Michael Haeusler created WSS-714:
------------------------------------
Summary: processing of Soap Message with AgreementMethod ECDH-ES
fails when X509SKI is used in RecipientKeyInfo
Key: WSS-714
URL: https://issues.apache.org/jira/browse/WSS-714
Project: WSS4J
Issue Type: Bug
Affects Versions: 3.0.4
Reporter: Michael Haeusler
Assignee: Colm O hEigeartaigh
Attachments: recipientKeyInfoBroken.xml
When processing the attached Soap Message, the decryption will fail because no
recipient certificate is found.
it works if the X509SKI is transformed into a SecurityTokenReference
I checked the code EncryptedKeyProcessor and found that the handling for
X509SKI is not existing.
while investigating the code I found some more problems in the processor:
# only one child element of RecipientKeyInfo is considered for resolving the
certificate.
# when a KeyValue element is used instead of X509Data element, it will fail
with a MarshallingException because XMLSignatureFactory cannot parse a
RecipientKeyInfo because it expects a KeyInfo element
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
