You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ws.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2016/02/29 12:33:18 UTC
[jira] [Commented] (WSS-572) EncryptedKeyProcessor does not respect
the CryptoProvider when initializing a new Cipher
[ https://issues.apache.org/jira/browse/WSS-572?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15171771#comment-15171771 ]
Colm O hEigeartaigh commented on WSS-572:
-----------------------------------------
Looks ok, but the patch doesn't apply on WSS4J master. I'd prefer to retain the old logic as well for the line:
"// Check to see if an RSA OAEP MGF-1 with SHA-1 algorithm was requested"
In the patch you are catching a WSSecurityException, whereas before this was only invoked on a NoSuchAlgorithmException. You could just check that the cause of the exception is a NoSuchAlgorithmException here perhaps.
Colm.
> EncryptedKeyProcessor does not respect the CryptoProvider when initializing a new Cipher
> ----------------------------------------------------------------------------------------
>
> Key: WSS-572
> URL: https://issues.apache.org/jira/browse/WSS-572
> Project: WSS4J
> Issue Type: Bug
> Reporter: Christian Mäder
> Assignee: Colm O hEigeartaigh
> Attachments: feature_cipher_from_provider.diff
>
>
> During the decryption I had the problem, that the Cipher was instantiated from BouncyCastle, but my (asymmetric) Key was from a different provider. That's when things excepted in crazy and hard-to-debug ways.
> The attached patch provides a fix in a way that the Cipher is always instantiated from the same provider as the Key. It also does a little bit of refactoring towards code, that is easier to grasp (IMO).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org