[
https://issues.apache.org/jira/browse/CXF-5013?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Syed Abdul Wadood updated CXF-5013:
-----------------------------------
Attachment: sha256_sigalg.patch
Here is the fix to enable support for sha256 signature algorithm.
> Need support for SHA256 Signature Algorithms
> --------------------------------------------
>
> Key: CXF-5013
> URL: https://issues.apache.org/jira/browse/CXF-5013
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 2.6.2
> Environment: All supported platforms
> Reporter: Syed Abdul Wadood
> Fix For: 2.6.7
>
> Attachments: sha256_sigalg.patch
>
> Original Estimate: 96h
> Remaining Estimate: 96h
>
> Due to the weakness of SHA1 algorithm, US National Institute of Standards and
> Technology (NIST) has recommended that SHA256 or higher algorithms be used.
> Using SHA256 is also required by Federal Information Processing Standard
> (FIPS).
> Currently, there is no way to specify SHA256 Signature algorithms when
> signing a message part using Web services security.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
