Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-15154

Update supported ID token encryption algorithms to include ECDH-ES

    Details

    • Sprint:
      AM 2019.14 - Rotary Mill, AM 2019.15 - Gears

      Description

      Bug description

      The default supported ID token encryption algorithms (OAuth 2 Provider settings > OpenID Connect) does not list any of the ECDH-ES algorithms, but we do actually support these since the secrets API work. This means that the OIDC discovery document will not list support for these algorithms by default.

      How to reproduce the issue

      Look at the default supported encryption algorithms

      Expected behaviour

      Should list:

      • RSA1_5, RSA-OAEP, RSA-OAEP-256
      • dir, A128KW, A192KW, A256KW
      • ECDH-ES, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW
      Current behaviour
      • RSA1_5, RSA-OAEP, RSA-OAEP-256
      • dir, A128KW, A192KW, A256KW

      Work around

      Manually add the ECDH algorithms to the list.

      Code analysis

      Config update required

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                kajetan.hemzaczek Kajetan Hemzaczek
                Reporter:
                neil.madden Neil Madden
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: