[WSS-670] Expected signature algorithm is overwriten with default in case of DSA and EC Keys - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.2.5
Fix Version/s: 2.3.0, 2.2.6
Component/s: WSS4J Core
Labels:
None

Flags:

Important

Description

The SamlAssertionWrapper support the signing with a dedicated signature Algorithm.

org.apache.wss4j.common.saml.SamlAssertionWrapper.signAssertion(String, String, Crypto, boolean, String, String)

If signing is requested with signature method http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256, the SAML Assertion afterwards has:

Current behavior:
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>

Expected behavior:
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>

Attachments

Activity

People

Assignee:: Colm O hEigeartaigh

Reporter:: Thomas Papke

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 20/Apr/20 09:15

Updated:: 23/Dec/20 07:17

Resolved:: 20/Apr/20 14:44