Thanks, Hans. I just checked those out, and where as the ca.cer and root.cer cannot be used for dataEncipherment (i.e., encryption or ENCRYPT_MODE), they also cannot be used for keyEncipherment (i.e., key encryption or WRAP_MODE) - because they are certificate authority (CA) certificates.
The Bob.cer, Alice.cer, and WssIP.cer also contain critical keyUsage - but they allow both dataEncipherment and keyEncipherment so when it comes to encryption (of keys or any other data) they are no more restrictive than a certificate without any keyUsages set. I am specifically referring to a case where the certificates allow keyEncipherment, but not dataEncipherment. WS-Security should be able to work with these keys because the public keys are just used to encrypt (wrap) random session keys, which in turn actually perform the data encipherment. However, our testing has found that wss4j does not use these keys properly. Thanks, --Scott -----Original Message----- From: Granqvist, Hans [mailto:[EMAIL PROTECTED] Sent: Monday, February 06, 2006 8:55 AM To: Werner Dittmann; Maxwell Scott Cc: [email protected] Subject: RE: Incompatibility of WSS4J encryption with PKI certificates specifying critical keyUsage FWIW: The Gartner interop certs (in trunk/interop/keys) contain critical key usage. For instance, the ca cert should not be usable for encryption. Thanks, Hans > -----Original Message----- > From: Werner Dittmann [mailto:[EMAIL PROTECTED] > Sent: Sunday, February 05, 2006 12:09 AM > To: Maxwell Scott > Cc: [email protected] > Subject: Re: Incompatibility of WSS4J encryption with PKI certificates > specifying critical keyUsage > > Scott, > > you are right that WSS4J currently uses the ENCRYPT mode to encrypt a > symmetric key. We never yet tested it with certificates that include > the key usage stuff (nor did we get any report from other users). > > Regarding the RSA: the Cipher class may perform the key usage checks, > however the implememtation of the underlying RSA cipher (at least for > the BouncyCastle implementation) makes no difference between a key > wrap and a simple encrypt mode. > Thus it is my belief that both modes are equivalent in this case. This > needs to be tested though. > > Regards, > Werner > > ... --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
