Hello I am using Wss4j 1.5.12. We are trying to add an encrypted envelope to a
SOAP message. Where the encryption key is a derived key encrypted with the
recipient's certificate (public key). I am using the test case
TestWSSecurityNewDK as a sample to accomplish this.
I first setup certificates and private keys in a java keystore then add them to
the Crypto instance. I create two keystores, one for the recipient and one for
the sender. Then I setup the encrypted key object, using a x509 key identifier.
The doc is prepared and then the key and reference is saved, to be added to the
encryption object later. I then Sign the document with a X509 binary token
reference. The signed doc is encrypted with the DK encrypt object after setting
the key and key reference. When I validate the document with my own callback I
provide the "password".
The document is created correctly but then when I try to validate the headers,
it is not able to decrypt the temporary encryption key. I get "bad hash" or
"block corrupted" error.
org.apache.ws.security.WSSecurityException: The signature or decryption was
invalid
at
org.apache.ws.security.processor.ReferenceListProcessor.decryptEncryptedData(ReferenceListProcessor.java:244)
at
org.apache.ws.security.processor.ReferenceListProcessor.decryptDataRefEmbedded(ReferenceListProcessor.java:166)
at
org.apache.ws.security.processor.ReferenceListProcessor.handleReferenceList(ReferenceListProcessor.java:113)
at
org.apache.ws.security.processor.ReferenceListProcessor.handleToken(ReferenceListProcessor.java:76)
at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:328)
at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:245)
at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:198)
at
com.cybersource.nta.ws.WSSecurityFilterTest.testSignAndEncrypt(WSSecurityFilterTest.java:526)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at
org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
at
org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
at
org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
at
org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
at
org.junit.runners.BlockJUnit4ClassRunner.runNotIgnored(BlockJUnit4ClassRunner.java:79)
at
org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:71)
at
org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:49)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:193)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:52)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:191)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:42)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:184)
at org.junit.runners.ParentRunner.run(ParentRunner.java:236)
at org.junit.runner.JUnitCore.run(JUnitCore.java:157)
at
com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:78)
at
com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:212)
at
com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:68)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:140)
Caused by: org.apache.xml.security.encryption.XMLEncryptionException: pad block
corrupted
Original Exception was javax.crypto.BadPaddingException: pad block corrupted
at
org.apache.xml.security.encryption.XMLCipher.decryptToByteArray(Unknown Source)
at org.apache.xml.security.encryption.XMLCipher.decryptElement(Unknown
Source)
at
org.apache.xml.security.encryption.XMLCipher.decryptElementContent(Unknown
Source)
at org.apache.xml.security.encryption.XMLCipher.doFinal(Unknown Source)
at
org.apache.ws.security.processor.ReferenceListProcessor.decryptEncryptedData(ReferenceListProcessor.java:242)
... 33 more
senderHandler.getCrypto().setKeyStore(setupSenderKeystore());
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
// EncryptedKey encrypt with temporary session key
// and encrypt this temporary session key with the recipient's
// public key (certificate)
WSSecEncrypt encrKeyBuilder = new WSSecEncrypt();
encrKeyBuilder.setUserInfo("cybersource_sjc_us");
encrKeyBuilder.setKeyIdentifierType(WSConstants.X509_KEY_IDENTIFIER);
encrKeyBuilder.setKeyEnc(WSConstants.KEYTRANSPORT_RSAOEP);
encrKeyBuilder.prepare(doc, senderHandler.getCrypto());
//Key information from the EncryptedKey
byte[] ek = encrKeyBuilder.getEphemeralKey();
String tokenIdentifier = encrKeyBuilder.getId();
// Sign the message with senders private key
WSSecSignature sign = new WSSecSignature();
sign.setUserInfo("jasoneatoncorp", "jasoneatoncorp");
sign.setSignatureAlgorithm(XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256);
sign.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
Document signedDoc = sign.build(doc, senderHandler.getCrypto(), secHeader);
WSSecDKEncrypt encrBuilder = new WSSecDKEncrypt();
encrBuilder.setSymmetricEncAlgorithm(WSConstants.AES_128);
encrBuilder.setExternalKey(ek, tokenIdentifier);
Document signedEncryptedDoc = encrBuilder.build(signedDoc, secHeader);
assertNotNull(signedEncryptedDoc);
encrKeyBuilder.prependToHeader(secHeader);
encrKeyBuilder.prependBSTElementToHeader(secHeader);
//System.out.println(XMLUtils.PrettyDocumentToString(signedEncryptedDoc));
// Make this handler for recipient only ( keystore difference )
DigitalSignatureHandlerImpl2 recipientHandler = new
DigitalSignatureHandlerImpl2(newCASerial);
recipientHandler.init(securityDAO);
recipientHandler.getCrypto().setKeyStore(setupRecipientKeystore());
filter.init(filterConfig);
filter.digSigHandler = recipientHandler;
WSSecurityEngine secEngine = new WSSecurityEngine();
Vector result = secEngine.processSecurityHeader(doc, null, new
MyPasswordCallback(), recipientHandler.getCrypto());
...
