what information from crypto.properties is used for signing in WSSignEnvelope?

[Maciek Zywno <m....@amg.net.pl>]

Hello

Maybe anyone could help me with my efforts to understand wss4j..
I am not sure how signing is done in WSSignEnvelope class and what 
property from Crypto(and crypto.properties) is needed to sing a message?

Thanks in advance

Maciek

Re: what information from crypto.properties is used for signing in WSSignEnvelope?

[Yves Langisch <li...@langisch.ch>]

Maciek,

There is a good 'cookbook' in the source directory when you use it with
Axis:

src/org/apache/ws/axis/security/package.html

It helped me a lot.

Regards,
Yves

Maciek Zywno wrote:
> Hello
> 
> Maybe anyone could help me with my efforts to understand wss4j..
> I am not sure how signing is done in WSSignEnvelope class and what 
> property from Crypto(and crypto.properties) is needed to sing a message?
> 
> Thanks in advance
> 
> Maciek
> 
> 

Re: what information from crypto.properties is used for signing in WSSignEnvelope?

[Maciek Zywno <m....@amg.net.pl>]

Yves Langisch wrote:

> Maciek,
>
> There is a good 'cookbook' in the source directory when you use it 
> with Axis:
>
> src/org/apache/ws/axis/security/package.html
>
> It helped me a lot.
>
> Regards,
> Yves

Thanks very much, it helped a lot, but I have another question

If I properly understood, in all examples in 'cookbook' a public key for 
encryption and a private key for signing/encryption is taken from X.509 
certiificate i.e. wsdd deployment file specifies some crypto.properties 
file.  This would suggest that X.509 format is the only one(in case of 
wss4j) that can hold such data used for security purposes like private 
and public keys. I am not an expert in security - only wanted to add 
this layer for my webservice - so maybe my question is not really 
sensible - but could I store private and public key not only in X.509 
certificates? Does it make sense?

Thanks for any suggestions,

Maciek