Hi Ali,
hmm this is very strange .... since the TestCipher produced "BC" as
the output (i.e. bouncycastle is available as the default JCE
provider) you should be able to get the sample working if it is the
same JRE that is used by the security sample client.
Did you try this with JDK 1.4?
Thanks,
Ruchith
p.s. We were able to successfully run the security sample out of box
(with the correct services.xml) with the following configs:
Windows XP , JKD 1.4.2_02
Ubuntu Linux, JDK 1.4.2_08
Gentoo Linux, JDK 1.4.2_08
On 3/26/06, Ali Sadik Kumlali <[EMAIL PROTECTED]> wrote:
> Hi Ruchith,
>
> I ran TestChiper and got SunJCE as output. Then changed my java.security
> file as following:
>
> security.provider.1=sun.security.provider.Sun
> security.provider.2=org.bouncycastle.jce.provider.BouncyCastleProvider
> security.provider.3=sun.security.rsa.SunRsaSign
> security.provider.4=com.sun.net.ssl.internal.ssl.Provider
> security.provider.5=com.sun.crypto.provider.SunJCE
> security.provider.6=sun.security.jgss.SunProvider
> security.provider.7=com.sun.security.sasl.Provider
>
> And ran again. This time I got BC. With this configuration I ran
> securitySample and got the same error. To print all the settings, I changed
> build.xml as following:
>
> <project name="sample s" default="securitySample">
>
> <path id="axis.classpath">
> <fileset dir="../../lib">
> <include name="*.jar"/>
> </fileset>
> <fileset dir="lib">
> <include name="*.jar"/>
> </fileset>
> </path>
> <property name="axis.classpath.prop" refid="axis.classpath"/>
> <target name="securitySample">
> <echo message="[java.version]: ${java.version}" />
> <echo message="[java.home]: ${java.home}" />
> <echo message="[java.class.path]:" />
>
> <echo>-------------------------------------------------</echo>
> <echo message="${java.class.path}" />
>
> <echo>-------------------------------------------------</echo>
> <echo message="[axis.classpath]:" />
>
> <echo>-------------------------------------------------</echo>
> <echo message="${axis.classpath.prop}" />
>
> <echo>-------------------------------------------------</echo>
> <java classname="sample.security.C lient"
> classpathref="axis.classpath" fork="true">
> <arg value="client_repo"/>
> <arg value="8080"/>
> </java>
> </target>
> </project>
>
> It gave me following output:
>
>
> c:\axis2\samples\security>ant
> Buildfile: build.xml
>
> securitySample:
> [echo] [java.version]: 1.5.0_01
> [echo] [java.home]: D:\programs\Java\jdk1.5.0_01\jre
> [echo] [java.class.path]:
> [echo]
> -------------------------------------------------
> [echo]
> D:\mydocuments\programlama\lib\apache\ant\apache-ant-1.6.2\lib\ant-l
> auncher.jar;D:\mydocuments\programlama\lib\apache\ant\apache-ant-1.6.2\lib\ant-a
> ntlr.jar;D:\mydocuments\programlama\lib\apache\ant\apache-ant-1.6.2\lib\ant-apac
> he-bcel.jar;D:\mydocuments\programlama\lib\apache\ant\apache-ant-1.6.2\lib\ant-a
> pache-bsf.jar;D:\mydocuments\programlama\lib\apache\ant\apache-ant-1.6.2\lib\ant
> -apache-log4j.jar;D:\mydocuments\programlama\lib\apache\ant\apache-ant-1.6.2\lib
> \ant-apache-oro.jar;D:\mydocuments\programlama\lib\apache\ant\apache-ant-1.6.2\l
> ib\ant-apache-regexp.jar;D:\mydocuments\programlama\lib\apache\ant\apache-ant-1.
> 6.2\lib\ant-apache-resolver.jar;D:\mydocuments\programlama\lib\apache\ant\apache
> -ant-1.6.2\lib\ant-commons-logging.jar;D:\mydocuments\programlama\lib\apache\ant
> \apache-ant-1.6.2\lib\ant-commons-net.jar;D:\mydocuments\programlama\lib\apache\
> ant\apache-ant-1.6.2\lib\ant-icontract.jar;D:\mydocuments\programlama\lib\apache
> \ant\apache-ant-1.6.2\lib\ant-jai.jar;D:\mydocuments\programlama\lib\apache\ant\
> apache-ant-1.6.2\lib\ant-javamail.jar;D:\mydocuments\programlama\lib\apache\ant\
> apache-ant-1.6.2\lib\ant-jdepend.jar;D:\mydocuments\programlama\lib\apache\ant\a
> pache-ant-1.6.2\lib\ant-jmf.jar;D:\mydocuments\programlama\lib\apache\ant\apache
> -ant-1.6.2\lib\ant-jsch.jar;D:\mydocuments\programlama\lib\apache\ant\apache-ant
> -1.6.2\lib\ant-junit.jar;D:\mydocuments\programlama\lib\apache\ant\apache-ant-1.
