1

I have the software based on jax-ws services that was built in NetBeans. Software uses Standard Encription "Username Authentication with Symmetric key", and algorithm site: Basic 128. Everything built like standard netbeans Sample "Secured Calculator", but with one difference: My client is standalone swing application.

Prior java7 update 25 everything worked fine but after update i got exception printed below. By the way, to reproduce exception you don't need server side of jax-ws, it appeared in the client part before connecting to the server side.

Exception:

algorithm is not supported for key encryption java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/OAEPPadding

The link to the source code: To run the source code you need netbeans 7.3, jdk7u25, tomcat7(if you run server part) and don't forget to correct path to the certificates in the certs folder included in the archive.

To download source: please go to the link below and select file menu after select download, you will download archive delCl.zip. it consists three folders

  1. delCl: client part
  2. delServ: server part
  3. certs: certificates

https://docs.google.com/file/d/0Bxah0w_hE4JZTy16YUZGREgzN2s/edit?usp=sharing

Please Help to fix that !!!

Full Exception text: 

[com.sun.xml.ws.policy.jaxws.PolicyConfigParser]  parse
INFO: WSP5018: Loaded WSIT configuration from file: file:/C:/TeachProjects/delCl/build/classes/META-INF/wsit-client.xml.
черв 20, 2013 8:00:25 AM com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor getCipherValueOfEK
SEVERE: WSS1904: Unable to compute Cipher Value / decrypt key as http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p algorithm is not supported for key encryption
java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/OAEPPadding
    at javax.crypto.Cipher.getInstance(Cipher.java:524)
    at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.initCipher(CryptoProcessor.java:124)
    at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.getCipherValueOfEK(CryptoProcessor.java:166)
    at com.sun.xml.ws.security.opt.impl.enc.JAXBEncryptedKey.getCipherValue(JAXBEncryptedKey.java:274)
    at com.sun.xml.ws.security.opt.impl.keyinfo.SymmetricTokenBuilder.process(SymmetricTokenBuilder.java:255)
    at com.sun.xml.ws.security.opt.impl.dsig.TokenProcessor.process(TokenProcessor.java:190)
    at com.sun.xml.ws.security.opt.impl.dsig.SignatureProcessor.sign(SignatureProcessor.java:109)
    at com.sun.xml.wss.impl.filter.SignatureFilter.sign(SignatureFilter.java:631)
    at com.sun.xml.wss.impl.filter.SignatureFilter.process(SignatureFilter.java:589)
    at com.sun.xml.wss.impl.HarnessUtil.processWSSPolicy(HarnessUtil.java:93)
    at com.sun.xml.wss.impl.HarnessUtil.processDeep(HarnessUtil.java:272)
    at com.sun.xml.wss.impl.SecurityAnnotator.processMessagePolicy(SecurityAnnotator.java:189)
    at com.sun.xml.wss.impl.SecurityAnnotator.secureMessage(SecurityAnnotator.java:150)
    at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.secureOutboundMessage(SecurityTubeBase.java:397)
    at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processClientRequestPacket(SecurityClientTube.java:311)
    at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processRequest(SecurityClientTube.java:240)
    at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:629)
    at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:588)
    at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:573)
    at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:470)
    at com.sun.xml.ws.client.Stub.process(Stub.java:319)
    at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:157)
    at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:109)
    at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:89)
    at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:140)
    at com.sun.proxy.$Proxy42.getSystemVersion(Unknown Source)
    at delcl.DelCl.getSystemVersion(DelCl.java:23)
    at delcl.DelCl.main(DelCl.java:17)

