You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by Maxwell Scott <ma...@bah.com> on 2006/02/03 23:53:08 UTC
Incompatibility of WSS4J encryption with PKI certificates specifying critical keyUsage
I've been trying to configure the WSS4J samples using sender actions
Signature and Encryption using our PKI certificates. Our PKI poses
strict rules on certificate keyUsage. Basically, certificates are only
ever given the keyUsages of digitalSignature and keyEncipherment. The
keyUsage dataEncipherment is not allowed, presumably to avoid
inefficient encryption using the public/private key pairs instead of a
symmetric session key.
Using these certificates (with keyUsage) results in an
InvalidKeyException when initializing a javax.crypto.Cipher in the
ENCRYPT_MODE as in WSEncryptBody.build:
cipher.init(Cipher.ENCRYPT_MODE, remoteCert);
To support both cases (certs with no keyUsage, and certificates with
critical keyUsage allowing keyEncipherment but not dataEncipherment) I
think a better solution would be to use the WRAP_MODE, changing the
encryption of session keys with public keys from encryptedKey =
cipher.doFinal(encKey); to encryptedKey =
cipher.wrap(this.encryptionKey); This also has to be handled
appropriately (perform an UNWRAP) on the receiver's end in
WSSecurityEngine.handleEncryptedKey.
Does this sound correct?
--Scott
PLEASE HELP..........SOAPUtil.toSoapMessage Problem
Posted by Alessandro Gilardoni <a....@alice.it>.
Hi,
i have tried to sign a SOAPMessage with the code provided by wss4j examples.
I have a signature verification fail error when i try to verify the
signature.
here the code i used
WSSignEnvelope builder = new WSSignEnvelope();
builder.setUserInfo("client", "security");
builder.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
Document doc = unsignedEnvelope.getAsDocument(); /////// IS A SOAPMessage
Document signedDoc = builder.build(doc, crypto);
Message signedMsg = (Message) toSOAPMessage(signedDoc);
signedDoc = signedMsg.getSOAPEnvelope().getAsDocument();
verify(signedDoc);
It seems that the "Message signedMsg = (Message)
SOAPUtil.toSOAPMessage(signedDoc); " change the body of the message
(insert some new line) so the message differs from the one used to sign,
and it' s natural that the signature verification must fail.
if i comment out the two lines:
Message signedMsg = (Message) toSOAPMessage(signedDoc);
signedDoc = signedMsg.getSOAPEnvelope().getAsDocument();
and i verify the signed message after have signed it, the signature
verification it's ok.
Alessandro Gilardoni
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
PLEASE HELP..........SOAPUtil.toSoapMessage Problem
Posted by Alessandro Gilardoni <a....@alice.it>.
Hi,
i have tried to sign a SOAPMessage with the code provided by wss4j examples.
I have a signature verification fail error when i try to verify the
signature.
here the code i used
WSSignEnvelope builder = new WSSignEnvelope();
builder.setUserInfo("client", "security");
builder.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
Document doc = unsignedEnvelope.getAsDocument(); /////// IS A SOAPMessage
Document signedDoc = builder.build(doc, crypto);
Message signedMsg = (Message) toSOAPMessage(signedDoc);
signedDoc = signedMsg.getSOAPEnvelope().getAsDocument();
verify(signedDoc);
It seems that the "Message signedMsg = (Message)
SOAPUtil.toSOAPMessage(signedDoc); " change the body of the message
(insert some new line) so the message differs from the one used to sign,
and it' s natural that the signature verification must fail.
if i comment out the two lines:
Message signedMsg = (Message) toSOAPMessage(signedDoc);
signedDoc = signedMsg.getSOAPEnvelope().getAsDocument();
and i verify the signed message after have signed it, the signature
verification it's ok.
Alessandro Gilardoni
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Incompatibility of WSS4J encryption with PKI certificates specifying
critical keyUsage
Posted by Werner Dittmann <We...@t-online.de>.
Scott,
you are right that WSS4J currently uses the ENCRYPT mode to encrypt
a symmetric key. We never yet tested it with certificates that include
the key usage stuff (nor did we get any report from other users).
