Uploaded image for project: 'Santuario'
  1. Santuario
  2. SANTUARIO-406

RSA/ECB/OAEPWithSHA-256AndMGF1Padding not working

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: Java 2.0.2
    • Fix Version/s: Java 1.5.8, Java 2.0.3
    • Component/s: Java
    • Labels:
      None

      Description

      Using the Cipher "RSA/ECB/OAEPWithSHA-256AndMGF1Padding" as encryption algorithm to encrypt a session key is not possible at the moment.

      The given digest algorithm for the Cipher is used in XmlCipher.java, method constructCipher(String, String) to decide which implementation of the OAEP Padding to use: In that method however the code only checks if the given digestAlgorithm is null or ALGO_ID_DIGEST_SHA1 and in these cases uses the algorithm "RSA/ECB/OAEPWithSHA1AndMGF1Padding". The digestAlgorithm ALGO_ID_DIGEST_SHA256 is not handled if used together with RSA/ECB/OAEP Padding.

      The attached patch fixes this behavior by also considering the SHA-256 digest. This patch is the smallest possible fix for the behavior. Maybe a nicer solution for the future would be to change the JCEMapper class to consider the digest algorithm.

        Attachments

        1. XMLCipher.java.patch
          1.0 kB
          Thomas Konstantinides

          Activity

            People

            • Assignee:
              coheigea Colm O hEigeartaigh
              Reporter:
              thomas_konst Thomas Konstantinides
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: