You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by Lukas Jedlicka <lu...@profinit.eu> on 2009/07/29 13:06:45 UTC
RSA-SHA256 xml signature
Hi,
I have a question about creating xml signature usig RSAwithSHA256 algorithm.
My application receives and sends signed XMLS. My application is written in
Java 1.5 and uses Apache xmlsec_1_4_2.jar library for signing XML files. It
uses javax.xml.crypto.dsig.SignatureMethod.RSA_SHA1 algorithm for xml
signing. Now, I need to change RSA_SHA1 algorithm to RSA_SHA256, but this
Java API doesn't support it. Can you please give me an advice, what options
do I have? Is there any provider for RSA_SHA256?
Thanks,
Lukas
--
View this message in context: http://www.nabble.com/RSA-SHA256-xml-signature-tp24717024p24717024.html
Sent from the Apache XML - Security - Dev mailing list archive at Nabble.com.
Re: RSA-SHA256 xml signature
Posted by Sean Mullan <Se...@Sun.COM>.
Hi,
The Java/JSR 105 API also supports this and the underlying JCE
cryptographic support for RSA-SHA256 has been in Sun's JDK since 1.4.2.
However. you must specify the URI when generating the SignatureMethod,
as there is no String constant defined for it yet. So do the following:
XMLSignatureFactory fac = XMLSignatureFactory.getInstance();
SignatureMethod sm =
fac.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256",
...);
--Sean
Colm O hEigeartaigh wrote:
> I'm pretty sure BouncyCastle supports it:
>
> http://www.bouncycastle.org/java.html
>
> Apache WSS4J uses BouncyCastle as the crypto provider, and some of the
> tests use http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 as the
> signature algorithm.
>
> Colm.
>
> -----Original Message-----
> From: Lukas Jedlicka [mailto:lukas.jedlicka@profinit.eu]
> Sent: 29 July 2009 12:07
> To: security-dev@xml.apache.org
> Subject: RSA-SHA256 xml signature
>
>
> Hi,
> I have a question about creating xml signature usig RSAwithSHA256
> algorithm.
> My application receives and sends signed XMLS. My application is written
> in
> Java 1.5 and uses Apache xmlsec_1_4_2.jar library for signing XML files.
> It
> uses javax.xml.crypto.dsig.SignatureMethod.RSA_SHA1 algorithm for xml
> signing. Now, I need to change RSA_SHA1 algorithm to RSA_SHA256, but
> this
> Java API doesn't support it. Can you please give me an advice, what
> options
> do I have? Is there any provider for RSA_SHA256?
>
> Thanks,
>
> Lukas
>
RE: RSA-SHA256 xml signature
Posted by Colm O hEigeartaigh <co...@progress.com>.
I'm pretty sure BouncyCastle supports it:
http://www.bouncycastle.org/java.html
Apache WSS4J uses BouncyCastle as the crypto provider, and some of the
tests use http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 as the
signature algorithm.
Colm.
-----Original Message-----
From: Lukas Jedlicka [mailto:lukas.jedlicka@profinit.eu]
Sent: 29 July 2009 12:07
To: security-dev@xml.apache.org
Subject: RSA-SHA256 xml signature
Hi,
I have a question about creating xml signature usig RSAwithSHA256
algorithm.
My application receives and sends signed XMLS. My application is written
in
Java 1.5 and uses Apache xmlsec_1_4_2.jar library for signing XML files.
It
uses javax.xml.crypto.dsig.SignatureMethod.RSA_SHA1 algorithm for xml
signing. Now, I need to change RSA_SHA1 algorithm to RSA_SHA256, but
this
Java API doesn't support it. Can you please give me an advice, what
options
do I have? Is there any provider for RSA_SHA256?
Thanks,
Lukas
--
View this message in context:
http://www.nabble.com/RSA-SHA256-xml-signature-tp24717024p24717024.html
Sent from the Apache XML - Security - Dev mailing list archive at
Nabble.com.