Remove support for RC2 and RC4 - signed attributes fail with Sterling
Closed this issue · 1 comments
chadgates commented
When sending signed message to Sterling B2B Integrator, the ASN1 code for RC4 Cipher is not being picked up and message transmission fails.
Removing the attribute by commenting line 248-250 in pyas2-lib - cms.py, leads to a successful transmission.
As RC2 and RC4 are not secure algorithms and support for same is being removed in most common places, the support for same should be removed from django-pyas2 and pyas2-lib as well.
chadgates commented
Update on above - with pyas2-lib version 1.3, the above issue does not happen anymore. So, suggest to upgrade to newest version and thus dropping support for python 3.6