Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
3.1.8, 3.2.0
-
None
-
Unknown
-
Patch
Description
The KeyIdentifier type KeyName is a known element in the KeyInfo structure (https://www.w3.org/TR/xmldsig-core/#sec-KeyName) however the interceptor XmlSecOutInterceptor doesn't recognise it.
This causes the interceptor to assume the keyidentifier is X509KeyIdentifier, which in turn causes the undesired behaviour of the message being signed and sent with a keyidentifier that is not parsed by the endpoint. (Who expects a KeyName).
A small fix is to add KeyName as a valid KeyIdentifier allowing lower level libraries (santuario) to indicate that this KeyIdentifier type is not supported (yet, working on that as well)
Attachments
Issue Links
- links to
