You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by "Thomas Konstantinides (JIRA)" <ji...@apache.org> on 2014/11/24 09:45:12 UTC
[jira] [Created] (SANTUARIO-406)
RSA/ECB/OAEPWithSHA-256AndMGF1Padding not working
Thomas Konstantinides created SANTUARIO-406:
-----------------------------------------------
Summary: RSA/ECB/OAEPWithSHA-256AndMGF1Padding not working
Key: SANTUARIO-406
URL: https://issues.apache.org/jira/browse/SANTUARIO-406
Project: Santuario
Issue Type: Bug
Components: Java
Affects Versions: Java 2.0.2
Reporter: Thomas Konstantinides
Assignee: Colm O hEigeartaigh
Using the Cipher "RSA/ECB/OAEPWithSHA-256AndMGF1Padding" as encryption algorithm to encrypt a session key is not possible at the moment.
The given digest algorithm for the Cipher is used in XmlCipher.java, method constructCipher(String, String) to decide which implementation of the OAEP Padding to use: In that method however the code only checks if the given digestAlgorithm is null or ALGO_ID_DIGEST_SHA1 and in these cases uses the algorithm "RSA/ECB/OAEPWithSHA1AndMGF1Padding". The digestAlgorithm ALGO_ID_DIGEST_SHA256 is not handled if used together with RSA/ECB/OAEP Padding.
The attached patch fixes this behavior by also considering the SHA-256 digest. This patch is the smallest possible fix for the behavior. Maybe a nicer solution for the future would be to change the JCEMapper class to consider the digest algorithm.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)