(axis-axis2-java-rampart) branch master updated: RAMPART-437 SHA256 not supported for DigestAlgorithm for TransportBinding when specified correctly in policy.xml

Tue, 05 Nov 2024 12:05:05 -0800 

This is an automated email from the ASF dual-hosted git repository.

robertlazarski pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/axis-axis2-java-rampart.git


The following commit(s) were added to refs/heads/master by this push:
     new 6d85d98d RAMPART-437 SHA256 not supported for DigestAlgorithm for 
TransportBinding when specified correctly in policy.xml
6d85d98d is described below

commit 6d85d98d50bc019d6a085887f24a5d420977d312
Author: Robert Lazarski <[email protected]>
AuthorDate: Tue Nov 5 09:56:02 2024 -1000

    RAMPART-437 SHA256 not supported for DigestAlgorithm for TransportBinding 
when specified correctly in policy.xml
---
 .../java/org/apache/rampart/builder/TransportBindingBuilder.java | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git 
a/modules/rampart-core/src/main/java/org/apache/rampart/builder/TransportBindingBuilder.java
 
b/modules/rampart-core/src/main/java/org/apache/rampart/builder/TransportBindingBuilder.java
index 242612c1..4ab54e4f 100644
--- 
a/modules/rampart-core/src/main/java/org/apache/rampart/builder/TransportBindingBuilder.java
+++ 
b/modules/rampart-core/src/main/java/org/apache/rampart/builder/TransportBindingBuilder.java
@@ -248,6 +248,9 @@ public class TransportBindingBuilder extends BindingBuilder 
{
                 }
                 
                 dkSig.getParts().addAll(sigParts);
+
+               // 1.8.0 and later, see RAMPART-437
+               dkSig.setDigestAlgorithm(rpd.getAlgorithmSuite().getDigest());
                 
                 List<Reference> referenceList
                         = dkSig.addReferencesToSign(sigParts);
@@ -290,6 +293,8 @@ public class TransportBindingBuilder extends BindingBuilder 
{
                     sigParts.add(new WSEncryptionPart(sig.getBSTTokenId()));
                 }
                 
+               // 1.8.0 and later, see RAMPART-437
+               sig.setDigestAlgo(rpd.getAlgorithmSuite().getDigest());
                 List<Reference> referenceList
                         = sig.addReferencesToSign(sigParts);
 
@@ -526,6 +531,8 @@ public class TransportBindingBuilder extends BindingBuilder 
{
                 
sig.prepare(RampartUtil.getSignatureCrypto(rpd.getRampartConfig(), 
rmd.getCustomClassLoader()));
 
                 sig.getParts().addAll(sigParts);
+               // 1.8.0 and later, see RAMPART-437
+               sig.setDigestAlgo(rpd.getAlgorithmSuite().getDigest());
                 List<javax.xml.crypto.dsig.Reference> referenceList
                         = sig.addReferencesToSign(sigParts);
 
@@ -672,6 +679,8 @@ public class TransportBindingBuilder extends BindingBuilder 
{
                 
sig.prepare(RampartUtil.getSignatureCrypto(rpd.getRampartConfig(), 
rmd.getCustomClassLoader()));
 
                 sig.getParts().addAll(sigParts);
+               // 1.8.0 and later, see RAMPART-437
+               sig.setDigestAlgo(rpd.getAlgorithmSuite().getDigest());
                 List<Reference> referenceList
                         = sig.addReferencesToSign(sigParts);

Reply via email to