public class MyPasswordCallback implements CallbackHandler {
private org.apache.log4j.Logger logger
= org.apache.log4j.Logger.getLogger(getClass());
public void handle(Callback[] callbacks)
throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof WSPasswordCallback) {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
int usage = pc.getUsage();
if (usage == WSPasswordCallback.USERNAME_TOKEN_UNKNOWN) {
logger.info("callback routine, usage USERNAME_TOKEN_UNKNOWN
for alias: " + pc.getIdentifer());
} else if (usage == WSPasswordCallback.DECRYPT) {
logger.info("callback routine, usage DECRYPT for alias: " +
pc.getIdentifer());
try {
if ("jasoneatoncorp".equals(pc.getIdentifier())) {
pc.setPassword("jasoneatoncorp");
pc.setKey(instPrivateKey(jasonPrivateKey).getEncoded());
} else if
("cybersource_sjc_us".equals(pc.getIdentifier())) {
pc.setPassword("cybersource_sjc_us");
pc.setKey(instPrivateKey(newServerKey).getEncoded());
}
} catch (CertificateException e) {
logger.info("callback routine, usage DECRYPT throws
exception: " + e.getMessage());
throw new UnsupportedCallbackException(pc);
} catch (IOException e) {
logger.info("callback routine, usage DECRYPT throws
exception: " + e.getMessage());
throw new UnsupportedCallbackException(pc);
} catch (NoSuchAlgorithmException e) {
logger.info("callback routine, usage DECRYPT throws
exception: " + e.getMessage());
throw new UnsupportedCallbackException(pc);
} catch (InvalidKeySpecException e) {
logger.info("callback routine, usage DECRYPT throws
exception: " + e.getMessage());
throw new UnsupportedCallbackException(pc);
}
} else if (usage == WSPasswordCallback.KEY_NAME) {
logger.info("callback routine, usage KEY_NAME for alias: "
+ pc.getIdentifer());
} else if (usage == WSPasswordCallback.SECURITY_CONTEXT_TOKEN) {
logger.info("callback routine, usage SECURITY_CONTEXT_TOKEN
for alias: " + pc.getIdentifer());
} else if (usage == WSPasswordCallback.SIGNATURE) {
logger.info("callback routine, usage SIGNATURE for alias: "
+ pc.getIdentifer());
} else if (usage == WSPasswordCallback.USERNAME_TOKEN) {
logger.info("callback routine, usage USERNAME_TOKEN for
alias: " + pc.getIdentifer());
} else if (usage == WSPasswordCallback.UNKNOWN) {
logger.info("callback routine, usage UNKNOWN for alias: " +
pc.getIdentifer());
} else {
logger.error("Unsupported password format.", null);
throw new UnsupportedCallbackException(
callbacks[i], "Unsupported password format.");
}
} else {
logger.error("Unrecognized Callback type.", null);
throw new UnsupportedCallbackException(
callbacks[i], "Unrecognized Callback type.");
}
}
}
}
I'm not sure if my issue is a misunderstanding how to use the API, SOAP in
general, or a technical issue. Any advice would be appreciated. Thanks.
