You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by "Kramp, Raymund" <Ra...@ca.com> on 2005/10/08 00:53:32 UTC
WSS4J w/RSA Crypto-J JCE provider
I've recently been using WSS4J with RSA's Crypto-J 3.5 (JsafeJCE)
provider. I've been able to get it working fine, but have some
questions...
1) In WSSecurityUtil.getCipherInstance, there's hard-coded references
to the BC provider:
cipher = Cipher.getInstance("RSA/ECB/PKCS1PADDING", "BC");
I patched this class to use an algorithm from JsafeJCE. Is this a bug,
or is there another way that I can specify the asymmetric algorithm? I
saw this mentioned in WSS-6, but the resolution didn't affect
WSSecurityUtil.
2) When I use AES from JsafeJCE as my symmetric algorithm,
WSEncryptBody.getKeyGenerator retrieves the keygen instance by OID.
This causes a NoSuchAlgorithmException: 2.16... with JsafeJCE.
To get it working, I changed getKeyGenerator() to do AES lookup's by
name:
private KeyGenerator getKeyGenerator() throws WSSecurityException {
KeyGenerator keyGen = null;
try {
if (symEncAlgo.equalsIgnoreCase(WSConstants.TRIPLE_DES)) {
keyGen = KeyGenerator.getInstance("DESede");
} else if (symEncAlgo.equalsIgnoreCase(WSConstants.AES_128))
{
//keyGen =
KeyGenerator.getInstance("2.16.840.1.101.3.4.1.2");
keyGen = KeyGenerator.getInstance("AES");
} else if (symEncAlgo.equalsIgnoreCase(WSConstants.AES_192))
{
//keyGen =
KeyGenerator.getInstance("2.16.840.1.101.3.4.1.22");
keyGen = KeyGenerator.getInstance("AES");
} else if (symEncAlgo.equalsIgnoreCase(WSConstants.AES_256))
{
//keyGen =
KeyGenerator.getInstance("2.16.840.1.101.3.4.1.42");
keyGen = KeyGenerator.getInstance("AES");
Is there a way that I can specify the algorithm name for KeyGenerator
without modifying the WSS4J source?
Thanks!
Ray