черв 20, 2013 8:00:25 AM com.sun.xml.ws.security.opt.impl.dsig.SignatureProcessor sign
SEVERE: WSS1701: Sign operation failed.
com.sun.xml.wss.impl.XWSSecurityRuntimeException: java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/OAEPPadding
    at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.getCipherValueOfEK(CryptoProcessor.java:172)
    at com.sun.xml.ws.security.opt.impl.enc.JAXBEncryptedKey.getCipherValue(JAXBEncryptedKey.java:274)
    at com.sun.xml.ws.security.opt.impl.keyinfo.SymmetricTokenBuilder.process(SymmetricTokenBuilder.java:255)
    at com.sun.xml.ws.security.opt.impl.dsig.TokenProcessor.process(TokenProcessor.java:190)
    at com.sun.xml.ws.security.opt.impl.dsig.SignatureProcessor.sign(SignatureProcessor.java:109)
    at com.sun.xml.wss.impl.filter.SignatureFilter.sign(SignatureFilter.java:631)
    at com.sun.xml.wss.impl.filter.SignatureFilter.process(SignatureFilter.java:589)
    at com.sun.xml.wss.impl.HarnessUtil.processWSSPolicy(HarnessUtil.java:93)
    at com.sun.xml.wss.impl.HarnessUtil.processDeep(HarnessUtil.java:272)
    at com.sun.xml.wss.impl.SecurityAnnotator.processMessagePolicy(SecurityAnnotator.java:189)
    at com.sun.xml.wss.impl.SecurityAnnotator.secureMessage(SecurityAnnotator.java:150)
    at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.secureOutboundMessage(SecurityTubeBase.java:397)
    at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processClientRequestPacket(SecurityClientTube.java:311)
    at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processRequest(SecurityClientTube.java:240)
    at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:629)
    at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:588)
    at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:573)
    at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:470)
    at com.sun.xml.ws.client.Stub.process(Stub.java:319)
    at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:157)
    at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:109)
    at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:89)
    at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:140)
    at com.sun.proxy.$Proxy42.getSystemVersion(Unknown Source)
    at delcl.DelCl.getSystemVersion(DelCl.java:23)
    at delcl.DelCl.main(DelCl.java:17)
Caused by: java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/OAEPPadding
    at javax.crypto.Cipher.getInstance(Cipher.java:524)
    at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.initCipher(CryptoProcessor.java:124)
    at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.getCipherValueOfEK(CryptoProcessor.java:166)
    ... 25 more

черв 20, 2013 8:00:25 AM com.sun.xml.wss.jaxws.impl.SecurityTubeBase secureOutboundMessage
SEVERE: WSSTUBE0024: Error in Securing Outbound Message.
com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.impl.XWSSecurityRuntimeException: java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/OAEPPadding
    at com.sun.xml.ws.security.opt.impl.dsig.SignatureProcessor.sign(SignatureProcessor.java:140)
    at com.sun.xml.wss.impl.filter.SignatureFilter.sign(SignatureFilter.java:631)
    at com.sun.xml.wss.impl.filter.SignatureFilter.process(SignatureFilter.java:589)
    at com.sun.xml.wss.impl.HarnessUtil.processWSSPolicy(HarnessUtil.java:93)
    at com.sun.xml.wss.impl.HarnessUtil.processDeep(HarnessUtil.java:272)
    at com.sun.xml.wss.impl.SecurityAnnotator.processMessagePolicy(SecurityAnnotator.java:189)
    at com.sun.xml.wss.impl.SecurityAnnotator.secureMessage(SecurityAnnotator.java:150)
    at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.secureOutboundMessage(SecurityTubeBase.java:397)
    at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processClientRequestPacket(SecurityClientTube.java:311)
    at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processRequest(SecurityClientTube.java:240)
    at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:629)
    at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:588)
    at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:573)
    at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:470)
    at com.sun.xml.ws.client.Stub.process(Stub.java:319)
    at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:157)
    at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:109)
    at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:89)
    at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:140)
    at com.sun.proxy.$Proxy42.getSystemVersion(Unknown Source)
    at delcl.DelCl.getSystemVersion(DelCl.java:23)
    at delcl.DelCl.main(DelCl.java:17)
Caused by: com.sun.xml.wss.impl.XWSSecurityRuntimeException: java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/OAEPPadding
    at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.getCipherValueOfEK(CryptoProcessor.java:172)
    at com.sun.xml.ws.security.opt.impl.enc.JAXBEncryptedKey.getCipherValue(JAXBEncryptedKey.java:274)
    at com.sun.xml.ws.security.opt.impl.keyinfo.SymmetricTokenBuilder.process(SymmetricTokenBuilder.java:255)
    at com.sun.xml.ws.security.opt.impl.dsig.TokenProcessor.process(TokenProcessor.java:190)
    at com.sun.xml.ws.security.opt.impl.dsig.SignatureProcessor.sign(SignatureProcessor.java:109)
    ... 21 more
Caused by: java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/OAEPPadding
    at javax.crypto.Cipher.getInstance(Cipher.java:524)
    at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.initCipher(CryptoProcessor.java:124)
    at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.getCipherValueOfEK(CryptoProcessor.java:166)
    ... 25 more