> 6.2\lib\ant-launcher.jar;D:\mydocuments\programlama\lib\apache\ant\apache-ant-1.
> 6.2\lib\ant-netrexx.jar;D:\mydocuments\programlama\lib\apache\ant\apache-ant-1.6
> .2\lib\ant-nodeps.jar;D:\mydocuments\programlama\lib\apache\ant\apache-ant-1.6.2
> \lib\ant-starteam.jar;D:\mydocuments\programlama\lib\apache\ant\apache-ant-1.6.2
> \lib\ant-stylebook.jar;D:\mydocuments\programlama\lib\apache\ant\apache-ant-1.6.
> 2\lib\ant-swing.jar;D:\mydocuments\programlama\lib\apache\ant\apache-ant-1.6.2\l
> ib\ant-trax.jar;D:\mydocuments\programlama\lib\apache\ant\apache-ant-1.6.2\lib\a
> nt-vaj.jar;D:\mydocuments\programlama\lib\apache\ant\apache-ant-1.6.2\lib\ant-we
> blogic.jar;D:\mydocuments\programlama\lib\apache\ant\apache-ant-1.6.2\lib\ant-xa
> lan1.jar;D:\mydocuments\programlama\lib\apache\ant\apache-ant-1.6.2\lib\ant-xslp
> .jar;D:\mydocuments\programlama\lib\apache\ant\apache-ant-1.6.2\lib\ant.jar;D:\m
> ydocuments\programlama\lib\apache\ant\apache-ant-1.6.2\lib\bcel-5.1.jar;D:\mydoc
> uments\programlama\lib\apache\ant\apache-ant-1.6.2\lib\xercesImpl.jar;D:\mydocum
> ents\programlama\lib\apache\ant\apache-ant-1.6.2\lib\xml-apis.jar;D:\programs\Ja
> va\jdk1.5.0_01\lib\tools.jar
> [echo]
> -------------------------------------------------
> [echo] [axis.classpath]:
> [echo]
> -------------------------------------------------
> [echo] C:\axis2\lib\XmlSchema-SNAPSHOT.jar;C:\axis2\lib\annogen-0
> .1.0.jar;C:\axis2\lib\axiom-api-0.95.jar;C:\axis2\lib\axiom-impl-0.95.
> jar;C:\axis2\lib\axis-wsdl4j-1.2.jar;C:\axis2\lib\axis2-adb-0.95.jar;C
> :\axis2\lib\axis2-codegen-0.95.jar;C:\axis2\lib\axis2-doom-0.95.jar;C:
> \axis2\lib\axis2-kernel-0.95.jar;C:\axis2\lib\backport-util-concurrent
> -2.0_01_pd.jar;C:\axis2\lib\commons-codec-1.3.jar;C:\axis2\lib\commons
> -httpclient-3.0.jar;C:\axis2\lib\commons-logging-1.0.4.jar;C:\axis2\li
> b\geronimo-spec-activation-1.0.2-rc4.jar;C:\axis2\lib\geronimo-spec-javamai
> l-1.3.1-rc5.jar;C:\axis2\lib\geronimo-spec-jms-1.1-rc4.jar;C:\axis2\li
> b\jaxen-1.1-beta-7.jar;C:\axis2\lib\jaxme2-0.5.1.jar;C:\axis2\lib\jaxm
> ejs-0.5.1.jar;C:\axis2\lib\jaxmexs-0.5.1.jar;C:\axis2\lib\log4j-1.2.13
> .jar;C:\axis2\lib\maven-itest-plugin-1.0.jar;C:\axis2\lib\policy-1.0.j
> ar;C:\axis2\lib\servletapi-2.3.jar;C:\axis2\lib\stax-api-1.0.jar;C:\TE
> MP\axis2\lib\wstx-asl-2.8.2.jar;C:\axis2\lib\xalan-2.6.0.jar;C:\axis2\
> lib\xbean-2.1.0.jar;C:\axis2\lib\xercesImpl-2.7.1.jar;C:\axis2\lib\xml
> -apis-1.3.02.jar;C:\axis2\samples\security\lib\bcprov-jdk13-131.jar;C:\TEMP
> \axis2\samples\security\lib\commons-discovery-0.2.jar;C:\axis2\samples\secu
> rity\lib\secUtil.jar;C:\axis2\samples\security\lib\wss4j-SNAPSHOT.jar;C:\TE
> MP\axis2\samples\security\lib\xmlsec-1.2.1.jar
> [echo]
> -------------------------------------------------
>
> [java] org.apache.axis2.AxisFault: WSHandler: Encryption: error during
> mess
> age processingorg.apache.ws.security.WSSecurityException:
> An unsupported signatu
> re or encryption algorithm was used; nested exception is:
> [java]
> org.apache.xml.security.encryption.XMLEncryptionException:
