It appears that there is a defect in the file: org. apache. xml. security. algorithms. encryption. implementations. BC. KeyTransportImpl_RSAPKCS15_BC. Before I describe the symptom I would like to show the fix because I bet it will job someone's memory. The following code block denoted by START — STOP needs to be added to the file.
org.apache.xml.security.algorithms.encryption.* does
not exist anymore. I suggest you want get the latest source, from
the CVS repository. ant
dist should do the trick to give you the latest xmlsec.jar.public EncryptionMethodParams engineInit(Element encryptionMethodElem)
throws org.apache.xml.security.exceptions.XMLSecurityException {if (encryptionMethodElem.getChildNodes().getLength() != 0) {
throw new XMLSecurityException(
"encryption.algorithmCannotEatInitParams");
}
// START - Add the following code to this method
try {
Cipher rsaCipher =
Cipher.getInstance(this.getImplementedAlgorithmJCE(),
this.getRequiredProviderName());this._cipher = new PKCS15Cipher(rsaCipher);} catch (NoSuchAlgorithmException ex) {
throw new XMLSecurityException("empty", ex);
} catch (NoSuchProviderException ex) {
throw new XMLSecurityException("empty", ex);
} catch (NoSuchPaddingException ex) {
throw new XMLSecurityException("empty", ex);
}// STOP
return null;
}The problem is that, on decryption, the EncryptedKey.getEncryptionMethod() function creates a new EncryptionMethod by invoking public EncryptionMethod(Element element, String BaseURI). That constructor calls engineInit(Element) instead of engineInit(Document doc, EncryptionMethodParams params). This results in the provider's member variable _cipher to still null when the provider's engineUnwrap() is called. Result is a NullPointerException. Adding the above code fixes the problem.Since there is no new version of the xmlsec.jar file out, is there some way around this problem?Thanks for your help.Stuart Jensen
smime.p7s
Description: S/MIME Cryptographic Signature
