axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dini Omar" <zigg...@gmail.com>
Subject Rampart - Is it possible to use Non-Ascii passwords for a pkcs12 keystore?
Date Sun, 13 Jul 2008 13:08:39 GMT
Is there a way i can use a non-ascii password for the keystore? Here is what
i tried to do on the password callback handler but it doesnt seem to solve
the problem.


import org.apache.ws.security.WSPasswordCallback;

import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;

import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

public class PWCBHandler implements CallbackHandler {

    public void handle(Callback[] callbacks) throws IOException,
            UnsupportedCallbackException {

        byte[] originalStringInBytes = "Aepproj1,".getBytes("ISO-8859-1");
         byte[] md5 = null;

         try {
             md5 = MD5(originalStringInBytes);
         } catch (NoSuchAlgorithmException e) {
             // TODO Auto-generated catch block
             e.printStackTrace();
         }

         String tstString = new String(md5, "ISO-8859-1");
         System.out.println("At callback handler" + tstString+"\n");


        for (int i = 0; i < callbacks.length; i++) {
            WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i];
            String id = pwcb.getIdentifer();
            if("client".equals(id)) {
                pwcb.setPassword(tstString);
            } else if("service".equals(id)) {
                pwcb.setPassword(tstString);
            }
            pwcb.setPassword(tstString);
        }
    }

    public static byte[] MD5(byte[] bytes) throws NoSuchAlgorithmException {
        MessageDigest md;
        md = MessageDigest.getInstance("MD5");

        byte[] md5hash = new byte[8];
        md.update(bytes);
        md5hash = md.digest();

        return md5hash;
    }

}


And here is how i configured the keystore in the policy.xml file.

<ramp:signatureCrypto>
                    <ramp:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
                        <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.type">PKCS12</ramp:property>
                        <ramp:property
name="org.apache.ws.security.crypto.merlin.file">E:\Documents and
Settings\ziggy\My
Documents\eclipse.workspace\webservices.soap.axis2.samples\src\com\ttdev\wrap\client2\257804.p12</ramp:property>
                        <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.alias">257804</ramp:property>
                        <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password"></ramp:property>
                    </ramp:crypto>
                </ramp:signatureCrypto>


Here is the error that i get. What im i doing wrong?


java.io.IOException: PKCS12 key store mac invalid - wrong password or
corrupted file.
    at org.bouncycastle.jce.provider.JDKPKCS12KeyStore.engineLoad(Unknown
Source)
    at java.security.KeyStore.load(KeyStore.java:1150)
    at
org.apache.ws.security.components.crypto.AbstractCrypto.load(AbstractCrypto.java:138)
    at
org.apache.ws.security.components.crypto.AbstractCrypto.<init>(AbstractCrypto.java:97)
    at
org.apache.ws.security.components.crypto.Merlin.<init>(Merlin.java:65)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
    at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
    at java.lang.reflect.Constructor.newInstance(Constructor.java:494)
    at
org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:211)
    at
org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:93)
    at
org.apache.rampart.util.RampartUtil.getSignatureCrypto(RampartUtil.java:235)
    at
org.apache.rampart.builder.BindingBuilder.getSignatureBuider(BindingBuilder.java:294)
    at
org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:596)
    at
org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:385)
    at
org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricBindingBuilder.java:95)
    at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:131)
    at
org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:64)
    at org.apache.axis2.engine.Phase.invoke(Phase.java:292)
    at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:212)
    at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:377)
    at
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:374)
    at
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:211)
    at
org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
    at
org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:528)
    at
org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:508)
    at com.ttdev.wrap.client2.Client.main(Client.java:81)
java.lang.reflect.InvocationTargetException
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
    at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
    at java.lang.reflect.Constructor.newInstance(Constructor.java:494)
    at
org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:211)
    at
org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:93)
    at
org.apache.rampart.util.RampartUtil.getSignatureCrypto(RampartUtil.java:235)
    at
org.apache.rampart.builder.BindingBuilder.getSignatureBuider(BindingBuilder.java:294)
    at
org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:596)
    at
org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:385)
    at
org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricBindingBuilder.java:95)
    at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:131)
    at
org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:64)
    at org.apache.axis2.engine.Phase.invoke(Phase.java:292)
    at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:212)
    at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:377)
    at
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:374)
    at
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:211)
    at
org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
    at
org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:528)
    at
org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:508)
    at com.ttdev.wrap.client2.Client.main(Client.java:81)
Caused by: org.apache.ws.security.components.crypto.CredentialException:
Failed to load credentials. Inner Exception: [PKCS12 key store mac invalid -
wrong password or corrupted file.]
    at
org.apache.ws.security.components.crypto.AbstractCrypto.load(AbstractCrypto.java:141)
    at
org.apache.ws.security.components.crypto.AbstractCrypto.<init>(AbstractCrypto.java:97)
    at
org.apache.ws.security.components.crypto.Merlin.<init>(Merlin.java:65)
    ... 22 more
java.lang.InstantiationException:
org.apache.ws.security.components.crypto.Merlin
    at java.lang.Class.newInstance0(Class.java:335)
    at java.lang.Class.newInstance(Class.java:303)
    at
org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:219)
    at
org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:93)
    at
org.apache.rampart.util.RampartUtil.getSignatureCrypto(RampartUtil.java:235)
    at
org.apache.rampart.builder.BindingBuilder.getSignatureBuider(BindingBuilder.java:294)
    at
org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:596)
    at
org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:385)
    at
org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricBindingBuilder.java:95)
    at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:131)
    at
org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:64)
    at org.apache.axis2.engine.Phase.invoke(Phase.java:292)
    at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:212)
    at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:377)
    at
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:374)
    at
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:211)
    at
org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
    at
org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:528)
    at
org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:508)
    at com.ttdev.wrap.client2.Client.main(Client.java:81)
Exception in thread "main" java.lang.RuntimeException:
org.apache.ws.security.components.crypto.Merlin cannot create instance
    at
org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:224)
    at
org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:93)
    at
org.apache.rampart.util.RampartUtil.getSignatureCrypto(RampartUtil.java:235)
    at
org.apache.rampart.builder.BindingBuilder.getSignatureBuider(BindingBuilder.java:294)
    at
org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:596)
    at
org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:385)
    at
org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricBindingBuilder.java:95)
    at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:131)
    at
org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:64)
    at org.apache.axis2.engine.Phase.invoke(Phase.java:292)
    at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:212)
    at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:377)
    at
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:374)
    at
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:211)
    at
org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
    at
org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:528)
    at
org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:508)
    at com.ttdev.wrap.client2.Client.main(Client.java:81)

Mime
View raw message