ws-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steve Jones (JIRA)" <j...@apache.org>
Subject [jira] Commented: (WSS-258) Newer version of SecureConversation not recognised for derived key algorithm
Date Mon, 06 Dec 2010 18:25:12 GMT

    [ https://issues.apache.org/jira/browse/WSS-258?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12967469#action_12967469
] 

Steve Jones commented on WSS-258:
---------------------------------

"... the Algorithm attribute does not have the wsc/wssc prefix as per the example you gave,
it's defined in the spec as:

/wsc:DerivedKeyToken/@Algorithm "

Thanks for pointing that out.  

When I use the correct attribute everything works fine since WSS4J incorrectly checks the
namespaced "Algorithm" attribute.

> Newer version of SecureConversation not recognised for derived key algorithm
> ----------------------------------------------------------------------------
>
>                 Key: WSS-258
>                 URL: https://issues.apache.org/jira/browse/WSS-258
>             Project: WSS4J
>          Issue Type: Bug
>    Affects Versions: 1.5.10
>            Reporter: Steve Jones
>            Assignee: Colm O hEigeartaigh
>             Fix For: 1.6, 1.5.11
>
>
> The algorithm factory "org.apache.ws.security.conversation.dkalgo.AlgoFactory" only recognises
the algorithm:
>   http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1
> It should also recognise the p_sha1 algorithm from the more recent version of WS-SecureConversation:
>   http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/dk/p_sha1
> Derived keys will work with the more recent version as long as the algorithm is omitted.
> Here's an example of a token that won't work due to the new algorithm:
>             <wssc:DerivedKeyToken
>                 wssc:Algorithm="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/dk/p_sha1"
>                 wsu:Id="DerivedKey-Enc-4-2aab8c8e7dcbb5783588ab810c3d8b77" xmlns:wssc="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512">
>                 <wsse:SecurityTokenReference>
>                     <wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1">Y55P46dTEkU3kk4LKsY16NXwRJ0=</wsse:KeyIdentifier>
>                 </wsse:SecurityTokenReference>
>                 <wssc:Generation>0</wssc:Generation>
>                 <wssc:Length>16</wssc:Length>
>                 <wssc:Label>DerivedKey</wssc:Label>
>                 <wssc:Nonce>A5c4yKeiuHrOeVq3kcMpMA==</wssc:Nonce>
>             </wssc:DerivedKeyToken>
> The associated error is:
> Caused by: java.lang.RuntimeException: Undefined 'No such algorithm' resource property
> 	at org.apache.ws.security.conversation.ConversationException.getMessage(ConversationException.java:94)
> 	at org.apache.ws.security.conversation.ConversationException.<init>(ConversationException.java:47)
> 	at org.apache.ws.security.conversation.ConversationException.<init>(ConversationException.java:70)
> 	at org.apache.ws.security.conversation.dkalgo.AlgoFactory.getInstance(AlgoFactory.java:42)
> 	at org.apache.ws.security.processor.DerivedKeyTokenProcessor.deriveKey(DerivedKeyTokenProcessor.java:101)
> 	... 35 more
> Caused by: java.util.MissingResourceException: Can't find resource for bundle java.util.PropertyResourceBundle,
key No such algorithm
> 	at java.util.ResourceBundle.getObject(ResourceBundle.java:374)
> 	at java.util.ResourceBundle.getString(ResourceBundle.java:334)
> 	at org.apache.ws.security.conversation.ConversationException.getMessage(ConversationException.java:92)
> 	... 39 more

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


Mime
View raw message