Hello, I am trying to encrypt a cxf web-service request using the RSA-OAEP algorithm because it is required on the endpoint side (Microsoft). I provide the "encryptionSymAlgorithm" as the corresponding URI ( http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p) and set the "org.apache.ws.security.crypto.provider" to org.apache.ws.security.components.crypto.Merlin. I am using the latest WSS4j, version 1.5.7.
The first issue I received was a NullPointerException in WSSecEncrypt.java trying to use a KeyGenerator that was null. It seems like this was a bug that Dan Kulp triaged in the post: http://www.nabble.com/Re:-WS-Security-RSA-Excrytion-exception..-td23974303.html I have checked out trunk which is building the latest 1.6 SNAPSHOT since I noticed that a fix to WSSecEncrypt.java, to use a JCEMapper, was applied. The problem is that once I build the trunk version of wss4j (using java 1.6), I am missing the Merlin provider so I'm not sure what to use for the "org.apache.ws.security.crypto.provider" property. How do I use the crypto provider under Java 1.6? Also, I've noticed that I would have to recompile CXF to work with the trunk version of WSS4j (Vector -> List type change). Am I going down the right path to make WSS4j work with RSA-OAEP? Thanks in advance, Tony
