[jira] Resolved: (RAMPART-7) RAMPART : Incoming policy validation of Bulk Encryption Algorithms.

["Samisa Abeysinghe (JIRA)" <ji...@apache.org>]

     [ https://issues.apache.org/jira/browse/RAMPART-7?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Samisa Abeysinghe resolved RAMPART-7.
-------------------------------------

    Resolution: Fixed

https://issues.apache.org/jira/browse/WSS-57 is the one to watch. Resolving Rampart issue

> RAMPART : Incoming policy validation of Bulk Encryption Algorithms.
> -------------------------------------------------------------------
>
>                 Key: RAMPART-7
>                 URL: https://issues.apache.org/jira/browse/RAMPART-7
>             Project: Rampart
>          Issue Type: Bug
>            Reporter: Hans G Knudsen
>            Assignee: Ruchith Udayanga Fernando
>
> Hi!
> Rampart does not seem to validate the bulk encryption algorithm on an incoming message againts the algorithm specified in the policy.
> eg
> when <sp:Basic256/> / <sp:Basic256Rsa15/> is specified - check that received algorithm url is http://www.w3.org/2001/04/xmlenc#aes256-cbc
> - same for 128 + 192 bit aes..
> when  <sp:TripleDes>  -> http://www.w3.org/2001/04/xmlenc#tripledes-cbc
>  
> Would it conform to WS-standards to make these checks/validations ??
> The needed information from the received messages is not collected by WSS4J / WSSecurityEngineResult, and the original encrypted parts has been decrypted/replaced when reaching PolicyBasedResultsValidator, so a few changes would be needed...
> Should I add a "Collect Encryption algs for Encrypted Parts" on WSS4J issue : https://issues.apache.org/jira/browse/WSS-57 ??
> /hans

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org