[jira] [Resolved] (CAMEL-12679) ensure camel-xmlsecurity can try key directly to decrypt message

Tue, 24 Jul 2018 19:34:38 -0700 


     [ 
https://issues.apache.org/jira/browse/CAMEL-12679?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Freeman Fang resolved CAMEL-12679.
----------------------------------
       Resolution: Fixed
    Fix Version/s: 2.23.0

> ensure camel-xmlsecurity can try key directly to decrypt message
> ----------------------------------------------------------------
>
>                 Key: CAMEL-12679
>                 URL: https://issues.apache.org/jira/browse/CAMEL-12679
>             Project: Camel
>          Issue Type: Improvement
>            Reporter: Freeman Fang
>            Assignee: Freeman Fang
>            Priority: Major
>             Fix For: 2.23.0
>
>
> If there is no EncryptedKey can be used,try the key directly to decrypt 
> message as fallback
> As both message
> {code}
> <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; 
> Type="http://www.w3.org/2001/04/xmlenc#Element";><xenc:EncryptionMethod 
> Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/><ds:KeyInfo 
> xmlns:ds="http://www.w3.org/2000/09/xmldsig#";><xenc:EncryptedKey 
> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";><xenc:EncryptionMethod 
> Algorithm="http://www.w3.org/2001/04/xmlenc#kw-tripledes"/><xenc:CipherData><xenc:CipherValue>/5nDlLI7jrETNrNG/5Nsw3qB9dSnZVwyj5OZZsUvZaHb/8oIayoMeg==</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>yP17O2otQdraY+W42w8i8U/pQQac1g84vWaGWqbS1tgCduFfjhnIz2ZqbFJ6n7Ow1cIeF5HyAoHRGaoDd4gbVw==</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData>
> {code}
> {code}
> <xenc:EncryptedData Id="StaticKeyEncryption">
>       <xenc:EncryptionMethod 
> Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc";>
>         <KeySize>168</KeySize>
>       </xenc:EncryptionMethod>
>       <ds:KeyInfo>
>         <ds:KeyName>mykey</ds:KeyName>
>       </ds:KeyInfo>
>       <xenc:CipherData>
>         
> <xenc:CipherValue>yP17O2otQdraY+W42w8i8U/pQQac1g84vWaGWqbS1tgCduFfjhnIz2ZqbFJ6n7Ow1cIeF5HyAoHRGaoDd4gbVw==</xenc:CipherValue>
>       </xenc:CipherData>
>     </xenc:EncryptedData>
> {code}
> are valid per the spec.
> Currently camel-xmlsecurity can handle the first case but not the second
> {code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to