You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by "Samisa Abeysinghe (JIRA)" <ji...@apache.org> on 2010/12/21 12:03:01 UTC
[jira] Resolved: (RAMPART-7) RAMPART : Incoming policy validation
of Bulk Encryption Algorithms.
[ https://issues.apache.org/jira/browse/RAMPART-7?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Samisa Abeysinghe resolved RAMPART-7.
-------------------------------------
Resolution: Fixed
https://issues.apache.org/jira/browse/WSS-57 is the one to watch. Resolving Rampart issue
> RAMPART : Incoming policy validation of Bulk Encryption Algorithms.
> -------------------------------------------------------------------
>
> Key: RAMPART-7
> URL: https://issues.apache.org/jira/browse/RAMPART-7
> Project: Rampart
> Issue Type: Bug
> Reporter: Hans G Knudsen
> Assignee: Ruchith Udayanga Fernando
>
> Hi!
> Rampart does not seem to validate the bulk encryption algorithm on an incoming message againts the algorithm specified in the policy.
> eg
> when <sp:Basic256/> / <sp:Basic256Rsa15/> is specified - check that received algorithm url is http://www.w3.org/2001/04/xmlenc#aes256-cbc
> - same for 128 + 192 bit aes..
> when <sp:TripleDes> -> http://www.w3.org/2001/04/xmlenc#tripledes-cbc
>
> Would it conform to WS-standards to make these checks/validations ??
> The needed information from the received messages is not collected by WSS4J / WSSecurityEngineResult, and the original encrypted parts has been decrypted/replaced when reaching PolicyBasedResultsValidator, so a few changes would be needed...
> Should I add a "Collect Encryption algs for Encrypted Parts" on WSS4J issue : https://issues.apache.org/jira/browse/WSS-57 ??
> /hans
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org