[WSS-474] Missing the 'EncodingType' attribute in element built by STRTransformUtil#createBSTX509 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.6.9
Fix Version/s: 1.6.12
Component/s: None
Labels:
None

Description

I have an incoming request that is being rejected due to a failure in signature validation. The message has a signature over a STR (using key identifier) and is produced by a different security engine (Oracle OSB).
I suspected some issues / different implementations in the canonicalization process, so I checked logs on the client side and finally compared the canonicalized fragments being digested on both sides.
The problem is that afaics they look different, basically the fragment on server side seem to be missing the 'EncodingType' attribute in the element that's built in WSS4J (1.6.x) STRTransformUtil#createBSTX509.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

STR-KI-REF-EncodingType.diff
13/Aug/13 16:23
2 kB
Alessio Soldano

Activity

People

Assignee:: Colm O hEigeartaigh

Reporter:: Alessio Soldano

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 13/Aug/13 16:22

Updated:: 07/Oct/14 08:02

Resolved:: 14/Aug/13 10:06