You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2009/04/27 18:40:30 UTC
[jira] Commented: (WSS-179) Allow signature using a symmetric key
and EncryptedKeySHA1
[ https://issues.apache.org/jira/browse/WSS-179?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12703209#action_12703209 ]
Colm O hEigeartaigh commented on WSS-179:
-----------------------------------------
Sample output from a WSS4J test-case for this:
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SOAP-ENV:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
SOAP-ENV:mustUnderstand="1">
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
Id="Signature-1">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1" />
<ds:Reference URI="#id-2">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>
Whe5tgUMuuyUEYW65h91XDlWcVU=
</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
o9SGdoU/qqwoHdvpLuoZFmyYWvA=
</ds:SignatureValue>
<ds:KeyInfo
Id="KeyId-F5BDB50F834424710412408502863721">
<wsse:SecurityTokenReference
wsu:Id="STRId-F5BDB50F834424710412408502863722">
<wsse:KeyIdentifier
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1">
jecP0O1sa7j7PH7EDdXh5Zue6ac=
</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
</SOAP-ENV:Header>
<SOAP-ENV:Body
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="id-2">
<add xmlns="http://ws.apache.org/counter/counter_port_type">
<value xmlns="">15</value>
</add>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
> Allow signature using a symmetric key and EncryptedKeySHA1
> ----------------------------------------------------------
>
> Key: WSS-179
> URL: https://issues.apache.org/jira/browse/WSS-179
> Project: WSS4J
> Issue Type: Improvement
> Components: WSS4J Core
> Affects Versions: 1.5.7
> Reporter: Colm O hEigeartaigh
> Assignee: Colm O hEigeartaigh
> Fix For: 1.5.8, 1.6
>
>
> This task is to allow WSSecSignature to take in a SecretKey object or an array of bytes representing a symmetric key, and use it to sign data. The key will be referenced using EncryptedKeySHA1.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: [jira] Commented: (WSS-179) Allow signature using a symmetric
key and EncryptedKeySHA1
Posted by Nitin Handa <ni...@oracle.com>.
Hi Colm,
Can we also use DirectReference here?
owsm sample message is like below:-
<wsse:SecurityTokenReference
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Reference
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
URI="#EK-2deZQwKG5A6NaqfWCcmbQw22"
ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#*EncryptedKey*"/>
</wsse:SecurityTokenReference>
Please note value of "ValueType" in this case.
Thanks
Nitin
Colm O hEigeartaigh (JIRA) wrote:
> [ https://issues.apache.org/jira/browse/WSS-179?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12703209#action_12703209 ]
>
> Colm O hEigeartaigh commented on WSS-179:
> -----------------------------------------
>
>
> Sample output from a WSS4J test-case for this:
>
> <?xml version="1.0" encoding="UTF-8"?>
> <SOAP-ENV:Envelope
> xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> <SOAP-ENV:Header>
> <wsse:Security
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> SOAP-ENV:mustUnderstand="1">
> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
> Id="Signature-1">
> <ds:SignedInfo>
> <ds:CanonicalizationMethod
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
> <ds:SignatureMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1" />
> <ds:Reference URI="#id-2">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> <ds:DigestValue>
> Whe5tgUMuuyUEYW65h91XDlWcVU=
> </ds:DigestValue>
> </ds:Reference>
> </ds:SignedInfo>
> <ds:SignatureValue>
> o9SGdoU/qqwoHdvpLuoZFmyYWvA=
> </ds:SignatureValue>
> <ds:KeyInfo
> Id="KeyId-F5BDB50F834424710412408502863721">
> <wsse:SecurityTokenReference
> wsu:Id="STRId-F5BDB50F834424710412408502863722">
> <wsse:KeyIdentifier
> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
> ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1">
> jecP0O1sa7j7PH7EDdXh5Zue6ac=
> </wsse:KeyIdentifier>
> </wsse:SecurityTokenReference>
> </ds:KeyInfo>
> </ds:Signature>
> </wsse:Security>
> </SOAP-ENV:Header>
> <SOAP-ENV:Body
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="id-2">
> <add xmlns="http://ws.apache.org/counter/counter_port_type">
> <value xmlns="">15</value>
> </add>
> </SOAP-ENV:Body>
> </SOAP-ENV:Envelope>
>
>
>
>> Allow signature using a symmetric key and EncryptedKeySHA1
>> ----------------------------------------------------------
>>
>> Key: WSS-179
>> URL: https://issues.apache.org/jira/browse/WSS-179
>> Project: WSS4J
>> Issue Type: Improvement
>> Components: WSS4J Core
>> Affects Versions: 1.5.7
>> Reporter: Colm O hEigeartaigh
>> Assignee: Colm O hEigeartaigh
>> Fix For: 1.5.8, 1.6
>>
>>
>> This task is to allow WSSecSignature to take in a SecretKey object or an array of bytes representing a symmetric key, and use it to sign data. The key will be referenced using EncryptedKeySHA1.
>>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org