[
https://issues.apache.org/jira/browse/WSS-72?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12468759
]
Werner Dittmann commented on WSS-72:
------------------------------------
RSA is an asymmetric block cipher. The block size of RSA depends on the key
length and the
padding method. This is the reason why this check is in WSS4J. If the supplied
RSA key is too
small then it is possible that you cannot encrypt a large symmetric key, for
example a 256 byte AES key.
Ciphers like RC4 are not block ciphers but stream ciphers. If a cipher is a
block cipher or not
does not depend on it asymmetric or symmetric behaviour.
Regards,
Werner
> WSSecEncryptedKey rejects a conformant cipher when its getBlockSize() returns > 0
> -------------------------------------------------------------------------------
>
> Key: WSS-72
> URL: https://issues.apache.org/jira/browse/WSS-72
> Project: WSS4J
> Issue Type: Bug
> Environment: Windows XP
> Axis 1.4
> WSS4J 1.5.0
> Reporter: Akitoshi Yoshida
> Assigned To: Davanum Srinivas
>
> Method prepareInternal of WSSecEncrptedKey has the following code fragment:
> Cipher cipher = WSSecurityUtil.getCipherInstance(keyEncAlgo);
> try {
> cipher.init(Cipher.ENCRYPT_MODE, remoteCert);
> } catch (InvalidKeyException e) {
> throw new WSSecurityException(WSSecurityException.FAILED_ENC_DEC,
> null, null, e);
> }
> if (doDebug) {
> log.debug("cipher blksize: " + cipher.getBlockSize()
> + ", symm key length: " + keyBytes.length);
> }
> if (cipher.getBlockSize() < keyBytes.length) {
> throw new WSSecurityException(WSSecurityException.FAILURE,
> "unsupportedKeyTransp",
> new Object[] { "public key algorithm too weak to encrypt "
> + "symmetric key" });
> }
> The getCipherInstance(keyEncAlgo) instantiates a cipher using
> Cipher.getInstance("RSA/NONE/PKCS1PADDING").
> When the cipher is an RSA cipher, as in this case, some securiy providers may
> return 0 for its getBlockSize() method because RSA is not a block cipher. In
> particular, we found out that the IAIK 3.12 has this behavior of returing 0
> for this method.
> This causes the above code to throws the WSSecurityException.
> The documentation at
> http://java.sun.com/j2se/1.4.2/docs/api/javax/crypto/Cipher.html#getBlockSize()
> states that this method should return 0 for non-block ciphers.
> Therefore, we consider this problem to be a bug in WSSecEncrptedKey and
> request that the above if block to be commented out as:
> // RSA is not a block cipher and cipher.getBlockSize() may return 0
> // if (cipher.getBlockSize() < keyBytes.length) {
> // throw new WSSecurityException(WSSecurityException.FAILURE,
> // "unsupportedKeyTransp",
> // new Object[] { "public key algorithm too weak to
> encrypt "
> // + "symmetric key" });
> // }
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
