Yes, Merlin supports SHA-256. Do you have the unlimited security policies installed in the JDK?
Colm. On Fri, Mar 14, 2014 at 3:08 AM, Giriraj Bhojak <girira...@gmail.com> wrote: > Hello Colm, > > I created the keystore using standard java keytool command. I am not sure > how to create a BKS keystore. > When I tried using sha256 signature algorithm (by configuring > signatureAlgorithm in the interceptor via CXF)with Merlin, I ran into > algorithm not supported exception. sha1 signature algorithm worked properly. > Doesn't merlin support sha256 signature algorithm? > Do I need to use bouncy castle in this case? > Could you please help me out with it? > > Thanks, > Giriraj. > On Feb 24, 2014 5:37 AM, "Colm O hEigeartaigh" <cohei...@apache.org> > wrote: > >> >> With BouncyCastle, the Keystore type must be "BKS", so: >> >> org.apache.ws.security.crypto.merlin.keystore.type=BKS >> >> Note that the keystore itself must be compatible with BouncyCastle JKS >> implementation. >> >> Colm. >> >> >> On Fri, Feb 21, 2014 at 10:44 PM, Giriraj Bhojak <girira...@gmail.com>wrote: >> >>> Hello Colm, >>> >>> I didn't have any success using above properties. >>> I got following: >>> ... 2 more >>> Caused by: org.apache.ws.security.components.crypto.CredentialException: >>> Failed to load credentials. >>> at >>> org.apache.ws.security.components.crypto.Merlin.load(Merlin.java:376) >>> at >>> org.apache.ws.security.components.crypto.Merlin.loadProperties(Merlin.java:190) >>> at >>> org.apache.ws.security.components.crypto.Merlin.<init>(Merlin.java:140) >>> at >>> org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:117) >>> ... 17 more >>> Caused by: java.security.KeyStoreException: KeyStore jks implementation >>> not found >>> at java.security.KeyStore.getInstance(KeyStore.java:122) >>> at >>> org.apache.ws.security.components.crypto.Merlin.load(Merlin.java:362) >>> ... 20 more >>> Caused by: java.security.KeyStoreException: KeyStore jks implementation >>> not found >>> at java.security.KeyStore.getInstance(KeyStore.java:150) >>> at java.security.KeyStore.getInstance(KeyStore.java:120) >>> ... 21 more >>> >>> It was working with Merlin earlier. Here is my properties file: >>> org.apache.ws.security.crypto.merlin.keystore.file=sample.jks >>> org.apache.ws.security.crypto.merlin.keystore.password=password >>> org.apache.ws.security.crypto.merlin.keystore.type=jks >>> org.apache.ws.security.crypto.merlin.keystore.alias=alias1 >>> org.apache.ws.security.crypto.merlin.keystore.provider=BC >>> org.apache.ws.security.crypto.merlin.cert.provider=BC >>> >>> I have bcprov-jdk12-130.jar on the classpath. >>> >>> Could you please help me find out what I am doing wrong here? >>> >>> Thanks, >>> Giriraj. >>> >>> >>> On Tue, Feb 18, 2014 at 8:39 AM, Colm O hEigeartaigh < >>> cohei...@apache.org> wrote: >>> >>>> You can use BouncyCastle with the Merlin Crypto implementation. Simply >>>> add the property: >>>> >>>> org.apache.ws.security.crypto.merlin.keystore.provider=BC >>>> org.apache.ws.security.crypto.merlin.cert.provider=BC >>>> >>>> Colm. >>>> >>>> >>>> On Tue, Feb 18, 2014 at 1:27 PM, Giriraj Bhojak <girira...@gmail.com>wrote: >>>> >>>>> We have a specific requirement to use Bouncy Castle in the project. >>>>> Does this mean we can't use Bouncy Castle at all in the latest version >>>>> of wss4j? >>>>> >>>>> Thanks, >>>>> Giriraj. >>>>> On Feb 18, 2014 4:51 AM, "Colm O hEigeartaigh" <cohei...@apache.org> >>>>> wrote: >>>>> >>>>>> >>>>>> From what I recall, there was essentially little difference between >>>>>> the Merlin and BouncyCastle Crypto implementations, hence the latter was >>>>>> removed in WSS4J 1.6.x. Why do you need to use the BouncyCastle >>>>>> implementation, i.e. what is the Merlin implementation not doing for you? >>>>>> >>>>>> Colm. >>>>>> >>>>>> >>>>>> On Mon, Feb 17, 2014 at 7:56 PM, Giriraj Bhojak >>>>>> <girira...@gmail.com>wrote: >>>>>> >>>>>>> Hello, >>>>>>> >>>>>>> I need to use Bouncy Castle provider with WSS4J 1.6.13. >>>>>>> Merlin is used by default since 1.6.x. >>>>>>> Could anyone explain why this was done? >>>>>>> I mean was there something with Bouncy Castle that prompted this >>>>>>> change? >>>>>>> >>>>>>> And is following set of keys the right way to use Bouncy Castle with >>>>>>> WSS4J (found this from >>>>>>> https://community.oracle.com/thread/1529571?tstart=1872)? >>>>>>> >>>>>>> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.BouncyCastle >>>>>>> org.apache.ws.security.crypto.merlin.keystore.type=PKCS12 >>>>>>> org.apache.ws.security.crypto.merlin.keystore.password=password >>>>>>> org.apache.ws.security.crypto.merlin.keystore.alias=alias >>>>>>> org.apache.ws.security.crypto.merlin.alias.password=password >>>>>>> >>>>>>> >>>>>>> >>>>>>> Regards, >>>>>>> Giriraj. >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Colm O hEigeartaigh >>>>>> >>>>>> Talend Community Coder >>>>>> http://coders.talend.com >>>>>> >>>>> >>>> >>>> >>>> -- >>>> Colm O hEigeartaigh >>>> >>>> Talend Community Coder >>>> http://coders.talend.com >>>> >>>> -- >>>> Colm O hEigeartaigh >>>> >>>> Talend Community Coder >>>> <http://coders.talend.com>http://coders.talend.com >>>> >>>> -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
