[jira] [Closed] (WSS-574) IllegalArgumentException thrown in WSSecEncryptedKey due to incorrect keyAlgorithm

[Colm O hEigeartaigh (JIRA)]

     [ 
https://issues.apache.org/jira/browse/WSS-574?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh closed WSS-574.
-----------------------------------
    Resolution: Cannot Reproduce

> IllegalArgumentException thrown in WSSecEncryptedKey due to incorrect 
> keyAlgorithm
> ----------------------------------------------------------------------------------
>
>                 Key: WSS-574
>                 URL: https://issues.apache.org/jira/browse/WSS-574
>             Project: WSS4J
>          Issue Type: Bug
>          Components: WSS4J Core
>         Environment: Windows 7 64 bit, java jdk 7.0_79, wss4j 1.6.18
>            Reporter: Jacobo Fernandez
>            Assignee: Colm O hEigeartaigh
>
> This is hard to explain to me because I'm not expert in WSS, but this is what 
> I found:
> In {{WSSecEncryptedKey.prepareInternal}}, when 
> {{WSSecurityUtil.getCipherInstance(keyEncAlgo)}} is called, and 
> {{keyEncAlgo}} value is {{WSConstants.KEYTRANSPORT_RSAOEP}}, the 
> {{JCEMapper.translateURItoJCEID(cipherAlgo)}} is returning (in my case) 
> {{"RSA/ECB/OAEPPadding"}}. Then, oaepParameterSpec is not null and it leads 
> to the else, where it calls to {{cipher.init(Cipher.WRAP_MODE, 
> remoteCert.getPublicKey(), oaepParameterSpec)}}. This method call throws the 
> following exception:
> {{Caused by: java.lang.IllegalArgumentException: unknown parameter type.}}
>       {{at org.bouncycastle.jce.provider.JCERSACipher.engineInit(Unknown 
> Source)}}
>       {{at javax.crypto.Cipher.implInit(Cipher.java:791)}}
>       {{at javax.crypto.Cipher.chooseProvider(Cipher.java:849)}}
>       {{at javax.crypto.Cipher.init(Cipher.java:1348)}}
>       {{at javax.crypto.Cipher.init(Cipher.java:1282)}}
>       {{at 
> org.apache.ws.security.message.WSSecEncryptedKey.prepareInternal(WSSecEncryptedKey.java:257)}}
> If I modify the first lines of {{getCipherInstance}} to this:
>       public static Cipher getCipherInstance(String cipherAlgo)
>                       throws WSSecurityException {
>               try {
>                       String keyAlgorithm = 
> JCEMapper.translateURItoJCEID(cipherAlgo);
>             if (WSConstants.KEYTRANSPORT_RSAOEP.equals(cipherAlgo)) {
>                               try {
>                                       return 
> Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding");
>                               } catch (Exception e) {
>                                       throw new WSSecurityException(
>                                               
> WSSecurityException.UNSUPPORTED_ALGORITHM, "unsupportedKeyTransp",
>                         new Object[] { "No such algorithm: " + cipherAlgo }, 
> e);
>                 }
>             }
>             String provider = JCEMapper.getProviderId();
>             if (provider == null) {
>                 return Cipher.getInstance(keyAlgorithm);
>             }
>               ...
> it works. Don't know if this is a problem with the JCEMapper or wss4j itself.
> Sorry for the bad explanation. Hope it helps.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@ws.apache.org
For additional commands, e-mail: dev-h...@ws.apache.org