You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2014/11/24 12:21:22 UTC
svn commit: r1641364 - /santuario/xml-security-java/branches/1.5.x-fixes/src/main/java/org/apache/xml/security/encryption/XMLCipher.java

Author: coheigea
Date: Mon Nov 24 11:21:22 2014
New Revision: 1641364

URL: http://svn.apache.org/r1641364
Log:
[SANTUARIO-406] - RSA/ECB/OAEPWithSHA-256AndMGF1Padding not working. Thanks to Thomas Konstantinides for the patch.

Modified:
    santuario/xml-security-java/branches/1.5.x-fixes/src/main/java/org/apache/xml/security/encryption/XMLCipher.java

Modified: santuario/xml-security-java/branches/1.5.x-fixes/src/main/java/org/apache/xml/security/encryption/XMLCipher.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/1.5.x-fixes/src/main/java/org/apache/xml/security/encryption/XMLCipher.java?rev=1641364&r1=1641363&r2=1641364&view=diff
==============================================================================
--- santuario/xml-security-java/branches/1.5.x-fixes/src/main/java/org/apache/xml/security/encryption/XMLCipher.java (original)
+++ santuario/xml-security-java/branches/1.5.x-fixes/src/main/java/org/apache/xml/security/encryption/XMLCipher.java Mon Nov 24 11:21:22 2014
@@ -1606,21 +1606,7 @@ public class XMLCipher {
         } catch (NoSuchAlgorithmException nsae) {
             // Check to see if an RSA OAEP MGF-1 with SHA-1 algorithm was requested
             // Some JDKs don't support RSA/ECB/OAEPPadding
-            if (XMLCipher.RSA_OAEP.equals(algorithm)
-                && (digestAlgorithm == null 
-                    || MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA1.equals(digestAlgorithm))) {
-                try {
-                    if (requestedJCEProvider == null) {
-                        c = Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding");
-                    } else {
-                        c = Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding", requestedJCEProvider);
-                    }
-                } catch (Exception ex) {
-                    throw new XMLEncryptionException("empty", ex);
-                }
-            } else {
-                throw new XMLEncryptionException("empty", nsae);
-            }
+            c = constructCipher(algorithm, digestAlgorithm, nsae);
         } catch (NoSuchProviderException nspre) {
             throw new XMLEncryptionException("empty", nspre);
         } catch (NoSuchPaddingException nspae) {
@@ -1629,6 +1615,57 @@ public class XMLCipher {
         
         return c;
     }
+    
+    private Cipher constructCipher(String algorithm, String digestAlgorithm, Exception nsae) throws XMLEncryptionException {
+        if (!XMLCipher.RSA_OAEP.equals(algorithm)) {
+            throw new XMLEncryptionException("empty", nsae);
+        }
+        
+        if (digestAlgorithm == null 
+            || MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA1.equals(digestAlgorithm)) {
+            try {
+                if (requestedJCEProvider == null) {
+                    return Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding");
+                } else {
+                    return Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding", requestedJCEProvider);
+                }
+            } catch (Exception ex) {
+                throw new XMLEncryptionException("empty", ex);
+            }
+        } else if (MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA256.equals(digestAlgorithm)) {
+            try {
+                if (requestedJCEProvider == null) {
+                    return Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
+                } else {
+                    return Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding", requestedJCEProvider);
+                }
+            } catch (Exception ex) {
+                throw new XMLEncryptionException("empty", ex);
+            }
+        } else if (MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA384.equals(digestAlgorithm)) {
+            try {
+                if (requestedJCEProvider == null) {
+                    return Cipher.getInstance("RSA/ECB/OAEPWithSHA-384AndMGF1Padding");
+                } else {
+                    return Cipher.getInstance("RSA/ECB/OAEPWithSHA-384AndMGF1Padding", requestedJCEProvider);
+                }
+            } catch (Exception ex) {
+                throw new XMLEncryptionException("empty", ex);
+            }
+        } else if (MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA512.equals(digestAlgorithm)) {
+            try {
+                if (requestedJCEProvider == null) {
+                    return Cipher.getInstance("RSA/ECB/OAEPWithSHA-512AndMGF1Padding");
+                } else {
+                    return Cipher.getInstance("RSA/ECB/OAEPWithSHA-512AndMGF1Padding", requestedJCEProvider);
+                }
+            } catch (Exception ex) {
+                throw new XMLEncryptionException("empty", ex);
+            }
+        } else {
+            throw new XMLEncryptionException("empty", nsae);
+        }
+    }
 
     /**
      * Decrypt a key from a passed in EncryptedKey structure.  This version