[ http://issues.apache.org/jira/browse/WSS-11?page=all ]
Werner Dittmann closed WSS-11:
------------------------------
Resolution: Won't Fix
The exception is thrown from the keystore implementation, WSS4J can only
forward this but cannot
perform additional checks or recovery.
> Better error message(s) for failure to load keystore
> ----------------------------------------------------
>
> Key: WSS-11
> URL: http://issues.apache.org/jira/browse/WSS-11
> Project: WSS4J
> Type: Improvement
> Environment: SUN JDK 1.5.0, WSS4J 1.0.0
> Reporter: Guy Rixon
> Assignee: Davanum Srinivas
> Priority: Minor
>
> Merlin gives poor error messages when it can't load a keystore. If the wrong
> password is configured for the store, then this stack-dump appears when
> calling CryptoFactor.getInstance(String, String):
> java.io.IOException: failed to decrypt safe contents
> entryCOM.rsa.jsafe.SunJSSE_cs: Could not perform unpadding: invalid pad byte.
> at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(DashoA12275)
> at java.security.KeyStore.load(KeyStore.java:652)
> at org.apache.ws.security.components.crypto.Merlin.load(Merlin.java:527)
> at
> org.apache.ws.security.components.crypto.Merlin.<init>(Merlin.java:119)
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
> at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:274)
> at
> org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:117)
> at
> org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:72)
> at org.astrogrid.security.MerlinTest.testAll(MerlinTest.java:31)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:324)
> at junit.framework.TestCase.runTest(TestCase.java:154)
> at junit.framework.TestCase.runBare(TestCase.java:127)
> at junit.framework.TestResult$1.protect(TestResult.java:106)
> at junit.framework.TestResult.runProtected(TestResult.java:124)
> at junit.framework.TestResult.run(TestResult.java:109)
> at junit.framework.TestCase.run(TestCase.java:118)
> at junit.framework.TestSuite.runTest(TestSuite.java:208)
> at junit.framework.TestSuite.run(TestSuite.java:203)
> at
> org.apache.tools.ant.taskdefs.optional.junit.JUnitTestRunner.run(JUnitTestRunner.java:325)
> at
> org.apache.tools.ant.taskdefs.optional.junit.JUnitTestRunner.main(JUnitTestRunner.java:536)
> Caused by: COM.rsa.jsafe.SunJSSE_cs: Could not perform unpadding: invalid pad
> byte.
> at COM.rsa.jsafe.SunJSSE_al.a(DashoA12275)
> at COM.rsa.jsafe.SunJSSE_ag.a(DashoA12275)
> at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.a(DashoA12275)
> ... 25 more
> java.lang.reflect.InvocationTargetException
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
> at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:274)
> at
> org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:117)
> at
> org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:72)
> at org.astrogrid.security.MerlinTest.testAll(MerlinTest.java:31)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:324)
> at junit.framework.TestCase.runTest(TestCase.java:154)
> at junit.framework.TestCase.runBare(TestCase.java:127)
> at junit.framework.TestResult$1.protect(TestResult.java:106)
> at junit.framework.TestResult.runProtected(TestResult.java:124)
> at junit.framework.TestResult.run(TestResult.java:109)
> at junit.framework.TestCase.run(TestCase.java:118)
> at junit.framework.TestSuite.runTest(TestSuite.java:208)
> at junit.framework.TestSuite.run(TestSuite.java:203)
> at
> org.apache.tools.ant.taskdefs.optional.junit.JUnitTestRunner.run(JUnitTestRunner.java:325)
> at
> org.apache.tools.ant.taskdefs.optional.junit.JUnitTestRunner.main(JUnitTestRunner.java:536)
> Caused by: org.apache.ws.security.components.crypto.CredentialException:
> Failed to load credentials. Inner Exception: [failed to decrypt safe contents
> entryCOM.rsa.jsafe.SunJSSE_cs: Could not perform unpadding: invalid pad byte.]
> at org.apache.ws.security.components.crypto.Merlin.load(Merlin.java:530)
> at
> org.apache.ws.security.components.crypto.Merlin.<init>(Merlin.java:119)
> ... 21 more
> java.lang.InstantiationException:
> org.apache.ws.security.components.crypto.Merlin
> at java.lang.Class.newInstance0(Class.java:293)
> which suggests a format error in the keystore rather than a bad password:
> very mislading and wasteful of time.
> Currently, a default password is used if no password is configured; IMHO it
> would be better to throw a CredentialException if the password is missing. In
> that mode, a helpful error-message could be given. See CryptoFactor lines
> 524..537.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
