[SANTUARIO-406] RSA/ECB/OAEPWithSHA-256AndMGF1Padding not working - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: Java 2.0.2
Fix Version/s: Java 1.5.8, Java 2.0.3
Component/s: Java
Labels:
None

Description

Using the Cipher "RSA/ECB/OAEPWithSHA-256AndMGF1Padding" as encryption algorithm to encrypt a session key is not possible at the moment.

The given digest algorithm for the Cipher is used in XmlCipher.java, method constructCipher(String, String) to decide which implementation of the OAEP Padding to use: In that method however the code only checks if the given digestAlgorithm is null or ALGO_ID_DIGEST_SHA1 and in these cases uses the algorithm "RSA/ECB/OAEPWithSHA1AndMGF1Padding". The digestAlgorithm ALGO_ID_DIGEST_SHA256 is not handled if used together with RSA/ECB/OAEP Padding.

The attached patch fixes this behavior by also considering the SHA-256 digest. This patch is the smallest possible fix for the behavior. Maybe a nicer solution for the future would be to change the JCEMapper class to consider the digest algorithm.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

XMLCipher.java.patch
24/Nov/14 08:45
1.0 kB
Thomas Konstantinides

Activity

People

Assignee:: Colm O hEigeartaigh

Reporter:: Thomas Konstantinides

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 24/Nov/14 08:44

Updated:: 13/Jan/15 10:07

Resolved:: 24/Nov/14 11:21