Regarding the RSA: the Cipher class may perform the key usage checks,
however the implememtation of the underlying RSA cipher (at least for
the BouncyCastle implementation) makes no difference between a key wrap
and a simple encrypt mode. Thus it is my belief that both modes are
equivalent in this case. This needs to be tested though.
Regards,
Werner
Maxwell Scott wrote:
> I do understand that WS-Security uses random (symmetric) session keys
> for the actual encryption of body elements. And of course these keys
> are encrypted with the receiver's public key so that it can be decrypted
> with the private key.
>
> However, strictly speaking, I don't think wss4j is using the key
> wrapping mode (Cipher.WRAP_MODE) in WSEncryptBody.build. The source
> code of wss4j 1.1.0 shows that you init the cipher in ENCRYPT_MODE in
> order to encrypt the session key.
>
> Based on my admittedly limited knowledge of javax.crypto.Cipher, I
> believe the Cipher.ENCRYPT_MODE can be used to encrypt any byte[] (which
> could be a session key), while Cipher.WRAP_MODE can only be used to
> encrypt keys. The difference being that the public key used to init the
> cipher must either 1) have no critical keyUsages set (as is the case
> with the provided test certificates) and therefore could be used in
> either mode, or 2) have the proper critical keyUsage setting that
> corresponds to the mode/action (dataEncipherment for ENCRYPT_MODE and
> keyEncipherment for WRAP_MODE).
>
> We have tested with JRE 1.4.2_08 and wss4j 1.1.0 using the wss4j
> provided certificates (no keyUsages), and ones created using OpenSSL
> with only the digitalSignature and keyEncipherment critical keyUsages
> set. With the latter set of keys, we encounter the InvalidKeyException
> in WSEncryptBody.build at the line "cipher.init(Cipher.ENCRYPT_MODE,
> remoteCert);" If, however, this is changed to
> cipher.init(Cipher.WRAP_MODE, remoteCert);, no exception is thrown with
> either set of keys and encryption works as expected.
>
> When you say for RSA both ENCRYPT_MODE and WRAP_MODE are identical, do
> you mean a specific Provider? It is my belief that the
> javax.crypto.Cipher class is performing the check of critical keyUsages,
> and is therefore independent of any specific Provider?
>
> Thanks,
> --Scott
> ------------------------------------------------------------------------
> *From:* Werner Dittmann [mailto:Werner.Dittmann@t-online.de]
> *Sent:* Sat 2/4/2006 12:51 AM
> *To:* Maxwell Scott
> *Cc:* wss4j-dev@ws.apache.org
> *Subject:* Re: Incompatibility of WSS4J encryption with PKI certificates
> specifying critical keyUsage
>
> Scott,
>
> untils now we never had such a problem :-). In fact the WS Security does
> not use the public/private keys to encrypt / decrypt the data but uses
> a random session key and encrypts the data using a symmetrical cipher.
> The public key is used the encrypt this random session key. Thus, in
> fact we use a KeyWarp. But for RSA the ENCRYPT_MODE and WRAP_MODE are
> identical. Which vesion of Java do you use?
>
> We'll need to test if the WRAP/UNWARP modes works as expected.
>
> Regrads,
> Werner
>
>
> yes and no.
> Maxwell Scott wrote:
>> I've been trying to configure the WSS4J samples using sender actions
>> Signature and Encryption using our PKI certificates. Our PKI poses
>> strict rules on certificate keyUsage. Basically, certificates are only
>> ever given the keyUsages of digitalSignature and keyEncipherment. The
>> keyUsage dataEncipherment is not allowed, presumably to avoid
>> inefficient encryption using the public/private key pairs instead of a
>> symmetric session key.
>>
>> Using these certificates (with keyUsage) results in an
>> InvalidKeyException when initializing a javax.crypto.Cipher in the
>> ENCRYPT_MODE as in WSEncryptBody.build:
>>
>> cipher.init(Cipher.ENCRYPT_MODE, remoteCert);
>>
>>
>> To support both cases (certs with no keyUsage, and certificates with
>> critical keyUsage allowing keyEncipherment but not dataEncipherment) I
>> think a better solution would be to use the WRAP_MODE, changing the
>> encryption of session keys with public keys from encryptedKey =
>> cipher.doFinal(encKey); to encryptedKey =
>> cipher.wrap(this.encryptionKey); This also has to be handled
>> appropriately (perform an UNWRAP) on the receiver's end in
>> WSSecurityEngine.handleEncryptedKey.
