You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by gi...@apache.org on 2012/12/17 14:38:51 UTC
svn commit: r1422927 -
/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/processor/EncryptedKeyProcessor.java
Author: giger
Date: Mon Dec 17 13:38:51 2012
New Revision: 1422927
URL: http://svn.apache.org/viewvc?rev=1422927&view=rev
Log:
Use UNWRAP instead of DECRYTP mode for unwrapping keys
Modified:
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/processor/EncryptedKeyProcessor.java
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/processor/EncryptedKeyProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/processor/EncryptedKeyProcessor.java?rev=1422927&r1=1422926&r2=1422927&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/processor/EncryptedKeyProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/processor/EncryptedKeyProcessor.java Mon Dec 17 13:38:51 2012
@@ -165,9 +165,9 @@ public class EncryptedKeyProcessor imple
);
}
if (oaepParameterSpec == null) {
- cipher.init(Cipher.DECRYPT_MODE, privateKey);
+ cipher.init(Cipher.UNWRAP_MODE, privateKey);
} else {
- cipher.init(Cipher.DECRYPT_MODE, privateKey, oaepParameterSpec);
+ cipher.init(Cipher.UNWRAP_MODE, privateKey, oaepParameterSpec);
}
} catch (Exception ex) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK, ex);
@@ -179,7 +179,8 @@ public class EncryptedKeyProcessor imple
byte[] decryptedBytes = null;
try {
encryptedEphemeralKey = getDecodedBase64EncodedData(xencCipherValue);
- decryptedBytes = cipher.doFinal(encryptedEphemeralKey);
+ String keyAlgorithm = JCEMapper.translateURItoJCEID(encryptedKeyTransportMethod);
+ decryptedBytes = cipher.unwrap(encryptedEphemeralKey, keyAlgorithm, Cipher.SECRET_KEY).getEncoded();
} catch (IllegalStateException ex) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK, ex);
} catch (Exception ex) {