with the requiered key-length AFAIK.

We always require/recommend to have the BouncyCastle crypto
lib installed abd in the classpath.

Regards,
Werner

Benjamin Pieritz wrote:
> Hey!
> 
> I got the same problem that Julien described in this mailing list
> on 3 August 2005. I'm simply trying to encrypt the UsernameToken and
> getting an
> 
> org.apache.ws.security.WSSecurityException: WSHandler: Encryption: error
> during message processingorg.apache.ws.security.WSSecurityException: An
> unsupported signature or encryption algorithm was used (unsupported key
> transport encryption algorithm: no provider:
> http://www.w3.org/2001/04/xmlenc#rsa-1_5)
> 
> 
> Werners answer was the following:
> 
> "usually the handlers that are included with WSS4J (Axis
> handlers and JAX-RPC handlers are availiable) are controling
> the setup of SOAP requests. Pls have a look in the Javadoc
> of the **/axis/ directory / paackage."
> 
> Maybe I'm stupid in this case, but it just doesn't help me.
> 
> ## My client wsdd: ##
> <deployment xmlns="http://xml.apache.org/axis/wsdd/"
> xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
>  <transport name="http"
> pivot="java:org.apache.axis.transport.http.HTTPSender"/>
>   <globalConfiguration >
>    <requestFlow >
>     <handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
>      <parameter name="action" value="UsernameToken Encrypt"/>
>      <parameter name="encryptionPropFile" value="crypto.properties" />
>      <parameter name="encryptionKeyIdentifier" value="X509KeyIdentifier" />
>      <parameter name="encryptionUser" value="pubcert" />
>      <parameter name="encryptionParts"
> value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken"
> />
>     </handler>
>    </requestFlow >
>   </globalConfiguration >
> </deployment>
> 
> ## My crpto.properties at client side: ##
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
> 
> org.apache.ws.security.crypto.merlin.keystore.type=jks
> org.apache.ws.security.crypto.merlin.keystore.password=secret
> org.apache.ws.security.crypto.merlin.keystore.alias=pubcert
> org.apache.ws.security.crypto.merlin.alias.password=secret
> org.apache.ws.security.crypto.merlin.file=pub.keystore
> 
> ## The key was generated with the following command: ##
> keytool -genkey -keyalg RSA -keystore pub.keystore -alias pubcert
> 
> This is quite urgend since I have to finish this project by sunday.
> 
> Thank you very much in advance!
> -Benjamin
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org