Wednesday, December 5, 2012

Getting NoSuchAlgorithmException when running Secure clients with WSO2 products?


Scenario: 

Secured client   _____\    Secured Proxy  ______\   Unsecured Svc
   (external)                /         (ESB)                    /        (AS)

Apply security policy 5(Sign and Encrypt) on both the client and ESB proxy. 

Problem:

You may encounter the error below. 
org.apache.axis2.AxisFault: Error in encryption
at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:117)
at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:262)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:427)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:406)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:555)
at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:531)
at SecurityClient.runSecurityClient(SecurityClient.java:103)
at SecurityClient.main(SecurityClient.java:41)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:115)
Caused by: org.apache.rampart.RampartException: Error in encryption
at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:568)
at org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricBindingBuilder.java:90)
at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:147)
at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:106)
... 16 more
Caused by: org.apache.ws.security.WSSecurityException: An unsupported signature or encryption algorithm was used (unsupported key transport encryption algorithm: No such algorithm: http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p); nested exception is: 
java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/OAEPPadding
at org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityUtil.java:785)
at org.apache.ws.security.message.WSSecEncryptedKey.prepareInternal(WSSecEncryptedKey.java:205)
at org.apache.ws.security.message.WSSecEncrypt.prepare(WSSecEncrypt.java:259)
at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:534)
... 19 more
Caused by: java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/OAEPPadding
at javax.crypto.Cipher.getInstance(DashoA13*..)
at org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityUtil.java:777)
... 22 more

Solution:
Import the bcprov-jdk15.jar jar which can be found in wso2esb-4.5.0/repository/axis2/client/lib to the class path of the secured client's project. 
Posted by at

1 comment:

  1. PgpDecember 5, 2012 at 8:49 PM

    I loved all of these posts. A lot of these things we have, but I got some really great ideas.

    ReplyDelete

Subscribe to: Post Comments (Atom)