Berin, Can you please send me your updated config.xml?
thanks, dims --- Berin Lautenbach <[EMAIL PROTECTED]> wrote: > >> Actually, because of all the problems with Gump (which is/was ignoring > >> bouncy castle) I've been doing exactly that. > >> The problem I'm running into is that the Sun JCE does not support the > >> relaxed version of PKCS5 padding that the Baltimore encryption interop > >> examples use. > > > > Can you be more specific? As of J2SE 1.5 (currently in beta), Sun's JCE > > provider supports the ISO 10126 Padding scheme used by XML Encryption. > > You need to specify ISO10126Padding as your padding algorithm when > > requesting a Cipher instance. > > <GRIN>. Yes I was being imprecise. > > Let me be more specific and give my understanding of where things are! > > ISO 10126 padding (used by XML encryption) is a more relaxed version of > PKCS5 padding, where the padding bytes (other than the last) do not need > to reference the padding length. > That means that if an encryptor uses PKCS5 padding, the decryptor can use > either PKCS5 or ISO 10126. However if the encryptor uses ISO10126, PKCS5 > decrypt breaks. > As Baltimore interops use true ISO 10126 (with random bytes in the padding > block), they do not decrypt using PKCS5 which is all 1.4 supports. > I have been using 1.4 JCE because of issues in the Gump builds where BC is > not being called (for some reason). > I had not looked at 1.5 as I was trying to fix 1.4, and thus the comment > above :>. > Cheers, > > > ===== Davanum Srinivas - http://webservices.apache.org/~dims/
