You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@santuario.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2014/11/24 12:22:12 UTC

[jira] [Resolved] (SANTUARIO-406) RSA/ECB/OAEPWithSHA-256AndMGF1Padding not working

     [ https://issues.apache.org/jira/browse/SANTUARIO-406?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Colm O hEigeartaigh resolved SANTUARIO-406.
-------------------------------------------
    Resolution: Fixed

> RSA/ECB/OAEPWithSHA-256AndMGF1Padding not working
> -------------------------------------------------
>
>                 Key: SANTUARIO-406
>                 URL: https://issues.apache.org/jira/browse/SANTUARIO-406
>             Project: Santuario
>          Issue Type: Bug
>          Components: Java
>    Affects Versions: Java 2.0.2
>            Reporter: Thomas Konstantinides
>            Assignee: Colm O hEigeartaigh
>             Fix For: Java 1.5.8, Java 2.0.3
>
>         Attachments: XMLCipher.java.patch
>
>
> Using the Cipher "RSA/ECB/OAEPWithSHA-256AndMGF1Padding" as encryption algorithm to encrypt a session key is not possible at the moment.
> The given digest algorithm for the Cipher is used in XmlCipher.java, method constructCipher(String, String) to decide which implementation of the OAEP Padding to use: In that method however the code only checks if the given digestAlgorithm is null or ALGO_ID_DIGEST_SHA1 and in these cases uses the algorithm "RSA/ECB/OAEPWithSHA1AndMGF1Padding". The digestAlgorithm ALGO_ID_DIGEST_SHA256 is not handled if used together with RSA/ECB/OAEP Padding.
> The attached patch fixes this behavior by also considering the SHA-256 digest. This patch is the smallest possible fix for the behavior. Maybe a nicer solution for the future would be to change the JCEMapper class to consider the digest algorithm.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)