[ 
https://issues.apache.org/jira/browse/WSS-461?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14942949#comment-14942949
 ] 

Namrata Jaiswal commented on WSS-461:
-------------------------------------

Thanks colm for your response! The above error I was getting while using wss4j 
dom api to encrypt/decrypt message using AES-GCM. But I got it working by 
upgrading JVM 1.7 SR3 to JVM SR9, looks like JCE issue. 

But when try to use stax api to encrypt/decrypt messages with AES-GCM then I 
get following error 
javax.xml.stream.XMLStreamException: 
org.apache.xml.security.exceptions.XMLSecurityException: Wrong parameter type: 
GCM expected
Original Exception was java.security.InvalidAlgorithmParameterException: Wrong 
parameter type: GCM expected
        at 
org.apache.xml.security.stax.impl.XMLSecurityStreamWriter.chainProcessEvent(XMLSecurityStreamWriter.java:64)
        at 
org.apache.xml.security.stax.impl.XMLSecurityStreamWriter.outputOpenStartElement(XMLSecurityStreamWriter.java:83)
        at 
org.apache.xml.security.stax.impl.XMLSecurityStreamWriter.writeEndElement(XMLSecurityStreamWriter.java:215)
        at 
org.apache.axiom.om.impl.MTOMXMLStreamWriter.writeEndElement(MTOMXMLStreamWriter.java:157)
        at 
org.apache.axiom.om.impl.util.OMSerializerUtil.serializeEndpart(OMSerializerUtil.java:57)
        at 
org.apache.axiom.om.impl.llom.OMElementImpl.internalSerialize(OMElementImpl.java:973)
        at 
org.apache.axiom.om.impl.llom.OMElementImpl.internalSerialize(OMElementImpl.java:965)
        at 
org.apache.axiom.om.impl.llom.OMSerializableImpl.serialize(OMSerializableImpl.java:125)
        at 
org.apache.axiom.om.impl.llom.OMSerializableImpl.serializeAndConsume(OMSerializableImpl.java:117)
        at org.apache.axiom.om.util.CopyUtils.reader2writer(CopyUtils.java:151)
        at 
com.ibm.b2b.enc.EncryptionTest.testEncryptionDecryptionAESGCMWithSTAX(EncryptionTest.java:138)
        at com.ibm.b2b.enc.EncryptionTest.main(EncryptionTest.java:200)
Caused by: org.apache.xml.security.exceptions.XMLSecurityException: Wrong 
parameter type: GCM expected
Original Exception was java.security.InvalidAlgorithmParameterException: Wrong 
parameter type: GCM expected
        at 
org.apache.xml.security.stax.impl.processor.output.AbstractEncryptOutputProcessor$AbstractInternalEncryptionOutputProcessor.init(AbstractEncryptOutputProcessor.java:190)
        at 
org.apache.wss4j.stax.impl.processor.output.EncryptOutputProcessor.processEvent(EncryptOutputProcessor.java:125)
        at 
org.apache.xml.security.stax.ext.AbstractOutputProcessor.processNextEvent(AbstractOutputProcessor.java:135)
        at 
org.apache.xml.security.stax.impl.OutputProcessorChainImpl.processEvent(OutputProcessorChainImpl.java:217)
        at 
org.apache.xml.security.stax.impl.XMLSecurityStreamWriter.chainProcessEvent(XMLSecurityStreamWriter.java:62)
        ... 11 more
Caused by: java.security.InvalidAlgorithmParameterException: Wrong parameter 
type: GCM expected
        at com.ibm.crypto.provider.AESGCMCipher.engineInit(Unknown Source)
        at javax.crypto.Cipher.a(Unknown Source)
        at javax.crypto.Cipher.a(Unknown Source)
        at javax.crypto.Cipher.init(Unknown Source)
        at javax.crypto.Cipher.init(Unknown Source)
        at 
org.apache.xml.security.stax.impl.processor.output.AbstractEncryptOutputProcessor$AbstractInternalEncryptionOutputProcessor.init(AbstractEncryptOutputProcessor.java:160)
        ... 15 more

I think this is due to incorrect (IvParameterSpec) parameter used in 
AbstractEncryptOutputProcessor.java  for GCM.


> org.apache.ws.security.processor.SignatureProcessor does not allow to add 
> custom resolver
> -----------------------------------------------------------------------------------------
>
>                 Key: WSS-461
>                 URL: https://issues.apache.org/jira/browse/WSS-461
>             Project: WSS4J
>          Issue Type: Improvement
>          Components: WSS4J Core
>    Affects Versions: 1.5.12
>            Reporter: Namrata Jaiswal
>            Assignee: Colm O hEigeartaigh
>            Priority: Critical
>
> org.apache.ws.security.processor.SignatureProcessor does not provide api to 
> add resource resolver. To explain it more,
> I received a soap message with a particular ID pattern and for that ID 
> pattern, I would like to provide my own implementation for 
> ResourceResolverSpi( that can be added to resource signature element). If 
> some api is exposed that allows user to provide their own implementation for 
> resourceresolver then it would great.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to