Hi,
I generated encrypted password in windows machine and using it in Unix
environment. I deployed standalone java programs as jar files and when i
execute it withencrypted password it works fine in Unix environment (AIX
machine) though the encrypted one was generated in Windows environment.
But i have few http web service projects in Fuse and when i try to use those
projects with this encrypted password I am getting this above mentioned
error. This looks starnge for me.
Do I need to use any certificates related to fuse?
Kindly help to sort out this issue.
Regards
B.Jayasree
jayasreeb wrote:
>
> Hi,
>
>
> We are working on fuse-esb-3.3.1.3. I havei mplemented Encryption and
> Decryption using Java 1.5 and I have placed Common-codec-1.3 jar under lib
> directory of Fuse.During the execution of Fuse project it works perfectly
> fine in windows system.In Unix i am getting following error.
>
> org.springframework.jms.listener.adapter.ListenerExecutionFailedException:
> Exchange processing failed; nested exception is org.a
> che.cxf.interceptor.Fault
> Caused by:
> org.apache.cxf.interceptor.Fault
> at
> org.apache.cxf.service.invoker.AbstractInvoker.createFault(AbstractInvoker.java:110)
> at
> org.apache.cxf.jaxws.JAXWSMethodInvoker.createFault(JAXWSMethodInvoker.java:86)
> at
> org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:98)
> at
> org.apache.cxf.jaxws.JAXWSMethodInvoker.invoke(JAXWSMethodInvoker.java:110)
> at
> org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:68)
> at
> org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:56)
> at
> org.apache.cxf.workqueue.SynchronousExecutor.execute(SynchronousExecutor.java:37)
> at
> org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:92)
> at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:221)
> at
> org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:77)
> at
> org.apache.cxf.transport.jbi.JBIDispatcherUtil.dispatch(JBIDispatcherUtil.java:156)
> at
> org.apache.servicemix.cxfse.CxfSeEndpoint.process(CxfSeEndpoint.java:232)
> at
> org.apache.servicemix.common.AsyncBaseLifeCycle.doProcess(AsyncBaseLifeCycle.java:540)
> at
> org.apache.servicemix.common.AsyncBaseLifeCycle.processExchange(AsyncBaseLifeCycle.java:492)
> at
> org.apache.servicemix.common.BaseLifeCycle.onMessageExchange(BaseLifeCycle.java:46)
> at
> org.apache.servicemix.jbi.messaging.DeliveryChannelImpl.processInBound(DeliveryChannelImpl.java:610)
> at
> org.apache.servicemix.jbi.nmr.flow.AbstractFlow.doRouting(AbstractFlow.java:172)
> at
> org.apache.servicemix.jbi.nmr.flow.seda.SedaFlow.doRouting(SedaFlow.java:167)
> at
> org.apache.servicemix.jbi.nmr.flow.seda.SedaQueue$1.run(SedaQueue.java:134)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:665)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:690)
> at java.lang.Thread.run(Thread.java:810)
> Caused by:
> java.lang.ExceptionInInitializerError
> at java.lang.J9VMInternals.initialize(J9VMInternals.java:216)
> at javax.crypto.SecretKeyFactory.getInstance(Unknown Source)
> at com.cvs.eph.common.Encrypt.init(Encrypt.java:62)
> at com.cvs.eph.common.Encrypt.<init>(Encrypt.java:47)
> at com.cvs.eph.common.Decryptor.decrypt(Decryptor.java:39)
> at
> com.cvs.eph.initiate.InitiateExecuteDAO.<clinit>(InitiateExecuteDAO.java:54)
> at java.lang.J9VMInternals.initializeImpl(Native Method)
> at java.lang.J9VMInternals.initialize(J9VMInternals.java:194)
> at
> com.cvs.eph.ongoingmaint.OngoingMaintServiceImpl.deleteCustomer(OngoingMaintServiceImpl.java:996)
> at
> com.cvs.eph.ongoingmaint.OngoingMaintServiceImpl.ongoingMaintenance(OngoingMaintServiceImpl.java:131)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:79)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:618)
> at
> org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:127)
> at
> org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:82)
> ... 19 more
> Caused by:
> java.lang.SecurityException: Cannot set up certs for trusted CAs
> at javax.crypto.b.<clinit>(Unknown Source)
> at java.lang.J9VMInternals.initializeImpl(Native Method)
> at java.lang.J9VMInternals.initialize(J9VMInternals.java:194)
> ... 34 more
> Caused by:
> java.security.PrivilegedActionException:
> java.security.InvalidKeyException: Public key presented not for
> certificate signature
> at
> java.security.AccessController.doPrivileged(AccessController.java:250)
> ... 37 more
> Caused by:
> java.security.InvalidKeyException: Public key presented not for
> certificate signature
> at
> org.bouncycastle.jce.provider.X509CertificateObject.checkSignature(Unknown
> Source)
> at
