You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by "Nandana Mihindukulasooriya (JIRA)" <ji...@apache.org> on 2007/10/26 14:58:50 UTC
[jira] Commented: (RAMPART-81) duplicate xenc:EncryptedKey
[ https://issues.apache.org/jira/browse/RAMPART-81?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12537948 ]
Nandana Mihindukulasooriya commented on RAMPART-81:
---------------------------------------------------
I think this issue is fixed with patch submitted for RAMPART-94.
> duplicate xenc:EncryptedKey
> ---------------------------
>
> Key: RAMPART-81
> URL: https://issues.apache.org/jira/browse/RAMPART-81
> Project: Rampart
> Issue Type: Bug
> Components: rampart-policy
> Affects Versions: 1.3
> Reporter: Abdelaziz Samari
>
> The following code from the methode SymmetricBindingBuilder.doEncryptBeforeSig rsp. SymmetricBindingBuilder.doSignBeforeEncrypt
> seems to be buggy:
> if(Constants.INCLUDE_ALWAYS.equals(encryptionToken.getInclusion()) ||
> Constants.INCLUDE_ONCE.equals(encryptionToken.getInclusion()) ||
> (rmd.isInitiator() && Constants.INCLUDE_ALWAYS_TO_RECIPIENT.equals(encryptionToken.getInclusion()))) {
> encrTokenElement = RampartUtil.appendChildToSecHeader(rmd, tok.getToken());
> attached = true;
> }
>
> //In the X509 case we MUST add the EncryptedKey
> if(encryptionToken instanceof X509Token) {
> RampartUtil.appendChildToSecHeader(rmd, tok.getToken());
> }
> if both conditions are true, then 2 xenc:EncryptedKey are built as a consequence of the instruction RampartUtil.appendChildToSecHeader(rmd, tok.getToken());
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.