axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hans G Knudsen (JIRA)" <j...@apache.org>
Subject [jira] Created: (AXIS2-2018) RAMPART : Incoming policy validation of Bulk Encryption Algorithms.
Date Tue, 23 Jan 2007 12:12:49 GMT
RAMPART : Incoming policy validation of Bulk Encryption Algorithms.
-------------------------------------------------------------------

                 Key: AXIS2-2018
                 URL: https://issues.apache.org/jira/browse/AXIS2-2018
             Project: Apache Axis 2.0 (Axis2)
          Issue Type: Bug
          Components: modules
            Reporter: Hans G Knudsen


Hi!

Rampart does not seem to validate the bulk encryption algorithm on an incoming message againts
the algorithm specified in the policy.

eg
when <sp:Basic256/> / <sp:Basic256Rsa15/> is specified - check that received algorithm
url is http://www.w3.org/2001/04/xmlenc#aes256-cbc
- same for 128 + 192 bit aes..
when  <sp:TripleDes>  -> http://www.w3.org/2001/04/xmlenc#tripledes-cbc
 

Would it conform to WS-standards to make these checks/validations ??


The needed information from the received messages is not collected by WSS4J / WSSecurityEngineResult,
and the original encrypted parts has been decrypted/replaced when reaching PolicyBasedResultsValidator,
so a few changes would be needed...


Should I add a "Collect Encryption algs for Encrypted Parts" on WSS4J issue : https://issues.apache.org/jira/browse/WSS-57
??


/hans

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: axis-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-dev-help@ws.apache.org


Mime
View raw message