You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by "vlad.balan" <vl...@gmail.com> on 2018/07/31 18:03:27 UTC
asymmetric and symmetric bindings, question 2
Hello
just a side question:
the scenario where you encrypt parts of the message using a shared key (that
you encrypt with the receipient's public key and send it to him) and also
both parties sign with their private key (certificate), is it symmetric or
assymetric?
Because to me it is a mix of both: you use a shared key to encrypt (so
sounds like symmetric binding) and at the same time each signs with its
private key, (sounds like asymetric binding).
Also i'm curious how do you write this in xml in a security policy? (what
bindins, what token declarations, etc)
Thanks a lot.
--
Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html
Re: asymmetric and symmetric bindings, question 2
Posted by "vlad.balan" <vl...@gmail.com>.
Thanks a lot Colm, i'll take a look at that.
--
Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html
Re: asymmetric and symmetric bindings, question 2
Posted by Colm O hEigeartaigh <co...@apache.org>.
You can typically support those types of scenarios by using a
SymmetricBinding policy with an EndorsingSupportingToken/X509Token policy.
What this means is that Signature and Encryption are done using a symmetric
key (encrypted using the public key of the recipient) as per normal for the
SymmetricBinding. Then you have a separate X.509 Signature which in turn
signs the main symmetric Signature. See here for a policy example:
https://github.com/apache/cxf/blob/c7eee85aaebdfaae988adfcf8cc43206e568fda8/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/x509/DoubleItX509.wsdl#L245
On Tue, Jul 31, 2018 at 7:03 PM, vlad.balan <vl...@gmail.com> wrote:
> Hello
>
>
> just a side question:
>
> the scenario where you encrypt parts of the message using a shared key
> (that
> you encrypt with the receipient's public key and send it to him) and also
> both parties sign with their private key (certificate), is it symmetric or
> assymetric?
>
> Because to me it is a mix of both: you use a shared key to encrypt (so
> sounds like symmetric binding) and at the same time each signs with its
> private key, (sounds like asymetric binding).
>
>
> Also i'm curious how do you write this in xml in a security policy? (what
> bindins, what token declarations, etc)
>
>
> Thanks a lot.
>
>
>
> --
> Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com