Uploaded image for project: 'OpenSAML - C++'
  1. OpenSAML - C++
  2. CPPOST-52

Sibling EncryptedKey element is not resolved for decryption.

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 2.0, 2.1, 2.2, 2.2.1, 2.3
    • Fix Version/s: 2.4
    • Component/s: SAML 2
    • Labels:
      None
    • Operating System:
      Multiple
    • CPU Type:
      Multiple
    • C/C++ Compiler:
      Multiple

      Description

      If the EncryptedKey element is a sibling of the EncryptedData element, the key isn't located by the standard decryption routines.

      There are two problems: the wrong version of EncrytedKeyResolver is created in the decrypt method, it's the base class xmltooling version and not the modified opensaml version which knows about sibling elements. But the opensaml version only processes siblings if the Recipient attribute matches a recipient input parameter.

      We should fix the EKR class type, modify it to return the first sibling with an absent Recipient. We may also be able to add RetrievalMethod support to the base class version.

        Attachments

          Activity

            People

            Assignee:
            cantor.2@osu.edu Scott Cantor
            Reporter:
            cantor.2@osu.edu Scott Cantor
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: