Details
-
Bug
-
Status: Resolved
-
Minor
-
Resolution: Not A Problem
-
1.4
-
None
-
None
-
rampart-1.4>mvn -e install
Running org.apache.rampart.AsymmetricBindingBuilderTest
org.apache.rampart.RampartException: Error in creating an encrypted key
at org.apache.rampart.builder.AsymmetricBindingBuilder.doEncryptBeforeSi
g(AsymmetricBindingBuilder.java:164)
at org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricB
indingBuilder.java:91)
at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:147)
at org.apache.rampart.AsymmetricBindingBuilderTest.testAsymmBindingWithD
KEncrBeforeSig(AsymmetricBindingBuilderTest.java:148)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at junit.framework.TestCase.runTest(TestCase.java:164)
at junit.framework.TestCase.runBare(TestCase.java:130)
at junit.framework.TestResult$1.protect(TestResult.java:106)
at junit.framework.TestResult.runProtected(TestResult.java:124)
at junit.framework.TestResult.run(TestResult.java:109)
at junit.framework.TestCase.run(TestCase.java:120)
at junit.framework.TestSuite.runTest(TestSuite.java:230)
at junit.framework.TestSuite.run(TestSuite.java:225)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.maven.surefire.junit.JUnitTestSet.execute(JUnitTestSet.jav
a:213)
at org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.executeTes
tSet(AbstractDirectoryTestSuite.java:140)
at org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.execute(Ab
stractDirectoryTestSuite.java:127)
at org.apache.maven.surefire.Surefire.run(Surefire.java:177)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.maven.surefire.booter.SurefireBooter.runSuitesInProcess(Su
refireBooter.java:345)
at org.apache.maven.surefire.booter.SurefireBooter.main(SurefireBooter.j
ava:1009)
Caused by: org.apache.ws.security.WSSecurityException: Cannot encrypt data; nest
ed exception is:
org.apache.xml.security.encryption.XMLEncryptionException: Illegal key s
ize or default parameters
Original Exception was java.security.InvalidKeyException: Illegal key size or de
fault parameters
at org.apache.ws.security.message.WSSecDKEncrypt.doEncryption(WSSecDKEnc
rypt.java:149)
at org.apache.ws.security.message.WSSecDKEncrypt.encryptForExternalRef(W
SSecDKEncrypt.java:188)
at org.apache.rampart.builder.AsymmetricBindingBuilder.doEncryptBeforeSi
g(AsymmetricBindingBuilder.java:161)
... 29 more
Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Illegal ke
y size or default parameters
Original Exception was java.security.InvalidKeyException: Illegal key size or de
fault parameters
at org.apache.xml.security.encryption.XMLCipher.encryptData(Unknown Sour
ce)
at org.apache.xml.security.encryption.XMLCipher.encryptData(Unknown Sour
ce)
at org.apache.xml.security.encryption.XMLCipher.encryptElementContent(Un
known Source)
at org.apache.xml.security.encryption.XMLCipher.doFinal(Unknown Source)
at org.apache.ws.security.message.WSSecDKEncrypt.doEncryption(WSSecDKEnc
rypt.java:147)
... 31 more
org.apache.rampart.RampartException: Error during encryption
at org.apache.rampart.builder.AsymmetricBindingBuilder.doEncryptBeforeSi
g(AsymmetricBindingBuilder.java:192)
at org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricB
indingBuilder.java:91)
at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:147)
at org.apache.rampart.AsymmetricBindingBuilderTest.testAsymmBindingEncrB
eforeSig(AsymmetricBindingBuilderTest.java:178)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at junit.framework.TestCase.runTest(TestCase.java:164)
at junit.framework.TestCase.runBare(TestCase.java:130)
at junit.framework.TestResult$1.protect(TestResult.java:106)
at junit.framework.TestResult.runProtected(TestResult.java:124)
at junit.framework.TestResult.run(TestResult.java:109)
at junit.framework.TestCase.run(TestCase.java:120)
at junit.framework.TestSuite.runTest(TestSuite.java:230)
at junit.framework.TestSuite.run(TestSuite.java:225)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.maven.surefire.junit.JUnitTestSet.execute(JUnitTestSet.jav
a:213)
at org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.executeTes
tSet(AbstractDirectoryTestSuite.java:140)
at org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.execute(Ab
stractDirectoryTestSuite.java:127)
at org.apache.maven.surefire.Surefire.run(Surefire.java:177)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.maven.surefire.booter.SurefireBooter.runSuitesInProcess(Su
refireBooter.java:345)
at org.apache.maven.surefire.booter.SurefireBooter.main(SurefireBooter.j
ava:1009)
Caused by: org.apache.ws.security.WSSecurityException: Cannot encrypt data; nest
ed exception is:
org.apache.xml.security.encryption.XMLEncryptionException: Illegal key s
ize or default parameters
