From 42c3a0555a6ad91e782090b7f883f34e7afc8d21 Mon Sep 17 00:00:00 2001
From: RIHTARSIC Joze <joze.rihtarsic@ext.ec.europa.eu>
Date: Thu, 25 Jan 2024 17:25:54 +0100
Subject: [PATCH] Update test EncryptionTest.testEncryptionDecryptionECDSA_ES
 to pass with JDK 11

---
 .../org/apache/wss4j/dom/message/EncryptionTest.java  | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionTest.java b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionTest.java
index 2c65b2116..9779d3a1b 100644
--- a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionTest.java
+++ b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionTest.java
@@ -54,6 +54,7 @@
 import org.apache.wss4j.dom.util.WSSecurityUtil;
 
 import org.apache.xml.security.utils.EncryptionConstants;
+import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.params.ParameterizedTest;
@@ -104,6 +105,11 @@ public void setUp() throws Exception {
         secEngine.setWssConfig(WSSConfig.getNewInstance());
     }
 
+    @AfterEach
+    public void cleanup(){
+        JDKTestUtils.unregisterAuxiliaryProvider();
+    }
+
     /**
      * Test that encrypt and decrypt a WS-Security envelope.
      * This test uses the RSA_15 algorithm to transport (wrap) the symmetric
@@ -334,6 +340,11 @@ public void testEncryptionDecryptionECDSA_ES(String algorithm, String certAlias)
             if (!JDKTestUtils.isAlgorithmSupportedByJDK(algorithm)) {
                 LOG.info("Add AuxiliaryProvider to execute test with algorithm [{}] and cert alias [{}]", algorithm,  certAlias);
                 Security.addProvider(JDKTestUtils.getAuxiliaryProvider());
+            } else if (JDKTestUtils.getJDKVersion() == 11 && algorithm.equals("xdh") ) {
+                // workaround for jdk11 and xdh keys
+                // https://bugs.openjdk.java.net/browse/JDK-8219381 or https://bugs.openjdk.org/browse/JDK-8213363
+                // set the auxiliary provider as first provider to parse the xdh private key
+                Security.insertProviderAt(JDKTestUtils.getAuxiliaryProvider(), 1 );
             }
             Crypto encCrypto = CryptoFactory.getInstance("wss-ecdh.properties");