>>
>> Does this sound correct?
>>
>> --Scott
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Incompatibility of WSS4J encryption with PKI certificates specifying
critical keyUsage
Posted by Werner Dittmann <We...@t-online.de>.
Scott,
you are right that WSS4J currently uses the ENCRYPT mode to encrypt
a symmetric key. We never yet tested it with certificates that include
the key usage stuff (nor did we get any report from other users).
Regarding the RSA: the Cipher class may perform the key usage checks,
however the implememtation of the underlying RSA cipher (at least for
the BouncyCastle implementation) makes no difference between a key wrap
and a simple encrypt mode. Thus it is my belief that both modes are
equivalent in this case. This needs to be tested though.
Regards,
Werner
Maxwell Scott wrote:
> I do understand that WS-Security uses random (symmetric) session keys
> for the actual encryption of body elements. And of course these keys
> are encrypted with the receiver's public key so that it can be decrypted
> with the private key.
>
> However, strictly speaking, I don't think wss4j is using the key
> wrapping mode (Cipher.WRAP_MODE) in WSEncryptBody.build. The source
> code of wss4j 1.1.0 shows that you init the cipher in ENCRYPT_MODE in
> order to encrypt the session key.
>
> Based on my admittedly limited knowledge of javax.crypto.Cipher, I
> believe the Cipher.ENCRYPT_MODE can be used to encrypt any byte[] (which
> could be a session key), while Cipher.WRAP_MODE can only be used to
> encrypt keys. The difference being that the public key used to init the
> cipher must either 1) have no critical keyUsages set (as is the case
> with the provided test certificates) and therefore could be used in
> either mode, or 2) have the proper critical keyUsage setting that
> corresponds to the mode/action (dataEncipherment for ENCRYPT_MODE and
> keyEncipherment for WRAP_MODE).
>
> We have tested with JRE 1.4.2_08 and wss4j 1.1.0 using the wss4j
> provided certificates (no keyUsages), and ones created using OpenSSL
> with only the digitalSignature and keyEncipherment critical keyUsages
> set. With the latter set of keys, we encounter the InvalidKeyException
> in WSEncryptBody.build at the line "cipher.init(Cipher.ENCRYPT_MODE,
> remoteCert);" If, however, this is changed to
> cipher.init(Cipher.WRAP_MODE, remoteCert);, no exception is thrown with
> either set of keys and encryption works as expected.
>
> When you say for RSA both ENCRYPT_MODE and WRAP_MODE are identical, do
> you mean a specific Provider? It is my belief that the
> javax.crypto.Cipher class is performing the check of critical keyUsages,
> and is therefore independent of any specific Provider?
>
> Thanks,
> --Scott
> ------------------------------------------------------------------------
> *From:* Werner Dittmann [mailto:Werner.Dittmann@t-online.de]
> *Sent:* Sat 2/4/2006 12:51 AM
> *To:* Maxwell Scott
> *Cc:* wss4j-dev@ws.apache.org
> *Subject:* Re: Incompatibility of WSS4J encryption with PKI certificates
> specifying critical keyUsage
>
> Scott,
>
> untils now we never had such a problem :-). In fact the WS Security does
> not use the public/private keys to encrypt / decrypt the data but uses
> a random session key and encrypts the data using a symmetrical cipher.
> The public key is used the encrypt this random session key. Thus, in
> fact we use a KeyWarp. But for RSA the ENCRYPT_MODE and WRAP_MODE are
> identical. Which vesion of Java do you use?
>
> We'll need to test if the WRAP/UNWARP modes works as expected.
>
> Regrads,
> Werner
>
>
> yes and no.
> Maxwell Scott wrote:
>> I've been trying to configure the WSS4J samples using sender actions
>> Signature and Encryption using our PKI certificates. Our PKI poses
>> strict rules on certificate keyUsage. Basically, certificates are only
>> ever given the keyUsages of digitalSignature and keyEncipherment. The
>> keyUsage dataEncipherment is not allowed, presumably to avoid
>> inefficient encryption using the public/private key pairs instead of a
>> symmetric session key.
