You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by Thomas Konstantinides <Th...@isb-ag.de> on 2014/11/20 16:04:14 UTC
Patch for using RSA/ECB/OAEPWithSHA-256AndMGF1Padding
Hi,
I was trying to use the version 2.0.2 of santuario to encrypt a XML document with an AES key where the AES key itself should be encrypted using an RSA public key.
However at the moment it seems not possible to use the Cipher "RSA/ECB/OAEPWithSHA-256AndMGF1Padding" as the encryption algorithm to encrypt the AES key. This algorithm is supposed to be supported by every implementation of the Java 7 platform (see https://docs.oracle.com/javase/7/docs/api/javax/crypto/Cipher.html) and is also provided by the SunJCE in Java 6 (https://docs.oracle.com/javase/6/docs/technotes/guides/security/SunProviders.html#SunJCEProvider).
The attached patch fixes this behavior by considering that the digestAlgorithm given to the method constructCipher() in XMLCipher can be SHA-256 as well.
Maybe someone can double check if the patch is really needed or if there's other possibilities to get RSA/ECB/OAEPWithSHA-256AndMGF1Padding to work with version 2.0.2.
I'd rise a jira issue if you find that this is really a bug.
Thanks and regards,
Thomas
AW: Patch for using RSA/ECB/OAEPWithSHA-256AndMGF1Padding
Posted by Thomas Konstantinides <Th...@isb-ag.de>.
Hi Colm,
I opened https://issues.apache.org/jira/browse/SANTUARIO-406 and attached the patch.
Thomas
Von: Colm O hEigeartaigh [mailto:coheigea@apache.org]
Gesendet: Freitag, 21. November 2014 12:33
An: dev@santuario.apache.org
Betreff: Re: Patch for using RSA/ECB/OAEPWithSHA-256AndMGF1Padding
Hi Thomas,
Yes, please log a JIRA and attach a patch.
Colm.
On Thu, Nov 20, 2014 at 4:04 PM, Thomas Konstantinides <Th...@isb-ag.de>> wrote:
Hi,
I was trying to use the version 2.0.2 of santuario to encrypt a XML document with an AES key where the AES key itself should be encrypted using an RSA public key.
However at the moment it seems not possible to use the Cipher "RSA/ECB/OAEPWithSHA-256AndMGF1Padding" as the encryption algorithm to encrypt the AES key. This algorithm is supposed to be supported by every implementation of the Java 7 platform (see https://docs.oracle.com/javase/7/docs/api/javax/crypto/Cipher.html) and is also provided by the SunJCE in Java 6 (https://docs.oracle.com/javase/6/docs/technotes/guides/security/SunProviders.html#SunJCEProvider).
The attached patch fixes this behavior by considering that the digestAlgorithm given to the method constructCipher() in XMLCipher can be SHA-256 as well.
Maybe someone can double check if the patch is really needed or if there's other possibilities to get RSA/ECB/OAEPWithSHA-256AndMGF1Padding to work with version 2.0.2.
I'd rise a jira issue if you find that this is really a bug.
Thanks and regards,
Thomas
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
Re: Patch for using RSA/ECB/OAEPWithSHA-256AndMGF1Padding
Posted by Colm O hEigeartaigh <co...@apache.org>.
Hi Thomas,
Yes, please log a JIRA and attach a patch.
Colm.
On Thu, Nov 20, 2014 at 4:04 PM, Thomas Konstantinides <
Thomas.Konstantinides@isb-ag.de> wrote:
> Hi,
>
> I was trying to use the version 2.0.2 of santuario to encrypt a XML
> document with an AES key where the AES key itself should be encrypted using
> an RSA public key.
>
> However at the moment it seems not possible to use the Cipher
> "RSA/ECB/OAEPWithSHA-256AndMGF1Padding" as the encryption algorithm to
> encrypt the AES key. This algorithm is supposed to be supported by every
> implementation of the Java 7 platform (see
> https://docs.oracle.com/javase/7/docs/api/javax/crypto/Cipher.html) and
> is also provided by the SunJCE in Java 6 (
> https://docs.oracle.com/javase/6/docs/technotes/guides/security/SunProviders.html#SunJCEProvider
> ).
>
> The attached patch fixes this behavior by considering that the
> digestAlgorithm given to the method constructCipher() in XMLCipher can be
> SHA-256 as well.
>
> Maybe someone can double check if the patch is really needed or if there's
> other possibilities to get RSA/ECB/OAEPWithSHA-256AndMGF1Padding to work
> with version 2.0.2.
>
> I'd rise a jira issue if you find that this is really a bug.
>
> Thanks and regards,
> Thomas
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com