Uploaded image for project: 'WSS4J'
  1. WSS4J
  2. WSS-340

support Certificates revocation check before encrypt on sender side

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.6.4
    • Fix Version/s: 1.6.5
    • Component/s: None
    • Labels:
      None

      Description

      currently WSS4J can support Certificates revocation check(CRL and OCSP) when receiver side validate a signature. Similarly WSS4J should also support Certificates revocation check before encrypt on sender side, as in both case it's possible to use a revoked certificate. We can do it in EncryptionAction where we can load encrypt crypto and use the verifyTrust(certs, enableRevocation, enableOCSP) already there.

        Attachments

        1. WSS-340.patch
          10 kB
          Freeman Fang

          Activity

            People

            • Assignee:
              coheigea Colm O hEigeartaigh
              Reporter:
              ffang Freeman Fang
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: