-
Type:
Bug
-
Status: Resolved
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 7.0.0
-
Fix Version/s: 7.0.0
-
Component/s: None
-
Labels:
-
Target Version/s:
-
Sprint:AM 2019.11 - Crossbow
-
Epic Link:
Currently AES-256 GCM encryption algorithm cannot be used to encrypt the SAML authnRequest JWTs, because of an encryption key type mismatch (the encryption code expects an AES key, but AM OOTB stores keys using RAW algorithm).
The encryption/decryption should be able to convert RAW keys to AES keys when the key material is available (getEncoded() returns non-null value). When the key material is not available, the key should be left as is.