Closed michaldaniel closed 4 months ago
Currently you need to use the implementation of BouncyCastle - it's not yet published in a release of xmlsec 3.x to the best of my knowledge. Link: https://github.com/apache/santuario-xml-security-java/pull/293
@phax Do I understand you correctly that there is a way to circumvent this using BC implementation? I would really appreciate if you found time to elaborate.
Other way to understand your answer is that we would either have to wait for Santuario release or build it from sources and force dependency usage.
Well, I never did it myself - I only saw it in implementations using phase4. You need to be familiar with the concepts of "Security Providers" in Java. By using Bouncy Castle (BC) as your Security Provider you are capable of using the Brainpool Curves with Java 11 and onwards. The Security Provider can be provided on many levels - for certificate factory as well as for JSSE setups etc. Please refer to the regular Java documentation and the BC documentation on the details.
@michaldaniel Did that solve your issue?
Hi, Using the library 2.7.5 that comes with updated WSS4J 3.0.3 and xmlsec I'm getting exception when attempting message sendout:
Was the support for brainpoolP256r1 not merged yet upstream or am I possibly missing some configuration steps that would allow for using brainpoolP256r1 certificates?