черв 20, 2013 8:00:25 AM com.sun.xml.wss.jaxws.impl.SecurityClientTube processClientRequestPacket
SEVERE: WSSTUBE0024: Error in Securing Outbound Message.
com.sun.xml.wss.impl.WssSoapFaultException: com.sun.xml.wss.impl.XWSSecurityRuntimeException: java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/OAEPPadding
    at com.sun.xml.wss.impl.SecurableSoapMessage.newSOAPFaultException(SecurableSoapMessage.java:336)
    at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.secureOutboundMessage(SecurityTubeBase.java:402)
    at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processClientRequestPacket(SecurityClientTube.java:311)
    at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processRequest(SecurityClientTube.java:240)
    at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:629)
    at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:588)
    at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:573)
    at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:470)
    at com.sun.xml.ws.client.Stub.process(Stub.java:319)
    at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:157)
    at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:109)
    at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:89)
    at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:140)
    at com.sun.proxy.$Proxy42.getSystemVersion(Unknown Source)
    at delcl.DelCl.getSystemVersion(DelCl.java:23)
    at delcl.DelCl.main(DelCl.java:17)
Caused by: com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.impl.XWSSecurityRuntimeException: java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/OAEPPadding
    at com.sun.xml.ws.security.opt.impl.dsig.SignatureProcessor.sign(SignatureProcessor.java:140)
    at com.sun.xml.wss.impl.filter.SignatureFilter.sign(SignatureFilter.java:631)
    at com.sun.xml.wss.impl.filter.SignatureFilter.process(SignatureFilter.java:589)
    at com.sun.xml.wss.impl.HarnessUtil.processWSSPolicy(HarnessUtil.java:93)
    at com.sun.xml.wss.impl.HarnessUtil.processDeep(HarnessUtil.java:272)
    at com.sun.xml.wss.impl.SecurityAnnotator.processMessagePolicy(SecurityAnnotator.java:189)
    at com.sun.xml.wss.impl.SecurityAnnotator.secureMessage(SecurityAnnotator.java:150)
    at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.secureOutboundMessage(SecurityTubeBase.java:397)
    ... 14 more
Caused by: com.sun.xml.wss.impl.XWSSecurityRuntimeException: java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/OAEPPadding
    at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.getCipherValueOfEK(CryptoProcessor.java:172)
    at com.sun.xml.ws.security.opt.impl.enc.JAXBEncryptedKey.getCipherValue(JAXBEncryptedKey.java:274)
    at com.sun.xml.ws.security.opt.impl.keyinfo.SymmetricTokenBuilder.process(SymmetricTokenBuilder.java:255)
    at com.sun.xml.ws.security.opt.impl.dsig.TokenProcessor.process(TokenProcessor.java:190)
    at com.sun.xml.ws.security.opt.impl.dsig.SignatureProcessor.sign(SignatureProcessor.java:109)
    ... 21 more
Caused by: java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/OAEPPadding
    at javax.crypto.Cipher.getInstance(Cipher.java:524)
    at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.initCipher(CryptoProcessor.java:124)
    at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.getCipherValueOfEK(CryptoProcessor.java:166)
    ... 25 more