>>
>> Using these certificates (with keyUsage) results in an
>> InvalidKeyException when initializing a javax.crypto.Cipher in the
>> ENCRYPT_MODE as in WSEncryptBody.build:
>>
>> cipher.init(Cipher.ENCRYPT_MODE, remoteCert);
>>
>>
>> To support both cases (certs with no keyUsage, and certificates with
>> critical keyUsage allowing keyEncipherment but not dataEncipherment) I
>> think a better solution would be to use the WRAP_MODE, changing the
>> encryption of session keys with public keys from encryptedKey =
>> cipher.doFinal(encKey); to encryptedKey =
>> cipher.wrap(this.encryptionKey); This also has to be handled
>> appropriately (perform an UNWRAP) on the receiver's end in
>> WSSecurityEngine.handleEncryptedKey.
>>
>> Does this sound correct?
>>
>> --Scott
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
RE: Incompatibility of WSS4J encryption with PKI certificates specifying critical keyUsage
Posted by Maxwell Scott <ma...@bah.com>.
I do understand that WS-Security uses random (symmetric) session keys for the actual encryption of body elements. And of course these keys are encrypted with the receiver's public key so that it can be decrypted with the private key.
However, strictly speaking, I don't think wss4j is using the key wrapping mode (Cipher.WRAP_MODE) in WSEncryptBody.build. The source code of wss4j 1.1.0 shows that you init the cipher in ENCRYPT_MODE in order to encrypt the session key.
Based on my admittedly limited knowledge of javax.crypto.Cipher, I believe the Cipher.ENCRYPT_MODE can be used to encrypt any byte[] (which could be a session key), while Cipher.WRAP_MODE can only be used to encrypt keys. The difference being that the public key used to init the cipher must either 1) have no critical keyUsages set (as is the case with the provided test certificates) and therefore could be used in either mode, or 2) have the proper critical keyUsage setting that corresponds to the mode/action (dataEncipherment for ENCRYPT_MODE and keyEncipherment for WRAP_MODE).
We have tested with JRE 1.4.2_08 and wss4j 1.1.0 using the wss4j provided certificates (no keyUsages), and ones created using OpenSSL with only the digitalSignature and keyEncipherment critical keyUsages set. With the latter set of keys, we encounter the InvalidKeyException in WSEncryptBody.build at the line "cipher.init(Cipher.ENCRYPT_MODE, remoteCert);" If, however, this is changed to cipher.init(Cipher.WRAP_MODE, remoteCert);, no exception is thrown with either set of keys and encryption works as expected.
When you say for RSA both ENCRYPT_MODE and WRAP_MODE are identical, do you mean a specific Provider? It is my belief that the javax.crypto.Cipher class is performing the check of critical keyUsages, and is therefore independent of any specific Provider?
Thanks,
--Scott
________________________________
From: Werner Dittmann [mailto:Werner.Dittmann@t-online.de]
Sent: Sat 2/4/2006 12:51 AM
To: Maxwell Scott
Cc: wss4j-dev@ws.apache.org
Subject: Re: Incompatibility of WSS4J encryption with PKI certificates specifying critical keyUsage
Scott,
untils now we never had such a problem :-). In fact the WS Security does
not use the public/private keys to encrypt / decrypt the data but uses
a random session key and encrypts the data using a symmetrical cipher.
The public key is used the encrypt this random session key. Thus, in
fact we use a KeyWarp. But for RSA the ENCRYPT_MODE and WRAP_MODE are
identical. Which vesion of Java do you use?
We'll need to test if the WRAP/UNWARP modes works as expected.
Regrads,
Werner
yes and no.
Maxwell Scott wrote:
> I've been trying to configure the WSS4J samples using sender actions
> Signature and Encryption using our PKI certificates. Our PKI poses
> strict rules on certificate keyUsage. Basically, certificates are only
> ever given the keyUsages of digitalSignature and keyEncipherment. The
> keyUsage dataEncipherment is not allowed, presumably to avoid
> inefficient encryption using the public/private key pairs instead of a
> symmetric session key.
