[
https://issues.apache.org/jira/browse/WSS-716?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved WSS-716.
-------------------------------------
Resolution: Fixed
> DigestMethod is written for key EncryptionMethod AES-KW
> -------------------------------------------------------
>
> Key: WSS-716
> URL: https://issues.apache.org/jira/browse/WSS-716
> Project: WSS4J
> Issue Type: Bug
> Components: WSS4J Core
> Affects Versions: 3.0.4
> Reporter: Thomas Beckers
> Assignee: Colm O hEigeartaigh
> Priority: Major
> Labels: pull-request-available
> Fix For: 4.0.0, 3.0.5
>
> Attachments: image-2025-01-07-13-30-48-625.png,
> image-2025-01-07-13-31-45-738.png, image-2025-01-07-13-33-47-690.png,
> wss4j.xml
>
>
> _DigestMethod_ is written for key _EncryptionMethod_ AES-KW:
> !image-2025-01-07-13-30-48-625.png|width=693,height=225!
> The digest is only relevant for RSA-OAEP key transport, not for AES-KW:
> !image-2025-01-07-13-31-45-738.png|width=457,height=61!
> According to XML Encryption 1.1 spec this must also be treated as an error:
> !image-2025-01-07-13-33-47-690.png|width=694,height=120!
> [https://www.w3.org/TR/xmlenc-core1/#sec-EncryptionMethod]
>
> phase4 ([https://github.com/phax/phase4)] sets the digest to SHA-256 which
> should be no problem because the RSA-OAEP parameters must not be written for
> AES-KW.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