Exception in thread "main" javax.xml.ws.WebServiceException: WSSTUBE0024: Error in Securing Outbound Message.
    at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processClientRequestPacket(SecurityClientTube.java:316)
    at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processRequest(SecurityClientTube.java:240)
    at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:629)
    at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:588)
    at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:573)
    at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:470)
    at com.sun.xml.ws.client.Stub.process(Stub.java:319)
    at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:157)
    at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:109)
    at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:89)
    at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:140)
    at com.sun.proxy.$Proxy42.getSystemVersion(Unknown Source)
    at delcl.DelCl.getSystemVersion(DelCl.java:23)
    at delcl.DelCl.main(DelCl.java:17)
Caused by: javax.xml.ws.soap.SOAPFaultException: com.sun.xml.wss.impl.XWSSecurityRuntimeException: java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/OAEPPadding
    at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.getSOAPFaultException(SecurityTubeBase.java:674)
    ... 14 more
Caused by: com.sun.xml.wss.impl.WssSoapFaultException: com.sun.xml.wss.impl.XWSSecurityRuntimeException: java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/OAEPPadding
    at com.sun.xml.wss.impl.SecurableSoapMessage.newSOAPFaultException(SecurableSoapMessage.java:336)
    at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.secureOutboundMessage(SecurityTubeBase.java:402)
    at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processClientRequestPacket(SecurityClientTube.java:311)
    ... 13 more
Caused by: com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.impl.XWSSecurityRuntimeException: java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/OAEPPadding
    at com.sun.xml.ws.security.opt.impl.dsig.SignatureProcessor.sign(SignatureProcessor.java:140)
    at com.sun.xml.wss.impl.filter.SignatureFilter.sign(SignatureFilter.java:631)
    at com.sun.xml.wss.impl.filter.SignatureFilter.process(SignatureFilter.java:589)
    at com.sun.xml.wss.impl.HarnessUtil.processWSSPolicy(HarnessUtil.java:93)
    at com.sun.xml.wss.impl.HarnessUtil.processDeep(HarnessUtil.java:272)
    at com.sun.xml.wss.impl.SecurityAnnotator.processMessagePolicy(SecurityAnnotator.java:189)
    at com.sun.xml.wss.impl.SecurityAnnotator.secureMessage(SecurityAnnotator.java:150)
    at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.secureOutboundMessage(SecurityTubeBase.java:397)
    ... 14 more
Caused by: com.sun.xml.wss.impl.XWSSecurityRuntimeException: java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/OAEPPadding
    at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.getCipherValueOfEK(CryptoProcessor.java:172)
    at com.sun.xml.ws.security.opt.impl.enc.JAXBEncryptedKey.getCipherValue(JAXBEncryptedKey.java:274)
    at com.sun.xml.ws.security.opt.impl.keyinfo.SymmetricTokenBuilder.process(SymmetricTokenBuilder.java:255)
    at com.sun.xml.ws.security.opt.impl.dsig.TokenProcessor.process(TokenProcessor.java:190)
    at com.sun.xml.ws.security.opt.impl.dsig.SignatureProcessor.sign(SignatureProcessor.java:109)
    ... 21 more
Caused by: java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/OAEPPadding
    at javax.crypto.Cipher.getInstance(Cipher.java:524)
    at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.initCipher(CryptoProcessor.java:124)
    at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.getCipherValueOfEK(CryptoProcessor.java:166)
    ... 25 more
4

2 回答 2

3

呃。最后,我找到了解决方案。Oracle 确实从 java 7 update 25 中的可用密码算法中排除了 RSA/ECB/OAEPPadding 算法。这是 wsit 用于使用对称密钥保护 jax-ws Web 服务的标准算法。如何解决这个问题?首先,您必须下载 BouncyCastle Provider(支持所需算法的第三方提供程序)并将其添加到服务器和客户端的类路径中。在客户端也在应用程序中安装新的提供程序只需添加行:

Security.addProvider(new BouncyCastleProvider());

在服务器端,您可以通过修改文件 JAVA_HOME\lib\security\java.security 添加新的安全提供程序。您必须添加以下行:

security.provider.11=org.bouncycastle.jce.provider.BouncyCastleProvider

11 - 加载顺序中的提供者数量。

重新启动服务器和客户端。就这样。

于 2013-06-26T11:31:23.993 回答
0

问题已在 jdk 1.7.45 中修复。 http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=8017173

于 2013-12-11T09:31:48.367 回答