Unex Unexpected number of X509Data: for decryption (KeyId))

Thu, 13 Oct 2005 05:33:12 -0700 

Hi All,
I have a pkcs12 keystore with I've generated with keytool, which I want to use to encrypt SOAP requests to my Axis/wss4j web services. When I use it with an axis/wss4j client everything works perfectly. 


When I import it into a Windows certificate store to test a .Net client 
I get the following error message returned:


WSDoAllReceiver: security processing failed; nested exception is:
       org.apache.ws.security.WSSecurityException: General security error (Unex
pected number of X509Data: for decryption (KeyId))


This is the SOAP message sent from the .Net client (copied from axis 
tcpmon).


<?xml version="1.0" encoding="utf-8"?>

  <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"; 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; 
xmlns:xsd="http://www.w3.org/2001/XMLSchema"; 
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"; 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>

     <soap:Header>
        <wsa:Action>getBiorsEntry</wsa:Action>

        
<wsa:MessageID>uuid:7c6742d2-5ec5-4465-aeb9-e0ee12bf7173</wsa:MessageID>

        <wsa:ReplyTo>

           
<wsa:Address>http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous</wsa:Address>

        </wsa:ReplyTo>

        
<wsa:To>http://146.107.217.111:8081/axis/services/BiorsAdvancedQueryDocStyleSecure</wsa:To>

        <wsse:Security soap:mustUnderstand="1">

           <wsu:Timestamp 
wsu:Id="Timestamp-bda80e24-0a96-47a1-9600-bec8ad62927f">

              <wsu:Created>2005-10-13T09:27:44Z</wsu:Created>
              <wsu:Expires>2005-10-13T09:32:44Z</wsu:Expires>
           </wsu:Timestamp>

           <wsse:UsernameToken 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; 
wsu:Id="SecurityToken-2cf67c96-d14c-4fcb-bcee-856a8fa67e3f">

              <wsse:Username>wss4j</wsse:Username>

              <wsse:Password 
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>security</wsse:Password>

              <wsse:Nonce>vqUTW/mY5hURRfUykdRUFQ==</wsse:Nonce>
              <wsu:Created>2005-10-13T09:27:44Z</wsu:Created>
           </wsse:UsernameToken>

           <xenc:EncryptedKey 
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";>
              <xenc:EncryptionMethod 
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"; />

              <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";>
                 <wsse:SecurityTokenReference>

                    <wsse:KeyIdentifier 
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier"; 
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";>9Ae/KF1taLmzMuhe3QQoHAabvNo=</wsse:KeyIdentifier>

                 </wsse:SecurityTokenReference>
              </KeyInfo>
              <xenc:CipherData>

                 
<xenc:CipherValue>I62z77wPGyme2W1rifQNJ+cLhBpxGqpXzrqzxBWYaDia18kvQhVVnz5bN+5yhnsNuVUAf/9fk/pDWq/uXgYcNNydRD91JcgPwRx7F698UrMgtgq4O6ky7uh0LsFWsf3Nz0k0Npuz/+7V8C70XsPtkWYltTGSu0CTchCd6cN5SXQ=</xenc:CipherValue>

              </xenc:CipherData>
              <xenc:ReferenceList>

                 <xenc:DataReference 
URI="#EncryptedContent-047482d9-a533-482a-8edb-16f1beb5b425" />

              </xenc:ReferenceList>
           </xenc:EncryptedKey>
        </wsse:Security>
     </soap:Header>
     <soap:Body>

        <xenc:EncryptedData 
Id="EncryptedContent-047482d9-a533-482a-8edb-16f1beb5b425" 
Type="http://www.w3.org/2001/04/xmlenc#Content"; 
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";>
           <xenc:EncryptionMethod 
Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"; />

           <xenc:CipherData>

              
<xenc:CipherValue>56JRgwnk0JnITQ9UeTL8eVKn7Rcy4zv+QRa4au1zQdqT2gTGtgZZHbbxUjD/dkYogIUM7u+8rGjeyZTWlFbZfsgnkNpKKcUP5Q+Jv0t1Ll3s6Q1uEIHqAV49Oc9aOs/gWcbClW/ZOPOMagxLRKx0XcicAi8Wzi/oFBci9dBlpei4xQ9QPfy1cykWHLWVOQEUvZg4+aqK/7vnywsWG01QvIcugrTd+Ke7+/0GYHBbEwTE1zhLInixMUqh+JwpzWiY/lRFWPLUG/zXp8sE3h9rcwQzzqoWpYYYQImgNSvcB+cYytJMLD/xuoLoU7hu/T5eNRo7XISyDW93pb90IDiuMzanteGZUjLP+V5QBa9EkxWs8CeT0BzzN7tGzLirmvBLMmyyE44IxhxHmNXWDdIDY3l4AY5XSXwcEjwNvhuo92n4BMsra+Z+b33GT3teAWIFdxyK9JYjMht3AyLijUTiEJnHwVSJJZ9oVnkJDYTHk9QIweq+DfvcfRrGIXKYM9un144kiipUlimGPV4/67yN3F8Emm9YKhLp</xenc:CipherValue>

           </xenc:CipherData>
        </xenc:EncryptedData>
     </soap:Body>
  </soap:Envelope>


If anyone hase come across the same error and can point me in the right 
direction I'd be very grateful.


Thanks in advance.

Richard.

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to