santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Thomas Konstantinides <Thomas.Konstantini...@isb-ag.de>
Subject AW: Patch for using RSA/ECB/OAEPWithSHA-256AndMGF1Padding
Date Mon, 24 Nov 2014 09:21:20 GMT
Hi Colm,

I opened https://issues.apache.org/jira/browse/SANTUARIO-406 and attached the patch.

Thomas

Von: Colm O hEigeartaigh [mailto:coheigea@apache.org]
Gesendet: Freitag, 21. November 2014 12:33
An: dev@santuario.apache.org
Betreff: Re: Patch for using RSA/ECB/OAEPWithSHA-256AndMGF1Padding

Hi Thomas,

Yes, please log a JIRA and attach a patch.
Colm.

On Thu, Nov 20, 2014 at 4:04 PM, Thomas Konstantinides <Thomas.Konstantinides@isb-ag.de<mailto:Thomas.Konstantinides@isb-ag.de>>
wrote:
Hi,

I was trying to use the version 2.0.2 of santuario to encrypt a XML document with an AES key
where the AES key itself should be encrypted using an RSA public key.

However at the moment it seems not possible to use the Cipher "RSA/ECB/OAEPWithSHA-256AndMGF1Padding"
as the encryption algorithm to encrypt the AES key. This algorithm is supposed to be supported
by every implementation of the Java 7 platform  (see https://docs.oracle.com/javase/7/docs/api/javax/crypto/Cipher.html)
and is also provided by the SunJCE in Java 6 (https://docs.oracle.com/javase/6/docs/technotes/guides/security/SunProviders.html#SunJCEProvider).

The attached patch fixes this behavior by considering that the digestAlgorithm given to the
method constructCipher() in XMLCipher can be SHA-256 as well.

Maybe someone can double check if the patch is really needed or if there's other possibilities
to get RSA/ECB/OAEPWithSHA-256AndMGF1Padding to work with version 2.0.2.

I'd rise a jira issue if you find that this is really a bug.

Thanks and regards,
Thomas



--
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com
Mime
View raw message