ws-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Giriraj Bhojak <girira...@gmail.com>
Subject Re: Using Bouncy Castle instead of Merlin in WSS4J 1.6.13
Date Fri, 14 Mar 2014 03:08:42 GMT
Hello Colm,

I created the keystore using standard java keytool command. I am not sure
how to create a BKS keystore.
When I tried using sha256 signature algorithm (by configuring
signatureAlgorithm in the interceptor via CXF)with Merlin, I ran into
algorithm not supported exception. sha1 signature algorithm worked properly.
Doesn't merlin support sha256 signature  algorithm?
Do I need to use bouncy castle in this case?
Could you please help me out with it?

Thanks,
Giriraj.
On Feb 24, 2014 5:37 AM, "Colm O hEigeartaigh" <coheigea@apache.org> wrote:

>
> With BouncyCastle, the Keystore type must be "BKS", so:
>
> org.apache.ws.security.crypto.merlin.keystore.type=BKS
>
> Note that the keystore itself must be compatible with BouncyCastle JKS
> implementation.
>
> Colm.
>
>
> On Fri, Feb 21, 2014 at 10:44 PM, Giriraj Bhojak <giriraj2k@gmail.com>wrote:
>
>> Hello Colm,
>>
>> I didn't have any success using above properties.
>> I got following:
>>     ... 2 more
>> Caused by: org.apache.ws.security.components.crypto.CredentialException:
>> Failed to load credentials.
>>     at
>> org.apache.ws.security.components.crypto.Merlin.load(Merlin.java:376)
>>     at
>> org.apache.ws.security.components.crypto.Merlin.loadProperties(Merlin.java:190)
>>     at
>> org.apache.ws.security.components.crypto.Merlin.<init>(Merlin.java:140)
>>     at
>> org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:117)
>>     ... 17 more
>> Caused by: java.security.KeyStoreException: KeyStore jks implementation
>> not found
>>     at java.security.KeyStore.getInstance(KeyStore.java:122)
>>     at
>> org.apache.ws.security.components.crypto.Merlin.load(Merlin.java:362)
>>     ... 20 more
>> Caused by: java.security.KeyStoreException: KeyStore jks implementation
>> not found
>>     at java.security.KeyStore.getInstance(KeyStore.java:150)
>>     at java.security.KeyStore.getInstance(KeyStore.java:120)
>>     ... 21 more
>>
>> It was working with Merlin earlier. Here is my properties file:
>> org.apache.ws.security.crypto.merlin.keystore.file=sample.jks
>> org.apache.ws.security.crypto.merlin.keystore.password=password
>> org.apache.ws.security.crypto.merlin.keystore.type=jks
>> org.apache.ws.security.crypto.merlin.keystore.alias=alias1
>> org.apache.ws.security.crypto.merlin.keystore.provider=BC
>> org.apache.ws.security.crypto.merlin.cert.provider=BC
>>
>> I have bcprov-jdk12-130.jar on the classpath.
>>
>> Could you please help me find out what I am doing wrong here?
>>
>> Thanks,
>> Giriraj.
>>
>>
>> On Tue, Feb 18, 2014 at 8:39 AM, Colm O hEigeartaigh <coheigea@apache.org
>> > wrote:
>>
>>> You can use BouncyCastle with the Merlin Crypto implementation. Simply
>>> add the property:
>>>
>>> org.apache.ws.security.crypto.merlin.keystore.provider=BC
>>> org.apache.ws.security.crypto.merlin.cert.provider=BC
>>>
>>> Colm.
>>>
>>>
>>> On Tue, Feb 18, 2014 at 1:27 PM, Giriraj Bhojak <giriraj2k@gmail.com>wrote:
>>>
>>>> We have a specific requirement to use Bouncy Castle in the project.
>>>> Does this mean we can't use Bouncy Castle at all in the latest version
>>>> of wss4j?
>>>>
>>>> Thanks,
>>>> Giriraj.
>>>> On Feb 18, 2014 4:51 AM, "Colm O hEigeartaigh" <coheigea@apache.org>
>>>> wrote:
>>>>
>>>>>
>>>>> From what I recall, there was essentially little difference between
>>>>> the Merlin and BouncyCastle Crypto implementations, hence the latter
was
>>>>> removed in WSS4J 1.6.x. Why do you need to use the BouncyCastle
>>>>> implementation, i.e. what is the Merlin implementation not doing for
you?
>>>>>
>>>>> Colm.
>>>>>
>>>>>
>>>>> On Mon, Feb 17, 2014 at 7:56 PM, Giriraj Bhojak <giriraj2k@gmail.com>wrote:
>>>>>
>>>>>> Hello,
>>>>>>
>>>>>> I need to use Bouncy Castle provider with WSS4J 1.6.13.
>>>>>> Merlin is used by default since 1.6.x.
>>>>>> Could anyone explain why this was done?
>>>>>> I mean was there something with Bouncy Castle that prompted this
>>>>>> change?
>>>>>>
>>>>>> And is following set of keys the right way to use Bouncy Castle with
>>>>>> WSS4J (found this from
>>>>>> https://community.oracle.com/thread/1529571?tstart=1872)?
>>>>>>
>>>>>> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.BouncyCastle
>>>>>> org.apache.ws.security.crypto.merlin.keystore.type=PKCS12
>>>>>> org.apache.ws.security.crypto.merlin.keystore.password=password
>>>>>> org.apache.ws.security.crypto.merlin.keystore.alias=alias
>>>>>> org.apache.ws.security.crypto.merlin.alias.password=password
>>>>>>
>>>>>>
>>>>>>
>>>>>> Regards,
>>>>>> Giriraj.
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Colm O hEigeartaigh
>>>>>
>>>>> Talend Community Coder
>>>>> http://coders.talend.com
>>>>>
>>>>
>>>
>>>
>>> --
>>> Colm O hEigeartaigh
>>>
>>> Talend Community Coder
>>> http://coders.talend.com
>>>
>>> --
>>> Colm O hEigeartaigh
>>>
>>> Talend Community Coder
>>> http://coders.talend.com
>>>
>>>

Mime
View raw message