You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@santuario.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2019/03/29 13:32:00 UTC

[jira] [Closed] (SANTUARIO-490) Use requested SecureRandom for OAEP in XMLCipher.encryptKey

     [ https://issues.apache.org/jira/browse/SANTUARIO-490?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Colm O hEigeartaigh closed SANTUARIO-490.
-----------------------------------------

> Use requested SecureRandom for OAEP in XMLCipher.encryptKey
> -----------------------------------------------------------
>
>                 Key: SANTUARIO-490
>                 URL: https://issues.apache.org/jira/browse/SANTUARIO-490
>             Project: Santuario
>          Issue Type: Improvement
>          Components: Java
>    Affects Versions: Java 2.1.2
>            Reporter: Steve Mitchell
>            Assignee: Colm O hEigeartaigh
>            Priority: Major
>             Fix For: Java 2.1.3
>
>
> There is currently no mechanism to tell XMLCipher.encryptKey() which SecureRandom to use for the random generation within OAEP, so the Sun RNG is used. 
> To make this configurable, one could pass the SecureRandom algorithm to getProviderInstance, and encryptKey could use the requestedJCEProvider to create a SecureRandom instance.  Alternatively, add an optional secureRandom parameter to encryptKey.
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)