Original Exception was java.security.InvalidKeyException: Illegal key size or de
fault parameters
at org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt
.java:571)
at org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt
.java:458)
at org.apache.ws.security.message.WSSecEncrypt.encryptForExternalRef(WSS
ecEncrypt.java:396)
at org.apache.rampart.builder.AsymmetricBindingBuilder.doEncryptBeforeSi
g(AsymmetricBindingBuilder.java:189)
... 29 more
Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Illegal ke
y size or default parameters
Original Exception was java.security.InvalidKeyException: Illegal key size or de
fault parameters
at org.apache.xml.security.encryption.XMLCipher.encryptData(Unknown Sour
ce)
at org.apache.xml.security.encryption.XMLCipher.encryptData(Unknown Sour
ce)
at org.apache.xml.security.encryption.XMLCipher.encryptElementContent(Un
known Source)
at org.apache.xml.security.encryption.XMLCipher.doFinal(Unknown Source)
at org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt
.java:564)
... 32 morerampart-1.4>mvn -e install Running org.apache.rampart.AsymmetricBindingBuilderTest org.apache.rampart.RampartException: Error in creating an encrypted key at org.apache.rampart.builder.AsymmetricBindingBuilder.doEncryptBeforeSi g(AsymmetricBindingBuilder.java:164) at org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricB indingBuilder.java:91) at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:147) at org.apache.rampart.AsymmetricBindingBuilderTest.testAsymmBindingWithD KEncrBeforeSig(AsymmetricBindingBuilderTest.java:148) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces sorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at junit.framework.TestCase.runTest(TestCase.java:164) at junit.framework.TestCase.runBare(TestCase.java:130) at junit.framework.TestResult$1.protect(TestResult.java:106) at junit.framework.TestResult.runProtected(TestResult.java:124) at junit.framework.TestResult.run(TestResult.java:109) at junit.framework.TestCase.run(TestCase.java:120) at junit.framework.TestSuite.runTest(TestSuite.java:230) at junit.framework.TestSuite.run(TestSuite.java:225) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces sorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.maven.surefire.junit.JUnitTestSet.execute(JUnitTestSet.jav a:213) at org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.executeTes tSet(AbstractDirectoryTestSuite.java:140) at org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.execute(Ab stractDirectoryTestSuite.java:127) at org.apache.maven.surefire.Surefire.run(Surefire.java:177) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces sorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.maven.surefire.booter.SurefireBooter.runSuitesInProcess(Su refireBooter.java:345) at org.apache.maven.surefire.booter.SurefireBooter.main(SurefireBooter.j ava:1009) Caused by: org.apache.ws.security.WSSecurityException: Cannot encrypt data; nest ed exception is: org.apache.xml.security.encryption.XMLEncryptionException: Illegal key s ize or default parameters Original Exception was java.security.InvalidKeyException: Illegal key size or de fault parameters at org.apache.ws.security.message.WSSecDKEncrypt.doEncryption(WSSecDKEnc rypt.java:149) at org.apache.ws.security.message.WSSecDKEncrypt.encryptForExternalRef(W SSecDKEncrypt.java:188) at org.apache.rampart.builder.AsymmetricBindingBuilder.doEncryptBeforeSi g(AsymmetricBindingBuilder.java:161) ... 29 more Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Illegal ke y size or default parameters Original Exception was java.security.InvalidKeyException: Illegal key size or de fault parameters at org.apache.xml.security.encryption.XMLCipher.encryptData(Unknown Sour ce) at org.apache.xml.security.encryption.XMLCipher.encryptData(Unknown Sour ce) at org.apache.xml.security.encryption.XMLCipher.encryptElementContent(Un known Source) at org.apache.xml.security.encryption.XMLCipher.doFinal(Unknown Source) at org.apache.ws.security.message.WSSecDKEncrypt.doEncryption(WSSecDKEnc rypt.java:147) ... 31 more org.apache.rampart.RampartException: Error during encryption at org.apache.rampart.builder.AsymmetricBindingBuilder.doEncryptBeforeSi g(AsymmetricBindingBuilder.java:192) at org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricB indingBuilder.java:91) at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:147) at org.apache.rampart.AsymmetricBindingBuilderTest.testAsymmBindingEncrB eforeSig(AsymmetricBindingBuilderTest.java:178) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces sorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at junit.framework.TestCase.runTest(TestCase.java:164) at junit.framework.TestCase.runBare(TestCase.java:130) at junit.framework.TestResult$1.protect(TestResult.java:106) at junit.framework.TestResult.runProtected(TestResult.java:124) at junit.framework.TestResult.run(TestResult.java:109) at junit.framework.TestCase.run(TestCase.java:120) at junit.framework.TestSuite.runTest(TestSuite.java:230) at junit.framework.TestSuite.run(TestSuite.java:225) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces sorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.maven.surefire.junit.JUnitTestSet.execute(JUnitTestSet.jav a:213) at org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.executeTes tSet(AbstractDirectoryTestSuite.java:140) at org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.execute(Ab stractDirectoryTestSuite.java:127) at org.apache.maven.surefire.Surefire.run(Surefire.java:177) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces sorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.maven.surefire.booter.SurefireBooter.runSuitesInProcess(Su refireBooter.java:345) at org.apache.maven.surefire.booter.SurefireBooter.main(SurefireBooter.j ava:1009) Caused by: org.apache.ws.security.WSSecurityException: Cannot encrypt data; nest ed exception is: org.apache.xml.security.encryption.XMLEncryptionException: Illegal key s ize or default parameters Original Exception was java.security.InvalidKeyException: Illegal key size or de fault parameters at org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt .java:571) at org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt .java:458) at org.apache.ws.security.message.WSSecEncrypt.encryptForExternalRef(WSS ecEncrypt.java:396) at org.apache.rampart.builder.AsymmetricBindingBuilder.doEncryptBeforeSi g(AsymmetricBindingBuilder.java:189) ... 29 more Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Illegal ke y size or default parameters Original Exception was java.security.InvalidKeyException: Illegal key size or de fault parameters at org.apache.xml.security.encryption.XMLCipher.encryptData(Unknown Sour ce) at org.apache.xml.security.encryption.XMLCipher.encryptData(Unknown Sour ce) at org.apache.xml.security.encryption.XMLCipher.encryptElementContent(Un known Source) at org.apache.xml.security.encryption.XMLCipher.doFinal(Unknown Source) at org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt .java:564) ... 32 more
Description
test-resources/keys/interop2.jks contents:
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 4 entries
alice, Jun 4, 2005, PrivateKeyEntry,
Certificate fingerprint (MD5): 57:CE:81:F1:03:C4:2C:F7:5B:1A:DE:AC:43:64:0A:84
root, Jun 4, 2005, trustedCertEntry,
Certificate fingerprint (MD5): 0C:0D:00:27:BF:4B:32:63:40:A8:B2:03:96:4B:58:14
ca, Jun 4, 2005, trustedCertEntry,
Certificate fingerprint (MD5): CA:0A:6D:E3:A4:9F:E8:55:98:0A:F8:10:66:35:40:C6
bob, Jun 4, 2005, PrivateKeyEntry,
Certificate fingerprint (MD5): 89:3E:86:D2:4F:9C:E7:39:B6:71:8A:EF:00:C5:89:DC
test-resources/policy/rampart-asymm-binding-1.xml:
<wsp:Policy wsu:Id="6" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Lax/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
<sp:OnlySignEntireHeadersAndBody/>
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
</wsp:Policy>
</sp:Wss10>
<sp:Trust10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:MustSupportIssuedTokens/>
<sp:RequireClientEntropy/>
<sp:RequireServerEntropy/>
</wsp:Policy>
</sp:Trust10>
<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
<ramp:user>alice</ramp:user>
<ramp:encryptionUser>bob</ramp:encryptionUser>
<ramp:passwordCallbackClass>org.apache.rampart.TestCBHandler</ramp:passwordCallbackClass>
<ramp:signatureCrypto>
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.file">test-resources/keys/interop2.jks</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
</ramp:crypto>
</ramp:signatureCrypto>
<ramp:encryptionCypto>
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.file">test-resources/keys/interop2.jks</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
</ramp:crypto>
</ramp:encryptionCypto>
</ramp:RampartConfig>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
org.apache.rampart.RampartMessageBuilderTest (which loads rampart-asymm-binding-1.xml policy file)
public void testAsymmBinding() {
try
org.apache.rampart.builder.AsymmetricBindingBuilder.java:
//build method passes on the RampartMessageData
public void build(RampartMessageData rmd) throws RampartException {
log.debug("AsymmetricBindingBuilder build invoked");
RampartPolicyData rpd = rmd.getPolicyData();
if (rpd.isIncludeTimestamp())
if (SPConstants.ENCRYPT_BEFORE_SIGNING.equals(rpd.getProtectionOrder()))
{ //doEncryptBeforeSig is called here this.doEncryptBeforeSig(rmd); }else
{ this.doSignBeforeEncrypt(rmd); } log.debug("AsymmetricBindingBuilder build invoked : DONE");
}
..........
