[
https://issues.apache.org/jira/browse/WSS-714?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17909271#comment-17909271
]
Michael Haeusler commented on WSS-714:
--------------------------------------
any feedback on the change ?
> processing of Soap Message with AgreementMethod ECDH-ES fails when X509SKI
> is used in RecipientKeyInfo
> -------------------------------------------------------------------------------------------------------
>
> Key: WSS-714
> URL: https://issues.apache.org/jira/browse/WSS-714
> Project: WSS4J
> Issue Type: Bug
> Affects Versions: 3.0.4
> Reporter: Michael Haeusler
> Assignee: Colm O hEigeartaigh
> Priority: Major
> Attachments: recipientKeyInfoBroken.xml
>
>
> When processing the attached Soap Message, the decryption will fail because
> no recipient certificate is found.
> it works if the X509SKI is transformed into a SecurityTokenReference
> I checked the code in EncryptedKeyProcessor and found that the handling for
> X509SKI does not exist.
> while investigating the code I found some more problems in the processor:
> # only the first child element of RecipientKeyInfo is considered for
> resolving the certificate.
> # when a KeyValue element is used instead of X509Data element, it will fail
> with a MarshallingException because XMLSignatureFactory cannot parse a
> RecipientKeyInfo because it expects a KeyInfo element
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@ws.apache.org
For additional commands, e-mail: dev-h...@ws.apache.org