> Canno
> t find any provider supporting AES/CBC/ISO10126Padding
> [java] Original Exception was
> java.security.NoSuchAlgorithmException: Canno
> t find any provider supporting AES/CBC/ISO10126Padding; nested exception
> is:
> [java]
> org.apache.ws.security.WSSecurityException: WSHandler:
> Encryptio
> n: error during message
> processingorg.apache.ws.security.WSSecurityException: An
> ...
>
>
>
>
> Ruchith Fernando <[EMAIL PROTECTED]> wrote:
> Hi,
>
> To ensure bouncycastle provider is picked up we insert it as the
> second in the list of providers.
> This done is each time the security handlers are invoked.
>
> Can you please run the attached TestCipher.java snippet and verify the
> above behaviour works in your _specific_ JDK version?
> VERY IMPORTANT : Make sure you have bcprov-jdk13-131.jar in the classpath.
>
> This is what I did to compile and run TestCipher.java from the same
> dir that it is saved:
>
> $ javac TestCipher.java
>
> $ java -cp
> ~/.maven/repository/bouncycastle/jars/bcprov-jdk13-131.jar:.
> TestCipher
>
> Thanks,
> Ruchith
>
>
> On 3/26/06, Ali Sadik Kumlali wrote:
> > Hi Ruchith,
> >
> > Thank you for your help. I want you to make sure that I didn't write my
> own
> > code and only try to run the samples/security that comes with Axis2.
> > Actually, I replaced it with the separately distributed sample listed in
> the
> > site. I could not find a big difference other than a typo in service.xml,
> > though.
> >
> > Anyway, I re-checked my folder structure and build.xml according to your
> > instructions, but could not find any difference. Moreover I tried
> followings
> > with JDK 1.5:
> >
> > 1) Renamed c:\axis2\lib to c:\axis2\libx and ran the sample. As expected,
> I
> > got "c:\axis2\lib not found" ant error. Therefore, I made sure that
> > build.xml is proper.
> >
> > 2) I did the same for c:\axis2\samples\security\lib folder and got the
> same
> > error. Therefore, I made sure that build.xml is proper.
> >
> > 3) Put bcprov-jdk13-131.jar under c:\axis2\samples\security\lib and ran
> the
> > sample. Got the "known error"[1].
> >
> > 4) Put bcprov-jdk13-131. jar under
> > D:\programs\Java\jdk1.5.0_01\jre\lib\ext\ and ran the
> > sample. Got the "known error"[1].
> >
> > [1] known error:
> > ------------------------------------
> >
> > c:\axis2\samples\security>ant
> >
> > Buildfile: build.xml
> >
> > securitySample:
> > [java] org.apache.axis2.AxisFault: WSHandler: Encryption: error during
> > mess
> > age processingorg.apache.ws.security.WSSecurityException:
> > An unsupported signatu
> > re or encryption algorithm was used; nested exception is:
> > [java]
> >
> org.apache.xml.security.encryption.XMLEncryptionException:
> > Canno
> > t fin d any provider supporting AES/CBC/ISO10126Padding
>
> >
> > [java] Original Exception was
> > java.security.NoSuchAlgorithmException:
> > ...
> > ------------------------------------
> >
> > Thanks a lot.
> >
> > Ali Sadik Kumlali
> >
> >
> > Ruchith Fernando wrote:
> >
> > Hi,
> >
> > Seems like the bouncycastle.jar is not in the classpath of the client.
> > This is the JCE provider we use instead of the default impl and it
> > contains implementations of the required algorithms.
> >
> > Please check whether you have a directory named 'lib' within in the
> > samples/security directory and it should contain bcprov-jdk13-131.jar
> > file [1].
> > Also please check whether the build.xml that you use has the following
> path
> > def.
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > And if those are available you can see that the ant build file
> > properly loads all the jars in the 'lib' directory.
> >
> > Thanks,
> > Ruchith
> >
> > [1] This directory also contains :
> > commons-discovery-0.2.jar
> > secUtil.jar
> > wss4j-SNAPSHOT.jar
> > xmlsec-1.2.1.jar
> >
> > On 3/25/06, Ali Sadik Kumlali wrote:
> > > Dear all,
> > >
> > > Thanks to Axis2 team, 0.95 relase has finally announced on the site.
> > >
> > > Happily, there is an extra download for security sample which makes me
> > feel
> > > I finally get rid of security sample nightmare :)
> > >
> > > Unfortunately and surprisingly, I can't get security sample to work and
> > > still get the same errors. I've listed all my journey with the new
> release
> > > step by step.
> > >
> > > Hope, I'll somehow find a way to make it work :)
> > >
> > > Thanks,
> > >
> > > Ali Sadik Kumlali
> > >
> > >
> > >
> >
> -------------------------------------------------------------------------------
> > > TRIALS WITH JDK 1.4
> > >
> >
> -------------------------------------------------------------------------------
> > > Let's make sure the Java version:
> > >
> > > c:\axis2\samples\security>java -version
> > > java version "1.4.2_02"
> > > Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.2_02-b03)
> > > Java HotSpot(TM) Client VM (build 1.4.2_02-b03, mixed mode)
> > >
> > > Let's run the sample:
> > >
> > > c:\axis2\samples\security>ant
> > > Buildfile : build.xml
> > >
> > > securitySample:
> > > [java] org.apache.axis2.AxisFault: WSHandler: Encryption: error during
> > > mess
> > > age
> processingorg.apache.ws.security.WSSecurityException:
> > > An unsupported signatu
> > > re or encryption algorithm was used; nested exception is:
> > > [java]
> > >
> >
> org.apache.xml.security.encryption.XMLEncryptionException:
> > & gt; Canno
> >
> > > t find any provider supporting AES/CBC/ISO10126Padding
> > > < span style="font-family: courier;"> [java] Original Exception was
> > > java.security.NoSuchAlgorithmException: Canno
> > > t find any provider supporting AES/CBC/ISO10126Padding; nested exception
> > > is:
> > > [java]
> > > org.apache.ws.security.WSSecurityException: WSHandler:
> > > Encryptio
> > > n: error during message
> > > processingorg.apache.ws.security.WSSecurityException:
> An
> > > unsupported signature or encryption algorithm was used; nested exception
> > > is:
> > > [java]
> > > org.apache.xml.security.encryption.XMLEncryptionEx
> > ception:
> > > Canno
> > > t find any provider supporting AES/CBC/ISO10126Padding
> > > [java] Original Exception was
> > > java.security.NoSuchAlgorithmException: Canno
> > > t find any provider supporting AES/CBC/ISO10126Padding
> > > [java] at
> > >
> >
> org.apache.axis2.security.WSDoAllSender.invoke(WSDoAllSender.
> > > java:253)
> > >
> > > ...
> > >
> > >
> > >
> >
> -------------------------------------------------------------------------------
> > > TRIALS WITH JDK 1.5
> > >
> >
> -------------------------------------------------------------------------------
> > > Let's make sure the Java version:
> > >
> > > c:\axis2\samples\security>java -version
> > > java version "1.5.0_01"
> > > Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_01-b08)
> > > Java HotSpot(TM) Client VM (build 1.5.0_01-b08, mixed mode)
> > >
> > > Let's run the sample:
> > >
> &g t; > c:\axis2\samples\security>ant
>
> > > Buildfile: build.xml
> > >
> > > securitySample:
> > > [java] Exception in thread "main" java.lang.NoClassDefFoundError:
> > > org/apach
> > > e/xpath/compiler/FuncLoader
> > > [java] at
> > > org.apache.ws.security.WSSConfig.(WSSConfig.java:75)<
> > br>> [java] at
> >
> > >
> >
> org.apache.ws.security.WSSConfig.getNewInstance(WSSConfig.jav
> > > a:98)
> > > [java] at
> > > org.apache.ws.security.WSSConfig.(WSSConfig.java:48)
> > > [java] at
> > > org.apache.ws.security.WSSecurityEngine.(WSSecurityEn
> >
> > > gine.java:51)
> > > ...
