You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@ws.apache.org by Thomas Hofer <th...@auto.tuwien.ac.at> on 2013/01/07 16:11:27 UTC

ECC in combination with WSS4J

Hello!

I'm trying to use WSS4J in combination with elliptic curve cryptography. 
I installed BouncyCastle as provider.
The PublicKey is of type SHA256withECDSA stored in a JKS, created with 
the Java keytool (Java 7). The whole setup works if I switch to RSA 
keys, but when I'm using an EC key following exception occurs:

Caused by: java.security.InvalidKeyException: unknown key type passed to RSA
     at 
org.bouncycastle.jcajce.provider.asymmetric.rsa.CipherSpi.engineInit(Unknown 
Source)
     at javax.crypto.Cipher.implInit(Cipher.java:685)
     at javax.crypto.Cipher.chooseProvider(Cipher.java:737)
     at javax.crypto.Cipher.init(Cipher.java:1113)
     at javax.crypto.Cipher.init(Cipher.java:1053)
     at 
org.apache.ws.security.message.WSSecEncryptedKey.prepareInternal(WSSecEncryptedKey.java:257)

So far I found no way to set the algorithm used to create the key. The 
problem occurs when WSSecEncryptedKey.prepareInternal(...) tries to 
initialize the cipher

cipher.init(Cipher.WRAP_MODE, remoteCert.getPublicKey(), oaepParameterSpec);

Some hints or links to tutorials are really appreciated. So far I found 
nothing helpful.

Best regards
Thomas Hofer

Re: ECC in combination with WSS4J

Posted by Thomas Hofer <th...@auto.tuwien.ac.at>.

Well, thank you. This is a bit awkward ;-)

Sorry for that not so good question :D


On 2013-01-08 11:08, Colm O hEigeartaigh wrote:
>
> You can't use a Key of type "SHA256withECDSA" for Encryption, only for 
> Signature.
>
> Colm.
>
> On Mon, Jan 7, 2013 at 3:11 PM, Thomas Hofer <thofer@auto.tuwien.ac.at 
> <ma...@auto.tuwien.ac.at>> wrote:
>
>     Hello!
>
>     I'm trying to use WSS4J in combination with elliptic curve
>     cryptography. I installed BouncyCastle as provider.
>     The PublicKey is of type SHA256withECDSA stored in a JKS, created
>     with the Java keytool (Java 7). The whole setup works if I switch
>     to RSA keys, but when I'm using an EC key following exception occurs:
>
>     Caused by: java.security.InvalidKeyException: unknown key type
>     passed to RSA
>         at
>     org.bouncycastle.jcajce.provider.asymmetric.rsa.CipherSpi.engineInit(Unknown
>     Source)
>         at javax.crypto.Cipher.implInit(Cipher.java:685)
>         at javax.crypto.Cipher.chooseProvider(Cipher.java:737)
>         at javax.crypto.Cipher.init(Cipher.java:1113)
>         at javax.crypto.Cipher.init(Cipher.java:1053)
>         at
>     org.apache.ws.security.message.WSSecEncryptedKey.prepareInternal(WSSecEncryptedKey.java:257)
>
>     So far I found no way to set the algorithm used to create the key.
>     The problem occurs when WSSecEncryptedKey.prepareInternal(...)
>     tries to initialize the cipher
>
>     cipher.init(Cipher.WRAP_MODE, remoteCert.getPublicKey(),
>     oaepParameterSpec);
>
>     Some hints or links to tutorials are really appreciated. So far I
>     found nothing helpful.
>
>     Best regards
>     Thomas Hofer
>
>
>
>
> -- 
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com

-- 
Dipl.-Ing. Thomas Hofer
Projektassistent
thofer@auto.tuwien.ac.at
Tel. +43 1 58801-18329
Fax +43 1 58801-18391
Institut für Rechnergestützte Automation
Treitlstr. 1-3/4. Stock/E183-1
TU Wien

Re: ECC in combination with WSS4J

Posted by Colm O hEigeartaigh <co...@apache.org>.

You can't use a Key of type "SHA256withECDSA" for Encryption, only for
Signature.

Colm.

On Mon, Jan 7, 2013 at 3:11 PM, Thomas Hofer <th...@auto.tuwien.ac.at>wrote:

>  Hello!
>
> I'm trying to use WSS4J in combination with elliptic curve cryptography. I
> installed BouncyCastle as provider.
> The PublicKey is of type SHA256withECDSA stored in a JKS, created with the
> Java keytool (Java 7). The whole setup works if I switch to RSA keys, but
> when I'm using an EC key following exception occurs:
>
> Caused by: java.security.InvalidKeyException: unknown key type passed to
> RSA
>     at
> org.bouncycastle.jcajce.provider.asymmetric.rsa.CipherSpi.engineInit(Unknown
> Source)
>     at javax.crypto.Cipher.implInit(Cipher.java:685)
>     at javax.crypto.Cipher.chooseProvider(Cipher.java:737)
>     at javax.crypto.Cipher.init(Cipher.java:1113)
>     at javax.crypto.Cipher.init(Cipher.java:1053)
>     at
> org.apache.ws.security.message.WSSecEncryptedKey.prepareInternal(WSSecEncryptedKey.java:257)
>
> So far I found no way to set the algorithm used to create the key. The
> problem occurs when WSSecEncryptedKey.prepareInternal(...) tries to
> initialize the cipher
>
> cipher.init(Cipher.WRAP_MODE, remoteCert.getPublicKey(),
> oaepParameterSpec);
>
> Some hints or links to tutorials are really appreciated. So far I found
> nothing helpful.
>
> Best regards
> Thomas Hofer
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com