>
> Using these certificates (with keyUsage) results in an
> InvalidKeyException when initializing a javax.crypto.Cipher in the
> ENCRYPT_MODE as in WSEncryptBody.build:
>
> cipher.init(Cipher.ENCRYPT_MODE, remoteCert);
>
>
> To support both cases (certs with no keyUsage, and certificates with
> critical keyUsage allowing keyEncipherment but not dataEncipherment) I
> think a better solution would be to use the WRAP_MODE, changing the
> encryption of session keys with public keys from encryptedKey =
> cipher.doFinal(encKey); to encryptedKey =
> cipher.wrap(this.encryptionKey); This also has to be handled
> appropriately (perform an UNWRAP) on the receiver's end in
> WSSecurityEngine.handleEncryptedKey.
>
> Does this sound correct?
>
> --Scott
RE: Incompatibility of WSS4J encryption with PKI certificates specifying critical keyUsage
Posted by Maxwell Scott <ma...@bah.com>.
I do understand that WS-Security uses random (symmetric) session keys for the actual encryption of body elements. And of course these keys are encrypted with the receiver's public key so that it can be decrypted with the private key.
However, strictly speaking, I don't think wss4j is using the key wrapping mode (Cipher.WRAP_MODE) in WSEncryptBody.build. The source code of wss4j 1.1.0 shows that you init the cipher in ENCRYPT_MODE in order to encrypt the session key.
Based on my admittedly limited knowledge of javax.crypto.Cipher, I believe the Cipher.ENCRYPT_MODE can be used to encrypt any byte[] (which could be a session key), while Cipher.WRAP_MODE can only be used to encrypt keys. The difference being that the public key used to init the cipher must either 1) have no critical keyUsages set (as is the case with the provided test certificates) and therefore could be used in either mode, or 2) have the proper critical keyUsage setting that corresponds to the mode/action (dataEncipherment for ENCRYPT_MODE and keyEncipherment for WRAP_MODE).
We have tested with JRE 1.4.2_08 and wss4j 1.1.0 using the wss4j provided certificates (no keyUsages), and ones created using OpenSSL with only the digitalSignature and keyEncipherment critical keyUsages set. With the latter set of keys, we encounter the InvalidKeyException in WSEncryptBody.build at the line "cipher.init(Cipher.ENCRYPT_MODE, remoteCert);" If, however, this is changed to cipher.init(Cipher.WRAP_MODE, remoteCert);, no exception is thrown with either set of keys and encryption works as expected.
When you say for RSA both ENCRYPT_MODE and WRAP_MODE are identical, do you mean a specific Provider? It is my belief that the javax.crypto.Cipher class is performing the check of critical keyUsages, and is therefore independent of any specific Provider?
Thanks,
--Scott
________________________________
From: Werner Dittmann [mailto:Werner.Dittmann@t-online.de]
Sent: Sat 2/4/2006 12:51 AM
To: Maxwell Scott
Cc: wss4j-dev@ws.apache.org
Subject: Re: Incompatibility of WSS4J encryption with PKI certificates specifying critical keyUsage
Scott,
untils now we never had such a problem :-). In fact the WS Security does
not use the public/private keys to encrypt / decrypt the data but uses
a random session key and encrypts the data using a symmetrical cipher.
The public key is used the encrypt this random session key. Thus, in
fact we use a KeyWarp. But for RSA the ENCRYPT_MODE and WRAP_MODE are
identical. Which vesion of Java do you use?
We'll need to test if the WRAP/UNWARP modes works as expected.
Regrads,
Werner
yes and no.
Maxwell Scott wrote:
> I've been trying to configure the WSS4J samples using sender actions
> Signature and Encryption using our PKI certificates. Our PKI poses
> strict rules on certificate keyUsage. Basically, certificates are only
> ever given the keyUsages of digitalSignature and keyEncipherment. The
> keyUsage dataEncipherment is not allowed, presumably to avoid
> inefficient encryption using the public/private key pairs instead of a
> symmetric session key.
>
> Using these certificates (with keyUsage) results in an
> InvalidKeyException when initializing a javax.crypto.Cipher in the
> ENCRYPT_MODE as in WSEncryptBody.build:
>
> cipher.init(Cipher.ENCRYPT_MODE, remoteCert);
>
>
> To support both cases (certs with no keyUsage, and certificates with
> critical keyUsage allowing keyEncipherment but not dataEncipherment) I
> think a better solution would be to use the WRAP_MODE, changing the
> encryption of session keys with public keys from encryptedKey =
> cipher.doFinal(encKey); to encryptedKey =
> cipher.wrap(this.encryptionKey); This also has to be handled
> appropriately (perform an UNWRAP) on the receiver's end in
> WSSecurityEngine.handleEncryptedKey.
