Can you attach the keystore, and the Merlin config? How was the keystore in question generated, i.e. the exact parameters given to keytool?
Colm. -----Original Message----- From: Lukasz L. [mailto:[email protected]] Sent: 28 January 2009 18:04 To: [email protected] Subject: Exception: DerInputStream.getLength(): lengthTag=119, too big Hi, I use WSS4J in interceptor in CXF consumer (inside servicemix esb) to verify Signature in incoming message (using public key store in a keystore). For many keys it works but sometimes (for certain public key) I got an exception below. All keys are generated using keytool from JRE. Any idea about the reason of it? (one more note: I am able to list the content of this faulty keystore using keytool -list) java.security.cert.CertificateException: Unable to initialize, java.io.IOException: DerInputStream.getLength(): lengthTag=119, too big. at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:182) at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory. java:90) at java.security.cert.CertificateFactory.generateCertificate(CertificateFac tory.java:271) at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:745) at java.security.KeyStore.load(KeyStore.java:1150) at org.apache.ws.security.components.crypto.AbstractCrypto.load(AbstractCry pto.java:141) at org.apache.ws.security.components.crypto.AbstractCrypto.<init>(AbstractC rypto.java:100) at org.apache.ws.security.components.crypto.Merlin.<init>(Merlin.java:72) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorA ccessorImpl.java:39) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingCons tructorAccessorImpl.java:27) at java.lang.reflect.Constructor.newInstance(Constructor.java:494) at org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoF actory.java:211) at org.apache.ws.security.components.crypto.CryptoFactory.getInstance(Crypt oFactory.java:176) at org.apache.ws.security.handler.WSHandler.loadSignatureCrypto(WSHandler.j ava:372) at org.apache.ws.security.handler.WSHandler.decodeSignatureParameter2(WSHan dler.java:897) at org.apache.ws.security.handler.WSHandler.doReceiverAction(WSHandler.java :256) at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JI nInterceptor.java:145) at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JI nInterceptor.java:65) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorC hain.java:220) at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiati onObserver.java:77) at org.apache.cxf.transport.http_jetty.JettyHTTPDestination.serviceRequest( JettyHTTPDestination.java:278) at org.apache.cxf.transport.http_jetty.JettyHTTPDestination.doService(Jetty HTTPDestination.java:252) at org.apache.cxf.transport.http_jetty.JettyHTTPHandler.handle(JettyHTTPHan dler.java:70) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:766) at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandler Collection.java:230) at org.mortbay.jetty.handler.HandlerList.handle(HandlerList.java:49) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) at org.mortbay.jetty.Server.handle(Server.java:324) at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:534) at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.j ava:879) at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:741) at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:213) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:403) at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java: 409) at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java :522) Caused by: java.io.IOException: DerInputStream.getLength(): lengthTag=119, too big. at sun.security.util.DerInputStream.getLength(DerInputStream.java:530) at sun.security.util.DerValue.<init>(DerValue.java:234) at sun.security.util.DerInputStream.getDerValue(DerInputStream.java:386) at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1688) at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:179) ... 35 more -- View this message in context: http://www.nabble.com/Exception%3A-DerInputStream.getLength%28%29%3A-len gthTag%3D119%2C-too-big-tp21711285p21711285.html Sent from the WSS4J mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
