You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by "Samisa Abeysinghe (JIRA)" <ji...@apache.org> on 2010/12/22 12:06:03 UTC
[jira] Updated: (RAMPART-216) Wrong SignatureMethod and
DigestMethod generated in request in case of algoritm suite having SHA256
hashing algorithm (example: Basic256Sha256)
[ https://issues.apache.org/jira/browse/RAMPART-216?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Samisa Abeysinghe updated RAMPART-216:
--------------------------------------
Assignee: (was: Ruchith Udayanga Fernando)
> Wrong SignatureMethod and DigestMethod generated in request in case of algoritm suite having SHA256 hashing algorithm (example: Basic256Sha256)
> -----------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: RAMPART-216
> URL: https://issues.apache.org/jira/browse/RAMPART-216
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core, rampart-integration, rampart-policy
> Affects Versions: 1.3
> Environment: Windows XP/Vista, Java 1.4.2, Axis 2 1.3, Rampart 1.3
> Reporter: Heinz Zerbes
> Fix For: NextVersion
>
>
> My Rampart policy has a algoritm suit = Base256Sha256. In rest it is very simple (I will attach it to this issue).
> I expected to get from this suite a SignedInfo element in request like this:
> <ds:SignedInfo>
> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
> <ds:Reference URI="#Id-27120928">
> <ds:Transforms>
> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> </ds:Transforms>
> <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
> <ds:DigestValue>.....</ds:DigestValue>
> </ds:Reference>
> But instead I get the following (always 'sha1'):
> <ds:SignedInfo>
> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
> <ds:Reference URI="#Id-27120928">
> <ds:Transforms>
> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> </ds:Transforms>
> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
> <ds:DigestValue>....</ds:DigestValue>
> </ds:Reference>
> It makes no difference what algorithms suit I take. I always get 'sha1'.
> In class org.apache.ws.secpolicy.model.AlgorithmSuite there is only asymmetricSignature = Constants.RSA_SHA1. In Constants.java the same. Thus the getAsymmetricSignature() method always return SHA1.
> Here is my policy:
> <wsdl:definitions xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:xsd="http://www.w3.org/2001/XMLSchema" name="TelematikPolicy" targetNamespace="http://ws.test.xy/tel/transport/v1.2">
> <wsdl:documentation>
> </wsdl:documentation>
> <wsp:Policy wsu:Id="TelematicsTransport_Binding_Signed_Policy">
> <wsp:ExactlyOne>
> <wsp:All>
> <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <wsp:Policy>
> <sp:InitiatorToken>
> <wsp:Policy>
> <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
> <wsp:Policy>
> <sp:WssX509V3Token10/>
> </wsp:Policy>
> </sp:X509Token>
> </wsp:Policy>
> </sp:InitiatorToken>
> <sp:RecipientToken>
> <wsp:Policy>
> <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
> <wsp:Policy>
> <sp:WssX509V3Token10/>
> </wsp:Policy>
> </sp:X509Token>
> </wsp:Policy>
> </sp:RecipientToken>
> <sp:AlgorithmSuite>
> <wsp:Policy>
> <sp:sp:Basic256Sha256/>
> </wsp:Policy>
> </sp:AlgorithmSuite>
> <sp:Layout>
> <wsp:Policy>
> <sp:Lax/>
> </wsp:Policy>
> </sp:Layout>
> <sp:IncludeTimestamp/>
> <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <sp:Body/>
> </sp:SignedParts>
> </wsp:Policy>
> </sp:AsymmetricBinding>
> <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <wsp:Policy>
> <sp:MustSupportRefIssuerSerial/>
> </wsp:Policy>
> </sp:Wss10>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:Policy>
> </wsdl:definitions>
> Is there any workarround for this problem? I would appreciate it very much if you could give me a good hint! It's urgent.
> Thank you a lot!
> Heinz
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org