I don't use Orion on the job but I use Weblogic 6.0. I do, in fact, use JCE
and in order to avoid these errors you must place the 4 jars in the
../jre/lib/ext/ directory of the virtual machine you used to run the Orion
server.
For example if you ese c:\jdk1.3\bin\java.exe to start Orion, then place the
4 jars in c:\jdk1.3\jre\lib\ext directory.
Good luck!
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Smith Jason
Sent: Tuesday, February 27, 2001 4:47 AM
To: Orion-Interest
Subject: Extending Orion with JCE 1.2.1
Has anybody tried to use Java Cryptography Extension (JCE) 1.2.1 with Orion?
I am able to use the JCE libraries by placing all of the JCE jars in one
directory, setting the jars in my classpath and dynamically registering the
provider like this: java.security.Security.addProvider(new
com.sun.crypto.provider.SunJCE());.
Take a look at the class file further down - I can run that from the command
prompt with no probs. However, I would like to be able to submit the
arguments via Orion/jsp. The point of this exercise is to encrypt / decrypt
server side files based on a password.
I have tried copying all of the JCE jar files to the orion/lib folder. It
seems like Orion is picking up the jar files ok. However, I can't get it to
work right.
Also, I tried setting the class path using the -cp argument when starting
Orion, but the result was that Orion did not pick up the JCE jar files at
all.
Sometimes I get this error.
500 Internal Server Error
java.lang.ExceptionInInitializerError: java.lang.SecurityException: Cannot
set up certs for trusted CAs
at javax.crypto.b.<clinit>([DashoPro-V1.2-120198])
at javax.crypto.SecretKeyFactory.getInstance([DashoPro-V1.2-120198])
at test.jce.Password.doEncrypt(Password.java:47)
at test.jce.Password.main(Password.java:29)
at /jsp/Encrypt.jsp._jspService(/jsp/Encrypt.jsp.java:39) (JSP page
line 11)
at com.orionserver.http.OrionHttpJspPage.service(JAX)
at com.evermind.server.http.HttpApplication.xj(JAX)
at com.evermind.server.http.JSPServlet.service(JAX)
at com.evermind.server.http.d3.sw(JAX)
at com.evermind.server.http.d3.su(JAX)
at com.evermind.server.http.ef.s1(JAX)
at com.evermind.server.http.ef.do(JAX)
at com.evermind.util.f.run(JAX)
Other times I get this error.
500 Internal Server Error
java.lang.NoClassDefFoundError
at javax.crypto.SecretKeyFactory.getInstance([DashoPro-V1.2-120198])
at test.jce.Password.doEncrypt(Password.java:47)
at test.jce.Password.main(Password.java:29)
at /jsp/Encrypt.jsp._jspService(/jsp/Encrypt.jsp.java:39) (JSP page
line 11)
at com.orionserver.http.OrionHttpJspPage.service(JAX)
at com.evermind.server.http.HttpApplication.xj(JAX)
at com.evermind.server.http.JSPServlet.service(JAX)
at com.evermind.server.http.d3.sw(JAX)
at com.evermind.server.http.d3.su(JAX)
at com.evermind.server.http.ef.s1(JAX)
at com.evermind.server.http.ef.do(JAX)
at com.evermind.util.f.run(JAX)
I am pretty much clueless on this one...
Help!
Here is all the code.
