[prev in list] [next in list] [prev in thread] [next in thread]
List: wss4j-dev
Subject: [jira] Resolved: (WSS-119) Error in Singature Processor
From: "Fred Dushin (JIRA)" <jira () apache ! org>
Date: 2008-05-27 15:10:14
Message-ID: 1088216203.1211901014105.JavaMail.jira () brutus
[Download RAW message or body]
[ https://issues.apache.org/jira/browse/WSS-119?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel \
]
Fred Dushin resolved WSS-119.
-----------------------------
Resolution: Fixed
Resolved by Nandana
> Error in Singature Processor
> -----------------------------
>
> Key: WSS-119
> URL: https://issues.apache.org/jira/browse/WSS-119
> Project: WSS4J
> Issue Type: Bug
> Components: WSS4J Core
> Reporter: Nandana Mihindukulasooriya
> Assignee: Nandana Mihindukulasooriya
> Fix For: 1.5.4
>
> Attachments: WSS-119.patch
>
>
> In Signature processor, when the signature is created using an encrypted key, it \
> processes the encrypted key even if it is already processed. I think this is wrong. \
> It causes problems if EncryptedKey have internal data refs, it causes Exceptions as \
> the data refs are already decrypted. Even if doesn't cause errors, it is an \
> inefficient way to this as we process the encrypted key twice. Current :
> if (el.equals(WSSecurityEngine.ENCRYPTED_KEY)){
> EncryptedKeyProcessor encryptKeyProcessor = new EncryptedKeyProcessor();
> encryptKeyProcessor.handleEncryptedKey((Element)token, cb, crypto);
> secretKey = encryptKeyProcessor.getDecryptedBytes();
>
> }
> Should be :
> if (el.equals(WSSecurityEngine.ENCRYPTED_KEY)){
>
> String encryptedKeyID = token.getAttributeNS(null,"Id");
> EncryptedKeyProcessor encryptKeyProcessor = (EncryptedKeyProcessor)
> wsDocInfo.getProcessor(encryptedKeyID);
>
> if (encryptKeyProcessor == null ) {
>
> encryptKeyProcessor = new EncryptedKeyProcessor();
> encryptKeyProcessor.handleEncryptedKey((Element)token, cb, crypto);
>
> }
>
> secretKey = encryptKeyProcessor.getDecryptedBytes();
>
> }
> thanks,
> nandana
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic