https://issues.apache.org/bugzilla/show_bug.cgi?id=49465
--- Comment #2 from Clement Pellerin <[email protected]> 2010-09-30 16:54:39 EDT --- I agree subclassing does not fit the design of the static factory methods XMLCipher.getInstance(). There is bound to be a better solution if we can consider more visible changes to the API. Your suggestion is promising but not sufficient in itself. The essence of the problem occurs in EncryptedKeyResolver.engineLookupAndResolveSecretKey(): XMLCipher cipher = XMLCipher.getInstance(); cipher.init(XMLCipher.UNWRAP_MODE, _kek); This XMLCipher object is created internally. The user does not control its options. We need to attach the KeyResolvers from the outer XMLCipher into this one. Usually this is done by registering the KeyResolvers globally. The whole point of my effort is to allow different KeyResolvers on different XMLCipher objects so this is not applicable. An elegant solution would be to pass a context around but we are not designing JSR-106 from scratch here. A possible solution would be to pass the outer XMLCipher in the EncryptedKeyResolver when it is created in XMLCipher.decryptToByteArray() This is the code that needs modifications: ki.registerInternalKeyResolver( new EncryptedKeyResolver( encryptedData.getEncryptionMethod().getAlgorithm(), _kek)); Then we could pass the outer XMLCipher KeyResolvers to the inner XMLCipher inside EncryptedKeyResolver. This is a simplified view since XMLCipher does not hold the KeyResolvers directly. Instead, the KeyResolvers are added to KeyInfo with the call KeyInfo.registerInternalKeyResolver(). Whatever the final solution becomes, I still think the clean up of the XMLCipher constructor and getInstance() methods stands on its own (if we keep the constructor private). Let's continue the discussion to discover what could be the best solution with reasonable changes to the public API. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
