[prev in list] [next in list] [prev in thread] [next in thread]
List: wss4j-dev
Subject: [jira] Created: (WSS-119) Error in Singature Processor
From: "Nandana Mihindukulasooriya (JIRA)" <jira () apache ! org>
Date: 2008-05-22 5:41:55
Message-ID: 398760032.1211434915905.JavaMail.jira () brutus
[Download RAW message or body]
Error in Singature Processor
-----------------------------
Key: WSS-119
URL: https://issues.apache.org/jira/browse/WSS-119
Project: WSS4J
Issue Type: Bug
Reporter: Nandana Mihindukulasooriya
Assignee: Nandana Mihindukulasooriya
In Signature processor, when the signature is created using an encrypted key, it \
processes the encrypted key even if it is already processed. I think this is wrong. \
It causes problems if EncryptedKey have internal data refs, it causes Exceptions as \
the data refs are already decrypted. Even if doesn't cause errors, it is an \
inefficient way to this as we process the encrypted key twice.
Current :
if (el.equals(WSSecurityEngine.ENCRYPTED_KEY)){
EncryptedKeyProcessor encryptKeyProcessor = new \
EncryptedKeyProcessor();
encryptKeyProcessor.handleEncryptedKey((Element)token, cb, \
crypto);
secretKey = encryptKeyProcessor.getDecryptedBytes();
}
Should be :
if (el.equals(WSSecurityEngine.ENCRYPTED_KEY)){
String encryptedKeyID = token.getAttributeNS(null,"Id"); \
EncryptedKeyProcessor encryptKeyProcessor = \
(EncryptedKeyProcessor) wsDocInfo.getProcessor(encryptedKeyID);
if (encryptKeyProcessor == null ) {
encryptKeyProcessor = new EncryptedKeyProcessor();
encryptKeyProcessor.handleEncryptedKey((Element)token, \
cb, crypto);
}
secretKey = encryptKeyProcessor.getDecryptedBytes();
}
thanks,
nandana
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic