Details
-
Bug
-
Status: Closed
-
Minor
-
Resolution: Fixed
-
1.6.18
-
None
Description
WSSecSignature().init not flexible to use custom java.security.Provider
Which leads to the exceptions to use non-standard implementations of encryption algorithms
Current code:
WSSecSignature.java
public WSSecSignature() {
super();
init();
}
public WSSecSignature(WSSConfig config) {
super(config);
init();
}
private void init() {
// Try to install the Santuario Provider - fall back to the JDK provider if this does
// not work
try {
signatureFactory = XMLSignatureFactory.getInstance("DOM", "ApacheXMLDSig");
} catch (NoSuchProviderException ex) {
signatureFactory = XMLSignatureFactory.getInstance("DOM");
}
try {
keyInfoFactory = KeyInfoFactory.getInstance("DOM", "ApacheXMLDSig");
} catch (NoSuchProviderException ex) {
keyInfoFactory = KeyInfoFactory.getInstance("DOM");
}
}
My example of solution:
WSSecSignature.java
public CustomWSSecSignature() { super(); init(null); } public CustomWSSecSignature(Provider povider) { super(); init(povider); } private void init(Provider povider) { if (povider == null) try { // Try to install the Santuario Provider - fall back to the JDK provider if this does // not work signatureFactory = XMLSignatureFactory.getInstance("DOM", "ApacheXMLDSig"); } catch (NoSuchProviderException ex) { signatureFactory = XMLSignatureFactory.getInstance("DOM"); } else signatureFactory = XMLSignatureFactory.getInstance("DOM", povider); KeyInfoFactory keyInfoFactory = signatureFactory.getKeyInfoFactory(); }
It will be very useful to use in vss4j