> > >
> > > I remembered Ruchith Fernando's advice related to JDK 1.5 & Xalan and
> > > followed the link he gave:
> > >
> > >
> >
> http://svn.apache.org/viewcvs.cgi/*checkout*/webservices/axis2/trunk/java/xdocs/faq.html.
> > >
> > > Found an item mentioned to download xalan-2.7.0.jar. I downloaded it
> from:
> > >
> > > http://www.apache.org/dist/java-repository/xalan/jars/
> > >
> > > and put under c:\axis2\lib but got the same error. Searched in Google
> for
> > > org.apache.xpath.compiler.FuncLoader. What I found that
> > the
> > > FuncLoader.class existed in xalan-2.6.0.jar not in xalan-2.7.0.jar.
> > > Finally, down loaded xalan-2.6.0.jar and put under c:\axis2\lib. This
> time
> > I
> >
> > > got the same error found in JDK 1.4:
> > >
> > > securitySample:
> > > [java] org.apache.axis2.AxisFault: WSHandler: Encryption: error during
> > > mess
> > > age
> processingorg.apache.ws.security.WSSecurityException:
> > > An unsupported signatu
> > > re or encryption algorithm was used; nested exception is:
> > > [java]
> > >
> >
> org.apache.xml.security.encryption.XMLEncryptionException:
> > > Canno
> > > t find any provider supporting AES/CBC/ISO10126Padding
> > > [java] Original Exception was
> > > java.security.NoSuchAlgorithmException: Canno
> > > t find any provider supporting AES/CBC/ISO10126Padding; nested exception
> > > is:
> > > [java]
> > > org.apache.ws.security.WSSecurityException: WSHandler:
> > > Encryptio
> > > n: error during message
> > > processingorg.apache.ws.security.WSSecurityException:
> An
> > > unsupported signature or encryption algorithm was used; nested exception
> > > is:
> > > [java]
> > >
> >
> org.apache.xml.security.encryption.XMLEncryptionException:
> > > Canno
> > > ...
> > >
> > > Again looked in FAQ and added
> > >
> > >
> >
> security.provider.7=org.bouncycastle.jce.provider.BouncyCastleProvider
> > >
> > > line to
> > > < br>
> > > d:\programs\java\jre1.5.0_06\lib\security\java.security
> > >
> > > file. I made sure that java -version belonged to the java installation
> > > found under d:\programs\java\jre1.5.0_06. Therefore, I must had changed
> > > correct java.security file.
> > >
> > > Finally, ran the ant script again and, unfortunately, got the same
> error.
> > >
> > >
> > >
> > > ________________________________
> > > Yahoo! Messenger with Voice. PC-to-Phone calls for ridiculously low
> rates.
> > >
> > >
> >
> >
> >
> >
> > ________________________________
> > Blab-away for as little as 1�/min. Make PC-to-Phone Calls using Yahoo!
> > Messenger with Voice.
> >
> >
> import javax.crypto.Cipher;
>
> /*
> * Copyright 2004,2005 The Apache Software Foundation.
> *
> * Licensed under the Apache License, Version 2.0 (the "License");
> * you may not use this file except in compliance with the License.
> * You may obtain a copy of the License at
> *
> * http://www.apache.org/licenses/LICENSE-2.0
> *
> * Unless required by applicable law or agreed to in writing, software
> * distributed under the License is distributed on an "AS IS" BASIS,
> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
> * See the License for the specific language governing permissions and
> * limitations under the License.
> */
>
> /**
> *
> * @author Ruchith Fernando ([EMAIL PROTECTED])
> */
> public class TestCipher {
>
> public static void main(String[] args) {
> try {
> Class cl =
> Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider");
> java.security.Security.insertProviderAt(
> (java.security.Provider) cl.newInstance(), 2);
> Cipher c = Cipher.getInstance("AES/CBC/ISO10126PADDING");
> System.out.println(c.getProvider().getName());
> } catch (Exception e) {
> e.printStackTrace();
> }
> }
> }
>
>
>
> ________________________________
> New Yahoo! Messenger with Voice. Call regular phones from your PC for low,
> low rates.
>
>
