You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@santuario.apache.org by "Thomas Konstantinides (JIRA)" <ji...@apache.org> on 2014/11/24 09:45:12 UTC

[jira] [Created] (SANTUARIO-406) RSA/ECB/OAEPWithSHA-256AndMGF1Padding not working

Thomas Konstantinides created SANTUARIO-406:
-----------------------------------------------

             Summary: RSA/ECB/OAEPWithSHA-256AndMGF1Padding not working
                 Key: SANTUARIO-406
                 URL: https://issues.apache.org/jira/browse/SANTUARIO-406
             Project: Santuario
          Issue Type: Bug
          Components: Java
    Affects Versions: Java 2.0.2
            Reporter: Thomas Konstantinides
            Assignee: Colm O hEigeartaigh


Using the Cipher "RSA/ECB/OAEPWithSHA-256AndMGF1Padding" as encryption algorithm to encrypt a session key is not possible at the moment.

The given digest algorithm for the Cipher is used in XmlCipher.java, method constructCipher(String, String) to decide which implementation of the OAEP Padding to use: In that method however the code only checks if the given digestAlgorithm is null or ALGO_ID_DIGEST_SHA1 and in these cases uses the algorithm "RSA/ECB/OAEPWithSHA1AndMGF1Padding". The digestAlgorithm ALGO_ID_DIGEST_SHA256 is not handled if used together with RSA/ECB/OAEP Padding.

The attached patch fixes this behavior by also considering the SHA-256 digest. This patch is the smallest possible fix for the behavior. Maybe a nicer solution for the future would be to change the JCEMapper class to consider the digest algorithm.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)