Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Cannot Reproduce
-
2.0.7
-
None
-
None
Description
When multiple attachments are used for decrypting using Stax Apis in WSS4j, decryption does not work
The decryption works fine for 1st attachment (I can see that javax.security.auth.callback.CallbackHandler#handle(javax.security.auth.callback.Callback[]) API for both AttachmentRequestCallback and AttachmentResultCallback are invoked for first attachment and also AttachmentResultCallback returned decrypted the data )but it breaks with error Cipher not initialized for second attachment. For 2nd attachment, AttachmentRequestCallback goes fine where we set everything but handle call for AttachmentResultCallback breaks with error Cipher not initialized (before invoking password callbacks) when we try to read decrypted data.
Caused by: java.lang.IllegalStateException: Cipher not initialized
at javax.crypto.Cipher.d(Unknown Source)
at javax.crypto.Cipher.doFinal(Unknown Source)
at javax.crypto.CipherInputStream.close(Unknown Source)