[jira] Created: (WSS-258) Newer version of SecureConversation not recognised for derived key algorithm

Fri, 03 Dec 2010 14:58:37 -0800 

Newer version of SecureConversation not recognised for derived key algorithm
----------------------------------------------------------------------------

                 Key: WSS-258
                 URL: https://issues.apache.org/jira/browse/WSS-258
             Project: WSS4J
          Issue Type: Bug
    Affects Versions: 1.5.8
            Reporter: Steve Jones
            Assignee: Colm O hEigeartaigh


The algorithm factory "org.apache.ws.security.conversation.dkalgo.AlgoFactory" 
only recognises the algorithm:

  http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1

It should also recognise the p_sha1 algorithm from the more recent version of 
WS-SecureConversation:

  http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/dk/p_sha1

Derived keys will work with the more recent version as long as the algorithm is 
omitted.

Here's an example of a token that won't work due to the new algorithm:

            <wssc:DerivedKeyToken
                
wssc:Algorithm="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/dk/p_sha1";
                wsu:Id="DerivedKey-Enc-4-2aab8c8e7dcbb5783588ab810c3d8b77" 
xmlns:wssc="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512";>
                <wsse:SecurityTokenReference>
                    <wsse:KeyIdentifier 
ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1";>Y55P46dTEkU3kk4LKsY16NXwRJ0=</wsse:KeyIdentifier>
                </wsse:SecurityTokenReference>
                <wssc:Generation>0</wssc:Generation>
                <wssc:Length>16</wssc:Length>
                <wssc:Label>DerivedKey</wssc:Label>
                <wssc:Nonce>A5c4yKeiuHrOeVq3kcMpMA==</wssc:Nonce>
            </wssc:DerivedKeyToken>

The associated error is:

Caused by: java.lang.RuntimeException: Undefined 'No such algorithm' resource 
property
        at 
org.apache.ws.security.conversation.ConversationException.getMessage(ConversationException.java:94)
        at 
org.apache.ws.security.conversation.ConversationException.<init>(ConversationException.java:47)
        at 
org.apache.ws.security.conversation.ConversationException.<init>(ConversationException.java:70)
        at 
org.apache.ws.security.conversation.dkalgo.AlgoFactory.getInstance(AlgoFactory.java:42)
        at 
org.apache.ws.security.processor.DerivedKeyTokenProcessor.deriveKey(DerivedKeyTokenProcessor.java:101)
        ... 35 more
Caused by: java.util.MissingResourceException: Can't find resource for bundle 
java.util.PropertyResourceBundle, key No such algorithm
        at java.util.ResourceBundle.getObject(ResourceBundle.java:374)
        at java.util.ResourceBundle.getString(ResourceBundle.java:334)
        at 
org.apache.ws.security.conversation.ConversationException.getMessage(ConversationException.java:92)
        ... 39 more

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to