>
> Does this sound correct?
>
> --Scott
Re: Incompatibility of WSS4J encryption with PKI certificates specifying
critical keyUsage
Posted by Werner Dittmann <We...@t-online.de>.
Scott,
untils now we never had such a problem :-). In fact the WS Security does
not use the public/private keys to encrypt / decrypt the data but uses
a random session key and encrypts the data using a symmetrical cipher.
The public key is used the encrypt this random session key. Thus, in
fact we use a KeyWarp. But for RSA the ENCRYPT_MODE and WRAP_MODE are
identical. Which vesion of Java do you use?
We'll need to test if the WRAP/UNWARP modes works as expected.
Regrads,
Werner
yes and no.
Maxwell Scott wrote:
> I've been trying to configure the WSS4J samples using sender actions
> Signature and Encryption using our PKI certificates. Our PKI poses
> strict rules on certificate keyUsage. Basically, certificates are only
> ever given the keyUsages of digitalSignature and keyEncipherment. The
> keyUsage dataEncipherment is not allowed, presumably to avoid
> inefficient encryption using the public/private key pairs instead of a
> symmetric session key.
>
> Using these certificates (with keyUsage) results in an
> InvalidKeyException when initializing a javax.crypto.Cipher in the
> ENCRYPT_MODE as in WSEncryptBody.build:
>
> cipher.init(Cipher.ENCRYPT_MODE, remoteCert);
>
>
> To support both cases (certs with no keyUsage, and certificates with
> critical keyUsage allowing keyEncipherment but not dataEncipherment) I
> think a better solution would be to use the WRAP_MODE, changing the
> encryption of session keys with public keys from encryptedKey =
> cipher.doFinal(encKey); to encryptedKey =
> cipher.wrap(this.encryptionKey); This also has to be handled
> appropriately (perform an UNWRAP) on the receiver's end in
> WSSecurityEngine.handleEncryptedKey.
>
> Does this sound correct?
>
> --Scott
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Incompatibility of WSS4J encryption with PKI certificates specifying
critical keyUsage
Posted by Werner Dittmann <We...@t-online.de>.
Scott,
untils now we never had such a problem :-). In fact the WS Security does
not use the public/private keys to encrypt / decrypt the data but uses
a random session key and encrypts the data using a symmetrical cipher.
The public key is used the encrypt this random session key. Thus, in
fact we use a KeyWarp. But for RSA the ENCRYPT_MODE and WRAP_MODE are
identical. Which vesion of Java do you use?
We'll need to test if the WRAP/UNWARP modes works as expected.
Regrads,
Werner
yes and no.
Maxwell Scott wrote:
> I've been trying to configure the WSS4J samples using sender actions
> Signature and Encryption using our PKI certificates. Our PKI poses
> strict rules on certificate keyUsage. Basically, certificates are only
> ever given the keyUsages of digitalSignature and keyEncipherment. The
> keyUsage dataEncipherment is not allowed, presumably to avoid
> inefficient encryption using the public/private key pairs instead of a
> symmetric session key.
>
> Using these certificates (with keyUsage) results in an
> InvalidKeyException when initializing a javax.crypto.Cipher in the
> ENCRYPT_MODE as in WSEncryptBody.build:
>
> cipher.init(Cipher.ENCRYPT_MODE, remoteCert);
>
>
> To support both cases (certs with no keyUsage, and certificates with
> critical keyUsage allowing keyEncipherment but not dataEncipherment) I
> think a better solution would be to use the WRAP_MODE, changing the
> encryption of session keys with public keys from encryptedKey =
> cipher.doFinal(encKey); to encryptedKey =
> cipher.wrap(this.encryptionKey); This also has to be handled
> appropriately (perform an UNWRAP) on the receiver's end in
> WSSecurityEngine.handleEncryptedKey.
>
> Does this sound correct?
>
> --Scott
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org