duplicate xenc:EncryptedKey
---------------------------
Key: RAMPART-81
URL: https://issues.apache.org/jira/browse/RAMPART-81
Project: Rampart
Issue Type: Bug
Components: rampart-policy
Affects Versions: 1.3
Reporter: Abdelaziz Samari
The following code from the methode SymmetricBindingBuilder.doEncryptBeforeSig
rsp. SymmetricBindingBuilder.doSignBeforeEncrypt
seems to be buggy:
if(Constants.INCLUDE_ALWAYS.equals(encryptionToken.getInclusion()) ||
Constants.INCLUDE_ONCE.equals(encryptionToken.getInclusion()) ||
(rmd.isInitiator() &&
Constants.INCLUDE_ALWAYS_TO_RECIPIENT.equals(encryptionToken.getInclusion()))) {
encrTokenElement = RampartUtil.appendChildToSecHeader(rmd,
tok.getToken());
attached = true;
}
//In the X509 case we MUST add the EncryptedKey
if(encryptionToken instanceof X509Token) {
RampartUtil.appendChildToSecHeader(rmd, tok.getToken());
}
if both conditions are true, then 2 xenc:EncryptedKey are built as a
consequence of the instruction RampartUtil.appendChildToSecHeader(rmd,
tok.getToken());
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
