You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by "Samisa Abeysinghe (JIRA)" <ji...@apache.org> on 2010/12/22 12:06:03 UTC

[jira] Updated: (RAMPART-216) Wrong SignatureMethod and DigestMethod generated in request in case of algoritm suite having SHA256 hashing algorithm (example: Basic256Sha256)

     [ https://issues.apache.org/jira/browse/RAMPART-216?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Samisa Abeysinghe updated RAMPART-216:
--------------------------------------

    Assignee:     (was: Ruchith Udayanga Fernando)

> Wrong SignatureMethod and DigestMethod generated in request in case of algoritm suite having SHA256 hashing algorithm (example: Basic256Sha256)
> -----------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: RAMPART-216
>                 URL: https://issues.apache.org/jira/browse/RAMPART-216
>             Project: Rampart
>          Issue Type: Bug
>          Components: rampart-core, rampart-integration, rampart-policy
>    Affects Versions: 1.3
>         Environment: Windows XP/Vista, Java 1.4.2, Axis 2 1.3, Rampart 1.3
>            Reporter: Heinz Zerbes
>             Fix For: NextVersion
>
>
> My Rampart policy has a algoritm suit = Base256Sha256. In rest it is very simple (I will attach it to this issue).
> I expected to get from this suite a SignedInfo element in request like this:
> 				<ds:SignedInfo>
> 					<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> 					<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
> 					<ds:Reference URI="#Id-27120928">
> 						<ds:Transforms>
> 							<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> 						</ds:Transforms>
> 						<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
> 						<ds:DigestValue>.....</ds:DigestValue>
> 					</ds:Reference>
> But instead I get the following (always 'sha1'):
> 				<ds:SignedInfo>
> 					<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> 					<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
> 					<ds:Reference URI="#Id-27120928">
> 						<ds:Transforms>
> 							<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> 						</ds:Transforms>
> 						<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
> 						<ds:DigestValue>....</ds:DigestValue>
> 					</ds:Reference>
> It makes no difference what algorithms suit I take. I always get 'sha1'.
> In class org.apache.ws.secpolicy.model.AlgorithmSuite there is only asymmetricSignature = Constants.RSA_SHA1. In Constants.java the same. Thus the getAsymmetricSignature() method always return SHA1.
> Here is my policy:
> <wsdl:definitions xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:xsd="http://www.w3.org/2001/XMLSchema" name="TelematikPolicy" targetNamespace="http://ws.test.xy/tel/transport/v1.2">
> 	<wsdl:documentation>
> 	</wsdl:documentation>
> 	<wsp:Policy wsu:Id="TelematicsTransport_Binding_Signed_Policy">
> 		<wsp:ExactlyOne>
> 			<wsp:All>
> 				<sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> 					<wsp:Policy>
> 						<sp:InitiatorToken>
> 							<wsp:Policy>
> 								<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
> 									<wsp:Policy>
> 										<sp:WssX509V3Token10/>
> 									</wsp:Policy>
> 								</sp:X509Token>
> 							</wsp:Policy>
> 						</sp:InitiatorToken>
> 						<sp:RecipientToken>
> 							<wsp:Policy>
> 								<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
> 									<wsp:Policy>
> 										<sp:WssX509V3Token10/>
> 									</wsp:Policy>
> 								</sp:X509Token>
> 							</wsp:Policy>
> 						</sp:RecipientToken>
> 						<sp:AlgorithmSuite>
> 							<wsp:Policy>
> 								<sp:sp:Basic256Sha256/>
> 							</wsp:Policy>
> 						</sp:AlgorithmSuite>
> 						<sp:Layout>
> 							<wsp:Policy>
> 								<sp:Lax/>
> 							</wsp:Policy>
> 						</sp:Layout>
> 						<sp:IncludeTimestamp/>
> 						<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> 							<sp:Body/>
> 						</sp:SignedParts>
> 					</wsp:Policy>
> 				</sp:AsymmetricBinding>
> 				<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> 					<wsp:Policy>
> 						<sp:MustSupportRefIssuerSerial/>
> 					</wsp:Policy>
> 				</sp:Wss10>
> 			</wsp:All>
> 		</wsp:ExactlyOne>
> 	</wsp:Policy>
> </wsdl:definitions>
> Is there any workarround for this problem? I would appreciate it very much if you could give me a good hint! It's urgent.
> Thank you a lot!
> Heinz

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org