RSA v1.5 works fine with WSS4J. For example, see the tests here: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/test/java/org/apache/ws/security/message/EncryptionAlgorithmSuiteTest.java?view=markup
Is the wrapping library excluding RSA v1.5 explicitly? Colm. On Mon, Jul 1, 2013 at 5:13 PM, Massimiliano Masi < [email protected]> wrote: > Hi All, > > I have the following XML excerpt, with a NON-BSP security header. > Java is with unlimited strength policy files. I receive this exception. > > it seems that the JCE Mapper is unable to resolve rsa-1_5. > > Is there a FAQ for that? > > Thanks a lot, > > > Massi > > Caused by: com.spirit.security.soap.SoapSecurityException: > org.apache.ws.security.WSSecurityException: An unsupported signature or > encryption algorithm was used (unsupported key transport encryption > algorithm: No such algorithm: http://www.w3.org/2001/04/xmlenc#rsa-1_5) > > at com.spirit.security.soap.SoapSecurity.verifySecurityHeader( > SoapSecurity.java:258) > > at com.spirit.direct.soap.DirectXDRSecurity.processIncoming( > DirectXDRSecurity.java:238) > > ... 25 more > > Caused by: org.apache.ws.security.WSSecurityException: An unsupported > signature or encryption algorithm was used (unsupported key transport > encryption algorithm: No such algorithm: > http://www.w3.org/2001/04/xmlenc#rsa-1_5) > > at org.apache.ws.security.util.WSSecurityUtil.getCipherInstance( > WSSecurityUtil.java:865) > > at org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken( > EncryptedKeyProcessor.java:96) > > at org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken( > EncryptedKeyProcessor.java:65) > > at org.apache.ws.security.WSSecurityEngine.processSecurityHeader( > WSSecurityEngine.java:396) > > at org.apache.ws.security.WSSecurityEngine.processSecurityHeader( > WSSecurityEngine.java:303) > > at org.apache.ws.security.WSSecurityEngine.processSecurityHeader( > WSSecurityEngine.java:248) > > at com.spirit.security.soap.SoapSecurity.verifySecurityHeader( > SoapSecurity.java:183) > > ... 26 more > > Caused by: java.security.NoSuchAlgorithmException: No transformation given > > at javax.crypto.Cipher.tokenizeTransformation(Cipher.java:288) > > at javax.crypto.Cipher.getTransforms(Cipher.java:412) > > at javax.crypto.Cipher.getInstance(Cipher.java:486) > > at org.apache.ws.security.util.WSSecurityUtil.getCipherInstance( > WSSecurityUtil.java:846) > > ... 32 more > > > > > > > <wsse:Security > xmlns:wsse=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd > " > xmlns:wsu=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd > " > env:mustUnderstand="true"> > <xenc:EncryptedKey xmlns:xenc=" > http://www.w3.org/2001/04/xmlenc#"; > Id="EK-1BA2E95532537EDE35137106980235720"> > <xenc:EncryptionMethod Algorithm=" > http://www.w3.org/2001/04/xmlenc#rsa-1_5"/> > <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> > <wsse:SecurityTokenReference> > <wsse:KeyIdentifier > EncodingType=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary > " > ValueType=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3 > " > > > MIIFEzCCA/ugAwIBAgIQdsrAAPW+inZUyNZDwobyjTANBgkqhkiG9w0BAQsFADBUMQswCQYDVQQGEwJVUzEmMCQGA1UEChMdQ29tbW9ud2VhbHRoIG9mIE1hc3NhY2h1c2V0dHMxHTAbBgNVBAMTFE1hc3NIaVdheSBJc3N1aW5nIENBMB4XDTEzMDMyODAwMDAwMFoXDTE0MDMyODIzNTk1OVoweTEqMCgGA1UEAwwhZGlyZWN0LmhvbHlva2UubWFzc2hpd2F5c3RhZ2UuY29tMRAwDgYDVQQKDAdIb2x5b2tlMSwwKgYDVQQLDCMyLjE2Ljg0MC4xLjExMzg4My4zLjg5LjEwNS4yMDAuMS4xNTELMAkGA1UEBhMCVVMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDg92AAmQbA02He0SbeiPwToxYhXAm1VMM3WEVI/M8cXIBQy/KjZwLnM2ihiUNgJpy9P0pYPMKBMm9HIvB+Wb/Ii7JaQHBV7XIDKyX9pE0j8LcTuxS1MWcR1O+iL1qdfOtjSfiuYc1xfQMscunHJxkvWFGlEMTX9Pa3XfLNJkkk63r1Nxrmtgt4QS5FCa3I3su50HjOcr2xLlixZdxpBjBtxrd3h6cO527QgCuROITWhVhfW6IPeyS5dwzXtV3t1bovp0aX47PDMyKmiuROGKXAYSnLPLX6wzWVB01Z36qQv1PbIPaN6Chg2GEDRUhIQV/RubDT/KbuvvzptWxjPmHPAgMBAAGjggG6MIIBtjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIFoDAnBgNVHSUEIDAeBggrBgEFBQcDAgYIKwYBBQUHAwEGCCsGAQUFBwMEMB0GA1UdDgQWBBRhUPF7apEE+57JFRsYFGAw4Ck6ETAsBgNVHREEJTAjgiFkaXJlY3QuaG9seW9rZS5tYXNzaGl3YXlzdGFnZS5jb20wHwYDVR0jBBgwFoAU7fH0HJRRpyZgbKXKjZarDCNvvtIwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzABhhtodHRwOi8vcGtpLW9jc3Auc3ltYXV0aC5jb20wXQYDVR0fBFYwVDBSoFCgToZMaHR0cDovL3BraS1jcmwuc3ltYXV0aC5jb20vY2FfZWNmNDE1ZjhjNjk3MWY5NmQ1ZjcyNGU5OTg0N2RiNGQvTGF0ZXN0Q1JMLmNybDAsBgpghkgBhvhFARADBB4wHAYSYIZIAYb4RQEQAQQHAQGEwqMPFgYxNDYxMTIwOQYKYIZIAYb4RQEQBQQrMCkCAQAWJGFIUjBjSE02THk5d2Eya3RjbUV1YzNsdFlYVjBhQzVqYjIwPTANBgkqhkiG9w0BAQsFAAOCAQEAU52qNDIFl5vWnN1LkWxBOSaMXHUfXt+MQDmZ8M/YfmXOkcwvBE739w3JTUEqXSKFqb5MUZSuGXM4kcqFjYjrkTszssKxccoRtosfM6RRDeCbqvNlbRj/dGKaj4/uH3xCaeZZLeN0WoxFsKU9nbVaCUQJAqP5vIdG6/MdldLaQr8AbSOtG4NmJReQwj0/XN81IZ9jGP6VMFir970VCyqCd4+8d0nZ98ab+oare6kv6D4+4hK8qKaSFhIQeI8I4/zoo8RYdPZqokId4aR5E2mC9QLtgWyFk/Yf3G+TSthUi0T9QrxWnheMiUNS1gtaeSbJLZmwkXPmN/v+kY9Sp6GDdA== > </wsse:KeyIdentifier> > </wsse:SecurityTokenReference> > </ds:KeyInfo> > <xenc:CipherData> > <xenc:CipherValue> > sPAWtKXEr9I97nMGDNMb4oYxDe2G1XZV5UNfEPB57m71u9hY/JDW61T7VOj0hYUA4jSRX6dwWgjN7FeZ3ejU0Y1qUVGYMKHQP6wOcdaXiRKQ+H7FCuFrUXl2DKUav3M4Ll74g4o42UVnFhOEHW5KVso8zvaOlJgJTyrDHYuLDdmoaxTiS6AbgXqhUrrwVN4qPagGRdLw92ndvUJ8GUd7azLk5BjS/6GIKp2Og3Q4q1Wl0FEwo+Vgr/dR75B0XQJGlGkHyQJcshE762JMzMK/r0NzQoEWsu71ea8iZgwwPueG3tZ+TzAUpTy1JfLstvE1ykCoZm8CP0lZDxpmWe9z8g== > </xenc:CipherValue> > </xenc:CipherData> > <xenc:ReferenceList> > <xenc:DataReference URI="#ED-15"/> > </xenc:ReferenceList> > </xenc:EncryptedKey> > <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; Id > ="SIG-14"> > <ds:SignedInfo> > <ds:CanonicalizationMethod Algorithm=" > http://www.w3.org/2001/10/xml-exc-c14n#";> > <ec:InclusiveNamespaces xmlns:ec=" > http://www.w3.org/2001/10/xml-exc-c14n#"; > PrefixList="env"/> > </ds:CanonicalizationMethod> > <ds:SignatureMethod Algorithm=" > http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> > <ds:Reference URI="#id-13"> > <ds:Transforms> > <ds:Transform Algorithm=" > http://www.w3.org/2001/10/xml-exc-c14n#";> > <ec:InclusiveNamespaces > xmlns:ec=" > http://www.w3.org/2001/10/xml-exc-c14n#"; PrefixList="" > /> > </ds:Transform> > </ds:Transforms> > <ds:DigestMethod Algorithm=" > http://www.w3.org/2000/09/xmldsig#sha1"/> > <ds:DigestValue>QqgS6lIMTvFJKUj5afXvXnQ1W4M= > </ds:DigestValue> > </ds:Reference> > </ds:SignedInfo> > <ds:SignatureValue> > SB+7/+s4ofbxI0WNoTowg8lDFs0ZLA3tRX7sagn2ljocZBUgMnDTw9+pyppuSnGyZKtFSESgPtLn/uPX8Oj7UhM0v1nsr3mMF3IvK1p1SJzTZMzfOZc7l4L9HMQxZD8xx08wpDWCFbTRD1aJ9wPDYcyADrM9cKyTIwg1fkcC9Om7ryOfjjScPkZa88OdIRY/baITl3nAJt2RXioP4cA4Oxa+u/9r7hu4tzAA3Ow+KO1ngYFxYeJsZWd8j8jqwpIA0JpJyXi98g+pb++GXjtVYy9X/Ri+QY6HUa+fvfua8KW2VRp4uaXVFS3S4J6Rdb3L87oJR2+5bVe9FvqPoNm1mQ== > </ds:SignatureValue> > <ds:KeyInfo Id="KI-1BA2E95532537EDE35137106980231418"> > <wsse:SecurityTokenReference wsu:Id= > "STR-1BA2E95532537EDE35137106980231419"> > <wsse:KeyIdentifier > EncodingType=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary > " > ValueType=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3 > " > > > MIIFKTCCBBGgAwIBAgIQW2vyszzvr/QDmIonMMTvizANBgkqhkiG9w0BAQsFADBUMQswCQYDVQQGEwJVUzEmMCQGA1UEChMdQ29tbW9ud2VhbHRoIG9mIE1hc3NhY2h1c2V0dHMxHTAbBgNVBAMTFE1hc3NIaVdheSBJc3N1aW5nIENBMB4XDTEyMTIyMzAwMDAwMFoXDTEzMTIyMzIzNTk1OVowgYkxLzAtBgNVBAMMJmRpcmVjdC5tYWluc3RyZWV0ZXIubWFzc2hpd2F5c3RhZ2UuY29tMRowGAYDVQQLDBFDVVNUT00tTUFTUy1ISUUtMTEWMBQGA1UECwwNTVVMVEktQUxMT1dFRDELMAkGA1UEBhMCVXMxFTATBgNVBAoMDG1haW5zdHJlZXRlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALeIw1Ct9T/ptgq9VPErpfGtE6AdiHQHh8JnsDnUla0EsZNEXwK5sGSM911fVaykO6Asf1ltPYUZh/JnipcP2aogUQXMHdle2IjZ4bOC0e9jyCHeOmoFLYkk662qL6tTsvCug90EdIsh55HjZ1WJD1dvZw8Pm5c+OSVXouLFlvtUL1q9qDNms20rnX5VpK55qkwWMwvu4TRDPbXqn7lOroiABUi032iIE5TjGKwQom1KPMRHtQa3XMDn4T+FDx0UFn41v4OjQcTl/hxIci/TeTsSod4ewohTO+Yoh5qIEhSvvjcEMUXYmRE//0Buj8IkstYlUbLeMVW71EOLy5ggB0cCAwEAAaOCAb8wggG7MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgWgMCcGA1UdJQQgMB4GCCsGAQUFBwMCBggrBgEFBQcDAQYIKwYBBQUHAwQwHQYDVR0OBBYEFPHGf6vRVdoRHpFgTKCd97lMYA3bMDEGA1UdEQQqMCiCJmRpcmVjdC5tYWluc3RyZWV0ZXIubWFzc2hpd2F5c3RhZ2UuY29tMB8GA1UdIwQYMBaAFO3x9ByUUacmYGylyo2Wqwwjb77SMDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAYYbaHR0cDovL3BraS1vY3NwLnN5bWF1dGguY29tMF0GA1UdHwRWMFQwUqBQoE6GTGh0dHA6Ly9wa2ktY3JsLnN5bWF1dGguY29tL2NhX2VjZjQxNWY4YzY5NzFmOTZkNWY3MjRlOTk4NDdkYjRkL0xhdGVzdENSTC5jcmwwLAYKYIZIAYb4RQEQAwQeMBwGEmCGSAGG+EUBEAEEBwEBhMKjDxYGMTQ2MTEyMDkGCmCGSAGG+EUBEAUEKzApAgEAFiRhSFIwY0hNNkx5OXdhMmt0Y21FdWMzbHRZWFYwYUM1amIyMD0wDQYJKoZIhvcNAQELBQADggEBADYSiYoMmvZT27aIA0+0vCLmEDuaYBqIE8Fhpju07MkBn28IakARzDlHN9zwPqEiHQJUFQXi0uwj8P29HyvWr2ZrsSLR7YCQbkw7zPypPf64M1F9jWDSay7srKsPkcoRsh2KZ+5N4sbklRDlybG+871ul53YotAaoTVOq5Lvukm0HmhEJUwXM+GfaE4V7j9pv4Dc+eAKaUANSlSKgSqpEIb7Ouw1yuUUv8kF3loMA6OePuUYa8biUpUJBWKbhZxoxzWO+43QqX7gOozATsqKXa84QPItJTbjKdtngfaKngm3WO/LJ9PPkWEci/Y2bmX3ypOcnjFpDBuvpA69vrN2oAM= > </wsse:KeyIdentifier> > </wsse:SecurityTokenReference> > </ds:KeyInfo> > </ds:Signature> > </wsse:Security> > > > > -- > Massimiliano Masi > > http://www.mascanc.net/~max > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