private void doEncryptBeforeSig(RampartMessageData rmd)
throws RampartException {
long t0 = 0, t1 = 0, t2 = 0;
if(dotDebug)
RampartPolicyData rpd = rmd.getPolicyData();
Document doc = rmd.getDocument();
RampartConfig config = rpd.getRampartConfig();
/*
- We need to hold on to these two element to use them as refence in the
- case of encypting the signature
*/
Element encrDKTokenElem = null;
WSSecEncrypt encr = null;
Element refList = null;
WSSecDKEncrypt dkEncr = null;
/*
- We MUST use keys derived from the same token
*/
Token encryptionToken = null;
if(rmd.isInitiator()) { encryptionToken = rpd.getRecipientToken(); }else
{ encryptionToken = rpd.getInitiatorToken(); }Vector encrParts = RampartUtil.getEncryptedParts(rmd);
//Signed parts are determined before encryption because encrypted signed headers
//will not be included otherwise
this.sigParts = RampartUtil.getSignedParts(rmd);
if(encryptionToken == null && encrParts.size() > 0)
{ throw new RampartException("encryptionTokenMissing"); }if (encryptionToken != null && encrParts.size() > 0) {
//Check for RampartConfig assertion
if(rpd.getRampartConfig() == null)
if (encryptionToken.isDerivedKeys()) {
try {
this.setupEncryptedKey(rmd, encryptionToken);
// Create the DK encryption builder
dkEncr = new WSSecDKEncrypt();
dkEncr.setParts(encrParts);
dkEncr.setExternalKey(this.encryptedKeyValue,
this.encryptedKeyId);
/*********this rpd.getAlgorithmSuite() returns null causes grief ******/
/*****this is the AlgorithmSuite provided by policy file
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<!-- safe to assume the key length is 256 -->
*******/
/****** rpd.getAlgorithmSuite().getEncryptionDerivedKeyLength()
if (SPConstants.ALGO_SUITE_BASIC256.equals(algoSuite))
********/
/***** rpd.getAlgorithmSuite().getEncryptionDerivedKeyLength()/8 256/8 produces 32 ******/
/*** lets take the root key 0C:0D:00:27:BF:4B:32:63:40:A8:B2:03:96:4B:58:14 *******/
/****this is 16 bytes */
/***16 != 32 so the Assymetric TestCase will always fail*/
dkEncr.setDerivedKeyLength(rpd.getAlgorithmSuite().getEncryptionDerivedKeyLength()/8);
dkEncr.prepare(doc);
// Get and add the DKT element
this.encrDKTElement = dkEncr.getdktElement();
encrDKTokenElem = RampartUtil.appendChildToSecHeader(rmd, this.encrDKTElement);
refList = dkEncr.encryptForExternalRef(null, encrParts);
} catch (WSSecurityException e)
{ throw new RampartException("errorCreatingEncryptedKey", e); }catch (ConversationException e)
{ throw new RampartException("errorInDKEncr", e); } } else {
try {
encr = new WSSecEncrypt();
encr.setParts(encrParts);
encr.setWsConfig(rmd.getConfig());
encr.setDocument(doc);
RampartUtil.setEncryptionUser(rmd, encr);
encr.setSymmetricEncAlgorithm(rpd.getAlgorithmSuite().getEncryption());
RampartUtil.setKeyIdentifierType(rpd,encr, encryptionToken);
encr.setKeyEncAlgo(rpd.getAlgorithmSuite().getAsymmetricKeyWrap());
encr.prepare(doc, RampartUtil.getEncryptionCrypto(config, rmd.getCustomClassLoader()));
Element bstElem = encr.getBinarySecurityTokenElement();
if (bstElem != null)
this.encrTokenElement = encr.getEncryptedKeyElement();
this.encrTokenElement = RampartUtil.appendChildToSecHeader(rmd,
encrTokenElement);
refList = encr.encryptForExternalRef(null, encrParts);
} catch (WSSecurityException e)
{ throw new RampartException("errorInEncryption", e); }}
SOLUTION:
repackage a 32 byte long keystore (test-resources/keys/interop2.jks contents file
i would propose a change in AlgorithmSuite to 128 in
test-resources/policy/rampart-asymm-binding-1.xml should use a 128 AlgorithmSuite
but the schema defined at
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.xsd
does not support 128 Byte Encryption..minimum size for AlgorithmSuite is 256 byte