Thanks,
Jason
<<<<--------------------------JSP---------------------->>>>>
<%@ page language="java" import="java.util.*,test.jce.*"%>
<%
try{
if(request.getParameter("txtCommand") != null)
{
test.jce.Password password = new test.jce.Password();
String[] args = {request.getParameter("txtCommand"),
request.getParameter("txtPassword"),
request.getParameter("txtFileIn"),
request.getParameter("txtFileOut")};
password.main(args);
}
}catch(Exception e)
{
System.out.println("Error: " + e);
}
%>
<html>
<head><title>JSP Page</title></head>
<body>
<center>
<form action="Encrypt.jsp" method="post">
<table>
<tr><td>
Command:</td><td><input type="text" name=txtCommand></td>
<tr><td>
Password:</td><td><input type="text" name=txtPassword></td></tr>
<tr><td>
FileOut:</td><td><input type="text" name=txtFileOut></td></tr>
<tr><td>
FileIn:</td><td><input type="text" name=txtFileIn></td></tr>
<tr><td>
<input type=submit value=submit></td></tr>
</form>
</center>
</body>
</html>
<<<<<<<<<<<<--------------------END JSP---------------->>>>>>>>>>>>>>>>>
<<<<<<<<<<<<<<<----------------Password Class>>>>>>>>>>>>>>>>>><<
/*
* Password.java
*
* Created on February 26, 2001, 10:56 AM
*/
package test.jce;
import javax.crypto.spec.*;
import javax.crypto.*;
import java.io.*;
import javax.crypto.CipherOutputStream;
/**
*
* @author jasm
* @version
*/
public class Password extends Object {
/** Creates new Password */
public Password() {
}
/**
* @param args the command line arguments
*/
public static void main (String args[]) throws Exception{
if(args[0].equalsIgnoreCase("encrypt"))
doEncrypt(args[1],args[2],args[3]);
if(args[0].equalsIgnoreCase("decrypt"))
doDecrypt(args[1],args[2],args[3]);
if(args.length == 0)
{ System.out.println("usage: decrypt password inputFile
outputFile");
System.out.println("OR");
System.out.println("usage: encrypt password inputFile
outputFile");
}
}
public static void doEncrypt(String password,String inputFile, String
outputFile) throws Exception
{
java.security.Security.addProvider(new
com.sun.crypto.provider.SunJCE());
byte[] salt = {(byte)0xc9, (byte)0x36, (byte)0x78, (byte)0x99,
(byte)0x52,(byte)0x3e,(byte)0xea, (byte)0xf2};
PBEParameterSpec paramSpec = new PBEParameterSpec(salt,20);
PBEKeySpec keySpec = new PBEKeySpec(password.toCharArray());
SecretKeyFactory kf =
SecretKeyFactory.getInstance("PBEWithMD5AndDES");
SecretKey key = kf.generateSecret(keySpec);
Cipher c = Cipher.getInstance("PBEWithMD5AndDES");
c.init(Cipher.ENCRYPT_MODE, key, paramSpec);
java.io.FileInputStream fis = new java.io.FileInputStream(new
File(inputFile));
java.io.FileOutputStream fos = new java.io.FileOutputStream(new
File(outputFile));
CipherOutputStream cos = new CipherOutputStream(fos,c);
byte[] data = new byte[4096];
while (fis.available()>4096) {
fis.read(data);
cos.write(data,0,4096);
}
// Encrypt the leftovers, if any.
if (fis.available()>0) {
int len = fis.available();
fis.read(data,0,len);
cos.write(data,0,len);
}
cos.close(); // Close the CipherOutputStream, which means that the
// padding is automagically applied and the remaining
// data flushed into FileOutputStream fos.
fis.close(); // Close the FileInputStream - the file which
// contained the unencrypted data
fos.close(); // Close the FileOutputStream - the file with the
// encrypted data
System.out.println("Done");
}
public static void doDecrypt(String password, String inputFile, String
outputFile)throws Exception
{
java.security.Security.addProvider(new
com.sun.crypto.provider.SunJCE());
byte[] salt = {(byte)0xc9, (byte)0x36, (byte)0x78, (byte)0x99,
(byte)0x52,(byte)0x3e,(byte)0xea, (byte)0xf2};
PBEParameterSpec paramSpec = new PBEParameterSpec(salt,20);
PBEKeySpec keySpec = new PBEKeySpec(password.toCharArray());
SecretKeyFactory kf =
SecretKeyFactory.getInstance("PBEWithMD5AndDES");
SecretKey key = kf.generateSecret(keySpec);
Cipher c = Cipher.getInstance("PBEWithMD5AndDES");
c.init(Cipher.DECRYPT_MODE, key, paramSpec);
java.io.FileInputStream fis = new java.io.FileInputStream(new
File(inputFile));
java.io.FileOutputStream fos = new java.io.FileOutputStream(new
File(outputFile));
CipherOutputStream cos = new CipherOutputStream(fos,c);
byte[] data = new byte[4096];
while (fis.available()>4096) {
fis.read(data);
cos.write(data,0,4096);
}
// Encrypt the leftovers, if any.
if (fis.available()>0) {
int len = fis.available();
fis.read(data,0,len);
cos.write(data,0,len);
}
cos.close(); // Close the CipherOutputStream, which means that the
// padding is automagically applied and the remaining
// data flushed into FileOutputStream fos.
fis.close(); // Close the FileInputStream - the file which
// contained the unencrypted data
fos.close(); // Close the FileOutputStream - the file with the
// encrypted data
System.out.println("Done");
}
}
<<<<<<<<<<<<<<<<<<----------------END Password
Class--------------------->>>>>>>>>>>>>>>>>>>>>><
