I could not reproduce this using Sun's (not BouncyCastle) JCE provider.
I would check with BouncyCastle first and send the stack trace to them.
--Sean
David Dundua wrote:
Following demonstrates a NPE being thrown when data is less then 17 bytes in
length. Is this a known issue? Any thoughts on this would be appreciated.
Thanks
---------------------------------
package gov.epa.cdx.xml.security;
import org.apache.xml.security.encryption.EncryptedData;
import org.apache.xml.security.encryption.EncryptedKey;
import org.apache.xml.security.encryption.XMLCipher;
import org.apache.xml.security.keys.KeyInfo;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import javax.crypto.KeyGenerator;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import java.security.*;
import java.io.ByteArrayInputStream;
/**
* @author David Dundua ([EMAIL PROTECTED])
* @version $Id: $
*/
public class SmallDocSizeBug {
static {
Security.addProvider(new
org.bouncycastle.jce.provider.BouncyCastleProvider());
org.apache.xml.security.Init.init();
}
private static KeyPair generateRSA() throws Exception {
//now asymentric key pair
KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA");
kpGen.initialize(1024, new SecureRandom());
return kpGen.generateKeyPair();
}
private static Key generateAES() throws Exception {
//Create symteric key
KeyGenerator kg = KeyGenerator.getInstance("AES");
kg.init(128);
return kg.generateKey();
}
private static Document createEmptyDoc() throws Exception {
DocumentBuilder builder =
DocumentBuilderFactory.newInstance().newDocumentBuilder();
return builder.newDocument();
}
private static byte[] createDoc(int size) {
byte[] doc = new byte[size];
for (int i = 0; i < doc.length; i++) {
doc[i] = 111;
}
return doc;
}
public static void main(String[] args) {
try {
KeyPair rsaPair = generateRSA();
Key aesKey = generateAES();
Document document = createEmptyDoc();
byte[] doc16Bytes = createDoc(17);
XMLCipher keyCipher = XMLCipher.getInstance(XMLCipher.RSA_v1dot5);
keyCipher.init(XMLCipher.WRAP_MODE, rsaPair.getPublic());
EncryptedKey encryptedKey = keyCipher.encryptKey(document, aesKey);
//now we going to encrypt stuff
XMLCipher xmlCipher = XMLCipher.getInstance(XMLCipher.AES_128);
xmlCipher.init(XMLCipher.ENCRYPT_MODE, aesKey);
/*
* Setting keyinfo inside the encrypted data being prepared.
*/
EncryptedData encryptedData = xmlCipher.getEncryptedData();
org.apache.xml.security.keys.KeyInfo keyInfo = new
KeyInfo(document);
keyInfo.add(encryptedKey);
keyInfo.addKeyName("[EMAIL PROTECTED]");
encryptedData.setKeyInfo(keyInfo);
//Following call fails if the data is less then 17 bytes in length.
EncryptedData encData = xmlCipher.encryptData(document,
"http://localhost/test";,
new ByteArrayInputStream(doc16Bytes));
Element el = xmlCipher.martial(encData);
document.appendChild(el);
} catch (Throwable ex) {
ex.printStackTrace();
}
}
}