> org.bouncycastle.jce.provider.X509CertificateObject.verify(Unknown Source)
> at javax.crypto.b.a(Unknown Source)
> at javax.crypto.b.access$500(Unknown Source)
> at javax.crypto.b$0.run(Unknown Source)
> at
> java.security.AccessController.doPrivileged(AccessController.java:246)
> ... 37 more
> ERROR - JmsComponent - Error setting exchange status to
> ERROR
> javax.jbi.messaging.MessagingException: illegal call to send / sendSync
> at
> org.apache.servicemix.jbi.messaging.MessageExchangeImpl.handleSend(MessageExchangeImpl.java:614)
> at
> org.apache.servicemix.jbi.messaging.DeliveryChannelImpl.doSend(DeliveryChannelImpl.java:385)
> at
> org.apache.servicemix.jbi.messaging.DeliveryChannelImpl.send(DeliveryChannelImpl.java:431)
> at
> org.apache.servicemix.common.BaseLifeCycle.onMessageExchange(BaseLifeCycle.java:58)
> at
> org.apache.servicemix.jbi.messaging.DeliveryChannelImpl.processInBound(DeliveryChannelImpl.java:610)
> at
> org.apache.servicemix.jbi.nmr.flow.AbstractFlow.doRouting(AbstractFlow.java:172)
> at
> org.apache.servicemix.jbi.nmr.flow.seda.SedaFlow.doRouting(SedaFlow.java:167)
> at
> org.apache.servicemix.jbi.nmr.flow.seda.SedaQueue$1.run(SedaQueue.java:134)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:665)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:690)
> at java.lang.Thread.run(Thread.java:810)
>
>
> Please find Encrypt.java file
>
> /*==========================================================================
> Copyright © 2008 CVS
> Encrypt 1.0 1-Nov-2008
> All rights Reserved. The contents of this file are a part of CVS EPH
> Project.
> You get a nonexclusive, limited right to use
> this file for the purpose for which it is delivered, solely in accordance
> with the agreement in place.
>
> ==========================================================================*/
> /**
> * Classname : Encrypt
> * Functionality Description : This class is implementing the logic for
> decryption
> * and the encryption of the passwords for the project
> * Modification Log
> * Date Author
> Description
> *
> --------------------------------------------------------------------------
> * 1-Nov-2008 Infosys Baseline Version
> * Release no : 1.0
> */
>
> package com.cvs.eph.common;
>
> import javax.crypto.Cipher;
> import javax.crypto.SecretKey;
> import javax.crypto.SecretKeyFactory;
> import javax.crypto.spec.PBEParameterSpec;
>
>
> public final class Encrypt
>
> {
> private Cipher encryptCipher;
> private Cipher decryptCipher;
> private org.apache.commons.codec.binary.Base64 encoder = new
> org.apache.commons.codec.binary.Base64();
> private org.apache.commons.codec.binary.Base64 decoder = new
> org.apache.commons.codec.binary.Base64();
>
> /**
> * Encrypts the password
> * @throws SecurityException
> */
> public Encrypt() throws SecurityException
> {
> //java.security.Security.addProvider(new
> com.sun.crypto.provider.SunJCE());
> char[] pass =
> "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789".toCharArray();
> byte[] salt = {(byte) 0xa3, (byte) 0x21, (byte) 0x24, (byte)
> 0x2c,
> (byte) 0xf2, (byte) 0xd2, (byte) 0x3e, (byte)
> 0x19};
> int iterations = 3;
> init(pass, salt, iterations);
> }
>
> /**
> * Performs encryption
> * @param pass - password
> * @param salt - array containing salt object
> * @param iterations - count
> * @throws SecurityException
> */
> public void init(char[] pass, byte[] salt, int iterations)throws
> SecurityException
> {
> try
> {
> PBEParameterSpec ps = new
> javax.crypto.spec.PBEParameterSpec(salt, 20);
> SecretKeyFactory skf =
> SecretKeyFactory.getInstance("PBEWithMD5AndDES");
> SecretKey sk = skf.generateSecret(new
> javax.crypto.spec.PBEKeySpec(pass));
>
> encryptCipher =
> Cipher.getInstance("PBEWithMD5AndDES/CBC/PKCS5Padding");
> encryptCipher.init(Cipher.ENCRYPT_MODE, sk, ps);
> decryptCipher =
> Cipher.getInstance("PBEWithMD5AndDES/CBC/PKCS5Padding");
> decryptCipher.init(Cipher.DECRYPT_MODE, sk, ps);
> }
>
> catch (Exception e)
> {
> throw new SecurityException("Could not initialize
> CryptoLibrary: " +
> e.getMessage());
> }
> }
>
> /**
> * convenience method for encrypting a string.
> *
> * @param str password
> * @return the encrypted string.
> * @exception SecurityException
> */
>
> public synchronized String encrypt(String str)throws SecurityException
> {
> try
> {
> byte[] utf8 = str.getBytes("UTF8");
> byte[] enc = encryptCipher.doFinal(utf8);
> return new String(encoder.encode(enc));
> }
> catch (Exception e)
> {
> throw new SecurityException("Could not encrypt: " +
> e.getMessage());
> }
> }
>
> /**
> * convenience method for decrypting a string.
