You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ws.apache.org by "Namrata Jaiswal (JIRA)" <ji...@apache.org> on 2015/10/05 07:52:26 UTC
[jira] [Issue Comment Deleted] (WSS-461)
org.apache.ws.security.processor.SignatureProcessor does not allow to add
custom resolver
[ https://issues.apache.org/jira/browse/WSS-461?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Namrata Jaiswal updated WSS-461:
--------------------------------
Comment: was deleted
(was: Thanks colm for your response! The above error I was getting while using wss4j dom api to encrypt/decrypt message using AES-GCM. But I got it working by upgrading JVM 1.7 SR3 to JVM SR9, looks like JCE issue.
But when try to use stax api to encrypt/decrypt messages with AES-GCM then I get following error
javax.xml.stream.XMLStreamException: org.apache.xml.security.exceptions.XMLSecurityException: Wrong parameter type: GCM expected
Original Exception was java.security.InvalidAlgorithmParameterException: Wrong parameter type: GCM expected
at org.apache.xml.security.stax.impl.XMLSecurityStreamWriter.chainProcessEvent(XMLSecurityStreamWriter.java:64)
at org.apache.xml.security.stax.impl.XMLSecurityStreamWriter.outputOpenStartElement(XMLSecurityStreamWriter.java:83)
at org.apache.xml.security.stax.impl.XMLSecurityStreamWriter.writeEndElement(XMLSecurityStreamWriter.java:215)
at org.apache.axiom.om.impl.MTOMXMLStreamWriter.writeEndElement(MTOMXMLStreamWriter.java:157)
at org.apache.axiom.om.impl.util.OMSerializerUtil.serializeEndpart(OMSerializerUtil.java:57)
at org.apache.axiom.om.impl.llom.OMElementImpl.internalSerialize(OMElementImpl.java:973)
at org.apache.axiom.om.impl.llom.OMElementImpl.internalSerialize(OMElementImpl.java:965)
at org.apache.axiom.om.impl.llom.OMSerializableImpl.serialize(OMSerializableImpl.java:125)
at org.apache.axiom.om.impl.llom.OMSerializableImpl.serializeAndConsume(OMSerializableImpl.java:117)
at org.apache.axiom.om.util.CopyUtils.reader2writer(CopyUtils.java:151)
at com.ibm.b2b.enc.EncryptionTest.testEncryptionDecryptionAESGCMWithSTAX(EncryptionTest.java:138)
at com.ibm.b2b.enc.EncryptionTest.main(EncryptionTest.java:200)
Caused by: org.apache.xml.security.exceptions.XMLSecurityException: Wrong parameter type: GCM expected
Original Exception was java.security.InvalidAlgorithmParameterException: Wrong parameter type: GCM expected
at org.apache.xml.security.stax.impl.processor.output.AbstractEncryptOutputProcessor$AbstractInternalEncryptionOutputProcessor.init(AbstractEncryptOutputProcessor.java:190)
at org.apache.wss4j.stax.impl.processor.output.EncryptOutputProcessor.processEvent(EncryptOutputProcessor.java:125)
at org.apache.xml.security.stax.ext.AbstractOutputProcessor.processNextEvent(AbstractOutputProcessor.java:135)
at org.apache.xml.security.stax.impl.OutputProcessorChainImpl.processEvent(OutputProcessorChainImpl.java:217)
at org.apache.xml.security.stax.impl.XMLSecurityStreamWriter.chainProcessEvent(XMLSecurityStreamWriter.java:62)
... 11 more
Caused by: java.security.InvalidAlgorithmParameterException: Wrong parameter type: GCM expected
at com.ibm.crypto.provider.AESGCMCipher.engineInit(Unknown Source)
at javax.crypto.Cipher.a(Unknown Source)
at javax.crypto.Cipher.a(Unknown Source)
at javax.crypto.Cipher.init(Unknown Source)
at javax.crypto.Cipher.init(Unknown Source)
at org.apache.xml.security.stax.impl.processor.output.AbstractEncryptOutputProcessor$AbstractInternalEncryptionOutputProcessor.init(AbstractEncryptOutputProcessor.java:160)
... 15 more
I think this is due to incorrect (IvParameterSpec) parameter used in AbstractEncryptOutputProcessor.java for GCM.
)
> org.apache.ws.security.processor.SignatureProcessor does not allow to add custom resolver
> -----------------------------------------------------------------------------------------
>
> Key: WSS-461
> URL: https://issues.apache.org/jira/browse/WSS-461
> Project: WSS4J
> Issue Type: Improvement
> Components: WSS4J Core
> Affects Versions: 1.5.12
> Reporter: Namrata Jaiswal
> Assignee: Colm O hEigeartaigh
> Priority: Critical
>
> org.apache.ws.security.processor.SignatureProcessor does not provide api to add resource resolver. To explain it more,
> I received a soap message with a particular ID pattern and for that ID pattern, I would like to provide my own implementation for ResourceResolverSpi( that can be added to resource signature element). If some api is exposed that allows user to provide their own implementation for resourceresolver then it would great.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org