You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "David Valeri (JIRA)" <ji...@apache.org> on 2010/08/27 23:01:54 UTC
[jira] Created: (CXF-2963) Signature coverage of signed XML
Encryption elements created using standard WSS4J elements cannot be
verified with WS-SP configuration or the CryptoCoverageChecker
Signature coverage of signed XML Encryption elements created using standard WSS4J elements cannot be verified with WS-SP configuration or the CryptoCoverageChecker
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
Key: CXF-2963
URL: https://issues.apache.org/jira/browse/CXF-2963
Project: CXF
Issue Type: Bug
Components: WS-* Components
Affects Versions: 2.2.10, 2.3
Reporter: David Valeri
Priority: Minor
When using manual configuration of WSS4J on the client outbound interceptor chain, the resulting message contains extraneous Id attributes on the signed XML Encryption elements. The signature is computed using a different attribute value than that reported by the encryption results from WSS4J on the server side.
For instance, the following signed element is referenced in different ways:
<xenc:EncryptedData xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EncDataId-659" Type="http://www.w3.org/2001/04/xmlenc#Element" wsu:Id="id-663">
Signature: <ds:Reference URI="#id-663">
Encryption: <xenc:DataReference URI="#EncDataId-659" />
The extra ID invalidates the XML Encryption schema and troubles the logic that determines signed encrypted content.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (CXF-2963) Signature coverage of signed XML
Encryption elements created using standard WSS4J elements cannot be
verified with WS-SP configuration or the CryptoCoverageChecker
Posted by "David Valeri (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-2963?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Valeri resolved CXF-2963.
-------------------------------
Fix Version/s: 2.3
2.2.11
Resolution: Fixed
> Signature coverage of signed XML Encryption elements created using standard WSS4J elements cannot be verified with WS-SP configuration or the CryptoCoverageChecker
> -------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: CXF-2963
> URL: https://issues.apache.org/jira/browse/CXF-2963
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 2.2.10, 2.3
> Reporter: David Valeri
> Assignee: David Valeri
> Priority: Minor
> Fix For: 2.3, 2.2.11
>
>
> When using manual configuration of WSS4J on the client outbound interceptor chain, the resulting message contains extraneous Id attributes on the signed XML Encryption elements. The signature is computed using a different attribute value than that reported by the encryption results from WSS4J on the server side.
> For instance, the following signed element is referenced in different ways:
> <xenc:EncryptedData xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EncDataId-659" Type="http://www.w3.org/2001/04/xmlenc#Element" wsu:Id="id-663">
> Signature: <ds:Reference URI="#id-663">
> Encryption: <xenc:DataReference URI="#EncDataId-659" />
> The extra ID invalidates the XML Encryption schema and troubles the logic that determines signed encrypted content.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (CXF-2963) Signature coverage of signed XML
Encryption elements created using standard WSS4J elements cannot be
verified with WS-SP configuration or the CryptoCoverageChecker
Posted by "David Valeri (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-2963?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Valeri reassigned CXF-2963:
---------------------------------
Assignee: David Valeri
> Signature coverage of signed XML Encryption elements created using standard WSS4J elements cannot be verified with WS-SP configuration or the CryptoCoverageChecker
> -------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: CXF-2963
> URL: https://issues.apache.org/jira/browse/CXF-2963
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 2.2.10, 2.3
> Reporter: David Valeri
> Assignee: David Valeri
> Priority: Minor
>
> When using manual configuration of WSS4J on the client outbound interceptor chain, the resulting message contains extraneous Id attributes on the signed XML Encryption elements. The signature is computed using a different attribute value than that reported by the encryption results from WSS4J on the server side.
> For instance, the following signed element is referenced in different ways:
> <xenc:EncryptedData xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EncDataId-659" Type="http://www.w3.org/2001/04/xmlenc#Element" wsu:Id="id-663">
> Signature: <ds:Reference URI="#id-663">
> Encryption: <xenc:DataReference URI="#EncDataId-659" />
> The extra ID invalidates the XML Encryption schema and troubles the logic that determines signed encrypted content.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (CXF-2963) Signature coverage of signed XML
Encryption elements created using standard WSS4J elements cannot be
verified with WS-SP configuration or the CryptoCoverageChecker
Posted by "David Valeri (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-2963?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Valeri updated CXF-2963:
------------------------------
CXF Fields: (was: [Blocked on External])
> Signature coverage of signed XML Encryption elements created using standard WSS4J elements cannot be verified with WS-SP configuration or the CryptoCoverageChecker
> -------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: CXF-2963
> URL: https://issues.apache.org/jira/browse/CXF-2963
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 2.2.10, 2.3
> Reporter: David Valeri
> Assignee: David Valeri
> Priority: Minor
>
> When using manual configuration of WSS4J on the client outbound interceptor chain, the resulting message contains extraneous Id attributes on the signed XML Encryption elements. The signature is computed using a different attribute value than that reported by the encryption results from WSS4J on the server side.
> For instance, the following signed element is referenced in different ways:
> <xenc:EncryptedData xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EncDataId-659" Type="http://www.w3.org/2001/04/xmlenc#Element" wsu:Id="id-663">
> Signature: <ds:Reference URI="#id-663">
> Encryption: <xenc:DataReference URI="#EncDataId-659" />
> The extra ID invalidates the XML Encryption schema and troubles the logic that determines signed encrypted content.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.