-
Bug
-
Resolution: Not an Issue
-
P3
-
None
-
8u152
-
x86
-
linux
FULL PRODUCT VERSION :
ADDITIONAL OS VERSION INFORMATION :
Linux (all versions),
Windows (all versions)
A DESCRIPTION OF THE PROBLEM :
The classes com.sun.xml.wss.core.EncryptedKeyToken and com.sun.xml.wss.impl.apachecrypto.EncryptionProcessor have wrong method-calls on a jdk 8 environment.
Case EncryptedKeyToken:
the XMLCipher was originally created with XMLCipher.getInstance(algorithm) and after that, the encrypted key was loaded with encryptedKey = xmlc.loadEncryptedKey(elem).
Since jdk 8, the method XMLCipher.loadEncryptedKey(Document, Element) throws an exception, when cipherMode was not set. In jdk 7, where was only a LOG entry.
So the XMLCipher needs to initialized first, before the encrypted key can be loaded.
I've patched this with xmlc.init(XMLCipher.UNWRAP_MODE, null); after getInstance() to set the cipher-mode.
Second case (Encryption Processor)
There is on line 1053 a call to a changed Constructor of the JRE.
The call is _dataEncryptor = XMLCipher.getInstance(dataEncAlgo, _dataCipher); and there is no method with the signature String, Cipher anymore. (Was removed in jdk 8).
REGRESSION. Last worked in version 8u151
REPRODUCIBILITY :
This bug can be reproduced always.
CUSTOMER SUBMITTED WORKAROUND :
I've made a Workaround based on patching the xws-security jar with maven. See answer of https://stackoverflow.com/questions/47334111/error-while-getting-secretkey-from-encryptedkey-jre7-to-jre8-upgrade for more informations.
ADDITIONAL OS VERSION INFORMATION :
Linux (all versions),
Windows (all versions)
A DESCRIPTION OF THE PROBLEM :
The classes com.sun.xml.wss.core.EncryptedKeyToken and com.sun.xml.wss.impl.apachecrypto.EncryptionProcessor have wrong method-calls on a jdk 8 environment.
Case EncryptedKeyToken:
the XMLCipher was originally created with XMLCipher.getInstance(algorithm) and after that, the encrypted key was loaded with encryptedKey = xmlc.loadEncryptedKey(elem).
Since jdk 8, the method XMLCipher.loadEncryptedKey(Document, Element) throws an exception, when cipherMode was not set. In jdk 7, where was only a LOG entry.
So the XMLCipher needs to initialized first, before the encrypted key can be loaded.
I've patched this with xmlc.init(XMLCipher.UNWRAP_MODE, null); after getInstance() to set the cipher-mode.
Second case (Encryption Processor)
There is on line 1053 a call to a changed Constructor of the JRE.
The call is _dataEncryptor = XMLCipher.getInstance(dataEncAlgo, _dataCipher); and there is no method with the signature String, Cipher anymore. (Was removed in jdk 8).
REGRESSION. Last worked in version 8u151
REPRODUCIBILITY :
This bug can be reproduced always.
CUSTOMER SUBMITTED WORKAROUND :
I've made a Workaround based on patching the xws-security jar with maven. See answer of https://stackoverflow.com/questions/47334111/error-while-getting-secretkey-from-encryptedkey-jre7-to-jre8-upgrade for more informations.