Try putting the provider jar in jre/lib/ext and add BC to the java.security file as well.
Regards, David On Tue, 2007-07-17 at 11:03 -0400, [EMAIL PROTECTED] wrote: > Thanks very much for your reply, David. Now I have something to work with. > > I tried removing the BouncyCastle jar from my project, but it looks like > wss4j requires it. When I remove it, I get an error saying that Cipher can't > find a provider supporting the algorithm. I tried it with the algorithms > defined in wss4j, namely > > AES/CBC/ISO10126Padding and DESede/CBC/ISO10126Padding. > > this happens both on Sun's java with providers SUN, SunJSSE, SunRsaSign, > SunJCE and SunJGSS, and on IBM's java with providers IBMJCE, IBMJSSE, > IBMJGSSProvider, IBMCertPath and IBMPKCS11. (I get those by printing out > what's returned by Security.getProviders() ). > > I tried setting the algorithm to "AES" to see if that works, but that causes > a null pointer exception in wss4j, so I figure I need to use the ones that > are defined in wss4j. > > So I'm stuck. With IBM's java, I get the class loader issue if I supply the > BouncyCastle jar, and I get an UnsupportedAlgorithm exception if I don't. > > Any hints would be very gratefully appreciated! > > cheers, > Michael Davis > > > > -----Original Message----- > > From: David Hook [mailto:[EMAIL PROTECTED] > > Sent: Monday, July 16, 2007 8:35 PM > > To: Davis, Michael > > Cc: [EMAIL PROTECTED] > > Subject: Re: [dev-crypto] Bug in Cipher class? > > > > > > > > It's a class loader issue - ciphers need to be loaded by the system > > class loader as the JCE is loaded by it. If the provider jar > > gets loaded > > by another untrusted class loader the getInstance() call on > > Cipher will > > fail with either ClassNotFoundException if no other class loader can > > return the class, or ClassCastException if the class is returned by a > > class loader but isn't properly annotated. > > > > You need to make sure the same class loader is picking up the provider > > jars as is picking up the JCE classes. > > > > Regards, > > > > David > > On Mon, 2007-07-16 at 15:08 -0400, [EMAIL PROTECTED] > > wrote: > > > Hi, > > > > > > I've asked this question on the Apache xml security mailing > > list, but I got no answer. I figure you folks must be experts > > on this stuff, so... > > > > > > I'm developing a web service using Axis2. I'm using its > > WS-Security framework to encrypt the xml messages. This > > framework ultimately uses the Apache XML Security library, > > which has this line of code: > > > > > > instance._contextCipher = Cipher.getInstance(jceAlgorithm); > > > > > > This works fine using the Sun jdk1.4, which uses Sun's > > jce.jar and sunjce_provider.jar. It also works fine using the > > BouncyCastle classes - Sun's Cipher class finds and returns > > the appropriate BC class. > > > > > > However, when I try to run the app on WebSphere 5.1, I get > > this error: > > > > > > java.lang.ClassCastException: com.ibm.crypto.provider.AESCipher > > > at javax.crypto.Cipher.getInstance(Unknown Source) > > > > > > This is getting thrown by IBM's javax.crypto.Cipher class > > in ibmjcefw.jar. > > > > > > This happens even if I manipuate the providers to load the > > BC classes first - in that case the class causing the > > ClassCastException is > > org.bouncycastle.jce.provider.JCEBlockCipher$AES. > > > > > > Have any of you ever seen this problem before? > > > > > > Many thanks, > > > Michael Davis > > > Ottawa > > > > > > > > > > > > > > >
