fixing oaep encryption to use correct algorithm #54
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Proposed fix for problem reported in jruby/jruby#1819
I have to confess that writing a reasonable java test for this change is beyond me, but at line 99 the constant
PKCS1_OAEP_PADDING
is set to 4. The test on the changed line was previously selecting the algorithm/ECB/OAEPWithMD5AndMGF1Padding
for oaep, but this does not work against data that declares itself as encoded according to http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p and my reading of section 5.4.2 of the xmlenc spec says that this must always be used with SHA1 (and not MD5).If desired, I can provide sample data and ruby code that demonstrates the problem and verifies the fix.