could you please log a bug report?
thanks,
dims
On 8/23/05, Thilo Frotscher <[EMAIL PROTECTED]> wrote:
>
> Hello,
>
> I think that I found a bug in class WSSecurityEngine, method
> handleEncryptedKey(Element, CallbackHandler, Crypto, Private Key)
> (appox line 1042)
>
> Current code:
>
> else if (secRef.containsKeyIdentifier()) {
> X509Certificate[] certs = secRef.getKeyIdentifier(crypto);
> if (certs == null || certs.length !=1 || certs[0] == null) {
> throw new WSSecurityException...
> ...
> }
>
> If I use certs that were signed by a CA, the array "certs"
> contains more than one element, e.g. the user's cert plus
> the cert of the CA. In this case certs.length != 1 and an
> exception is thrown. However, I don't think that this is
> an error. In my opinion the line should read
>
> if (certs == null || certs.length < 1 || certs[0] == null) {
>
> I had to patch WSS4J 1.0.0 this way to make my application
> work. Please consider to change this for the next official
> release.
>
> BTW: when will WSS4J 1.0.1 be available?
>
> Thanks,
> Thilo
>
>
>
>
>
>
--
Davanum Srinivas : http://wso2.com/ - Oxygenating The Web Service Platform
