Bug 1145569

Summary: JDK 8, WS-Security, Unsupported parameter: javax.crypto.spec.IvParameterSpec, Upgrade Santuario to 1.5.7 needed
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Jan Blizňák <jbliznak>
Component: Web ServicesAssignee: Alessio Soldano <asoldano>
Status: CLOSED CURRENTRELEASE QA Contact: Rostislav Svoboda <rsvoboda>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 6.3.0CC: cdewolf, kkhan
Target Milestone: DR2   
Target Release: EAP 6.4.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-08-02 07:27:08 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1143935, 1144103    
Bug Blocks: 1104190    

Description Jan Blizňák 2014-09-23 09:46:32 UTC 
We hit issue on JBossWS testsuite in WS security tests on JDK8.

When we add BouncyCastle security provider in java.security file as last provider, the exception is thrown with root case:

Original Exception was java.security.InvalidAlgorithmParameterException: Unsupported parameter: javax.crypto.spec.IvParameterSpec@63da70df
	at org.apache.xml.security.encryption.XMLCipher.decryptToByteArray(XMLCipher.java:1764)
	at org.apache.xml.security.encryption.XMLCipher.decryptElement(XMLCipher.java:1618)
	at org.apache.xml.security.encryption.XMLCipher.decryptElementContent(XMLCipher.java:1656)
	at org.apache.xml.security.encryption.XMLCipher.doFinal(XMLCipher.java:978)
	at org.apache.ws.security.processor.ReferenceListProcessor.decryptEncryptedData(ReferenceListProcessor.java:337)
	... 33 more
Caused by: java.security.InvalidAlgorithmParameterException: Unsupported parameter: javax.crypto.spec.IvParameterSpec@63da70df
	at com.sun.crypto.provider.CipherCore.init(CipherCore.java:509) [sunjce_provider.jar:1.8.0]
	at com.sun.crypto.provider.AESCipher.engineInit(AESCipher.java:339) [sunjce_provider.jar:1.8.0]
	at javax.crypto.Cipher.init(Cipher.java:1368) [jce.jar:1.8.0]
	at javax.crypto.Cipher.init(Cipher.java:1301) [jce.jar:1.8.0]
	at org.apache.xml.security.encryption.XMLCipher.decryptToByteArray(XMLCipher.java:1760)
	... 37 more



which is related to https://issues.apache.org/jira/browse/SANTUARIO-392, in short 

The issue is fixed in santuario 1.5.7
Comment 1 Jan Blizňák 2014-09-25 14:58:37 UTC 
Checked with 6.4.0.DR2 which contains santuario 1.5.7 and issues on JDK8 are gone (tested with BouncyCastle 1.51).
Comment 2 Jan Blizňák 2014-10-15 18:18:31 UTC 
Verified with 6.4.0.DR2 during 6.4.0.DR5 testing cycle.