I would guess that you do not have a JCE provider initialized that supports
RSA. You could use the Bouncy Castle JCE Provider that is included with
WSS4J. One way to initialize the provider is
Security.addProvider(new BouncyCastleProvider());
On 2/21/07 12:23 PM, "Lule Chen" <[EMAIL PROTECTED]> wrote:
> Hi, I guess I can follow the TestWSSecurityNew11 code as the following:
>
> ...
>
> WSSecEncrypt encrypt = new WSSecEncrypt();
> WSSecSignature sign = new WSSecSignature();
> encrypt.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e");
> sign.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
> System.out.println("Before Encryption....");
> Document doc = env.getAsDocument();
>
> WSSecHeader secHeader = new WSSecHeader();
> secHeader.insertSecurityHeader(doc);
> System.out.println( EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSA15 );
> Document encryptedDoc = encrypt.build(doc, crypto, secHeader);
> Document encryptedSignedDoc = sign.build(encryptedDoc, crypto,
> secHeader);
>
> ...
>
> but I always got exception at the code "Document encryptedDoc =
> encrypt.build(doc, crypto, secHeader);" as the following:
>
> Exception in thread "main" org.apache.ws.security.WSSecurityException: An
> unsupported signature or encryption algorithm was used (unsupported key
> transport encryption algorithm: No such algorithm:
> http://www.w3.org/2001/04/xmlenc#rsa-1_5)
>
> at
> org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityUtil.ja
> va:703)
>
> at
> org.apache.ws.security.message.WSSecEncryptedKey.prepareInternal(WSSecEncrypte
> dKey.java:189)
>
> at org.apache.ws.security.message.WSSecEncrypt.prepare(WSSecEncrypt.java:216)
>
> at org.apache.ws.security.message.WSSecEncrypt.build(WSSecEncrypt.java:253)
>
> at com.nortel.cdma.axis.Client.NEServiceClient.main(NEServiceClient.java:233)
>
> I looked at the code of
> org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(), it looks as
> the following:
>
> public static Cipher getCipherInstance(String cipherAlgo)
> throws WSSecurityException {
> Cipher cipher = null;
> try {
> if (cipherAlgo.equalsIgnoreCase(WSConstants.KEYTRANSPORT_RSA15)) {
> cipher = Cipher.getInstance("RSA/NONE/PKCS1PADDING");
> } else if (cipherAlgo
> .equalsIgnoreCase(WSConstants.KEYTRANSPORT_RSAOEP)) {
> cipher = Cipher.getInstance("RSA/NONE/OAEPPADDING");
> } else {
> throw new WSSecurityException(
> WSSecurityException.UNSUPPORTED_ALGORITHM,
> "unsupportedKeyTransp", new Object[] { cipherAlgo });
> }
> } catch (NoSuchPaddingException ex) {
> throw new WSSecurityException(
> WSSecurityException.UNSUPPORTED_ALGORITHM,
> "unsupportedKeyTransp", new Object[] { "No such padding: "
> + cipherAlgo });
> } catch (NoSuchAlgorithmException ex) {
> throw new WSSecurityException(
> WSSecurityException.UNSUPPORTED_ALGORITHM,
> "unsupportedKeyTransp",
> new Object[] { "No such algorithm: " + cipherAlgo });
> }
> return cipher;
> }
>
>
> I looked at the value of WSConstants.KEYTRANSPORT_RSA15, which is the same as
> the passed in parameter cipherAlgo, which is
> http://www.w3.org/2001/04/xmlenc#rsa-1_5. I just can't understand why it thows
> such an exception.
>
>
> I badly need your help.
>
>
> Lule
>
> -----Original Message-----
> From: Ric Emery [mailto:[EMAIL PROTECTED]
> Sent: Monday, February 19, 2007 4:42 PM
> To: Chen, Lule (CAR:2Y83)
> Subject: Re: How to set and process x509 security token header
>
>
>
> Download the wss4j source code. There are some good examples in the unit
> tests. That is how I figured it out.
>
> Good luck.
>
>
> On 2/19/07 2:15 PM, "Lule Chen" <[EMAIL PROTECTED]> wrote:
>
>> > Hi,
>> >
>> > I would like to know how to can create a x509 token profile head that
>> > encrypts the soap body. The sample code there creates several username
>> > tokens and adds them into the RequestSecurityToken. But I don't want
>> > any username token. Can some one show me how to do it?
>> >
>> > Thanks,
>> >
>> >
>> > Lule
>> >
>> > -----Original Message-----
>> > From: Davanum Srinivas [mailto:[EMAIL PROTECTED]
>> > Sent: Tuesday, February 13, 2007 10:23 AM
>> > To: Chen, Lule (CAR:2Y83)
>> > Cc: [email protected]
>> > Subject: Re: How to set and process x509 security token header
>> >
>> >
>> > Louis,
>> >
>> > Check the svn. It has implementation for all the interop tests defined
>> > by OASIS.
>> >
>> > http://svn.apache.org/repos/asf/webservices/wss4j/trunk/interop/
>> >
>> > thanks,
>> > dims
>> >
>> > On 2/12/07, Lule Chen <[EMAIL PROTECTED]> wrote:
>>> >>
>>> >>
>>> >>
>>> >> Hi, I am trying to find an sample that showing how to use the X509
>>> >> token profile, the sample server and client code that processing and
>>> >> generating the X509 token profile, but could not find any. Can some
>>> >> one help me by pointing me the way of doing that? Is there a link to
>>> >> the sample code or introductions? Most of the samples out there are
>>> >> showing how to use the username token profile.
>>> >>
>>> >>
>>> >> Thanks
>>> >>
>>> >>
>>> >>
>>> >> Louis
>> >
>
>