> *
> * @param str - encrypted password
> * @return decrypted password
> * @exception SecurityException Description of the Exception
> */
>
> public synchronized String decrypt(String str)throws SecurityException
> {
> try
> {
>
> byte[] dec = decoder.decode(str.getBytes());
> byte[] utf8 = decryptCipher.doFinal(dec);
> return new String(utf8, "UTF8");
>
> }
>
> catch (Exception e)
> {
>
> throw new SecurityException("Could not decrypt: " +
> e.getMessage());
>
> }
>
> }
> }
>
> Encryptor.java
>
> /*==========================================================================
> Copyright © 2008 CVS
> Encryptor 1.0 1-Nov-2008
> All rights Reserved. The contents of this file are a part of CVS EPH
> Project.
> You get a nonexclusive, limited right to use
> this file for the purpose for which it is delivered, solely in accordance
> with the agreement in place.
>
> ==========================================================================*/
> /**
> * Classname : Encryptor
> * Functionality Description : This class is used for encryption of
> password used
> * in this project
> * Modification Log
> * Date Author
> Description
> *
> --------------------------------------------------------------------------
> * 1-Nov-2008 Infosys Baseline Version
> * Release no : 1.0
> */
> package com.cvs.eph.common;
>
> import java.io.BufferedReader;
> import java.io.InputStreamReader;
>
>
> public class Encryptor
> {
> /**
> * Calls encrypt classes
> * @param args
> */
> public static void main(String[] args)
> {
> try
> {
> Encrypt cl = new Encrypt();
> InputStreamReader isrTest = new
> InputStreamReader(System.in);
> BufferedReader brTest = new BufferedReader(isrTest);
> System.out.println("Enter the Password:");
> String strPassword =brTest.readLine();
> String strEncryptdPwd = cl.encrypt(strPassword);
> String dpass = cl.decrypt(strEncryptdPwd);
> System.out.println("Password: "+ strEncryptdPwd);
>
> brTest.readLine();
> }
> catch (Exception e)
> {
> System.out.println("Unable to encrypt the
> password:"+e.getMessage());
> e.printStackTrace();
> System.exit(1);
> }
> }
>
> }
>
>
> Decryptor.java
>
> /*==========================================================================
> Copyright © 2008 CVS
> Decryptor 1.0 1-Nov-2008
> All rights Reserved. The contents of this file are a part of CVS EPH
> Project.
> You get a nonexclusive, limited right to use
> this file for the purpose for which it is delivered, solely in accordance
> with the agreement in place.
>
> ==========================================================================*/
> /**
> * Classname : Decryptor
> * Functionality Description : This class is used for decrytpion of
> password used
> * in this project
> * Modification Log
> * Date Author
> Description
> *
> --------------------------------------------------------------------------
> * 1-Nov-2008 Infosys Baseline Version
> * Release no : 1.0
> */
>
>
> package com.cvs.eph.common;
>
> public class Decryptor
> {
> private static String strReqID = EPHConstants.COM_REQ_ID;
> private static String strErrCode =
> EPHConfig.getProperty("COM_ERRCD_DECRYPT",
> EPHConstants.COMMON_PROP_FILE_NAME);
>
> /**
> * Decrypts the password
> * @param strEncPwd
> * @return Decrypted password
> */
> public static String decrypt(String strEncPwd)
> {
> String strPwd = null;
> String strErrMsg = null;
> try
> {
> Encrypt objEncrypt = new Encrypt();
> strPwd= objEncrypt.decrypt(strEncPwd);
> }
> catch (Exception e)
> {
> if(EPHConfig.LOGDEBUG_FLAG.equals("YES"))
> {
>
> EPHLogger.logDebug(strReqID,"com.cvs.eph.common.Decryptor", "Common",
> "Unable to decrypt the password:"+e.getMessage());
> }
> EPHException eph = new EPHException();
> strErrMsg = EPHConfig.getProperty("COM_ERRMSG_DECRYPT",
> EPHConstants.COMMON_PROP_FILE_NAME);
> eph.setClassName("com.cvs.eph.common.Encryptor");
> eph.setErrorCode(strErrCode);
> eph.setErrorMsg(strErrMsg);
> eph.setExceptionType(EPHConstants.EXPTYPE_SYSTEM);
> eph.setSeverity(EPHConstants.LOG_SEV_CRITICAL);
> eph.setStackTrace(e.getStackTrace());
> System.exit(1);
> }
> return strPwd;
> }
>
> }
>
> Pls help me in resolving this issue.
>
> Regards,
> B.Jayasree
>
--
View this message in context:
http://www.nabble.com/Urgent-%21%21-Getting-java.lang.SecurityException%3A-Cannot-set-up-certs-for-trusted-CAs-in-Fuse-Projects-tp21543995p21598375.html
Sent from the ServiceMix - User mailing list archive at Nabble.com.
