Ws-Security ds:keyInfo for secrete key

Sat, 20 Mar 2004 18:42:06 -0800 

Hi,

I am developing a message level security framework in which secrete key is 
included. I am a bit confused about how to create a ds:KeyInfo for such a 
secrete key, since if I follow WS-Security to create:

    <ds:KeyInfo>

     <wsse:SecurityTokenReference>
      <wsse:Reference URI="#00001"/>
     </wsse:SecurityTokenReference>

    </ds:KeyInfo>

only,  it will give me an AxisFault : "Didn't get a key"

org.apache.xml.security.signature.XMLSignatureException: Didn't get a key
        at 
org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFaultBuilder.java:260)
        at 
org.apache.axis.message.SOAPFaultBuilder.endElement(SOAPFaultBuilder.java:169)
        at 
org.apache.axis.encoding.DeserializationContextImpl.endElement(DeserializationContextImpl.java:1015)
        at org.apache.xerces.parsers.AbstractSAXParser.endElement(Unknown 
Source)
        at 
org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanEndElement(Unknown 
Source)
        at 
org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(Unknown
 
Source)
        at 
org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown 
Source)
        at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
        at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
        at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
        at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source)
        at javax.xml.parsers.SAXParser.parse(SAXParser.java:345)
        at 
org.apache.axis.encoding.DeserializationContextImpl.parse(DeserializationContextImpl.java:242)
        at org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:538)
        at org.apache.axis.Message.getSOAPEnvelope(Message.java:376)
        at org.apache.axis.client.Call.invokeEngine(Call.java:2583)
        at org.apache.axis.client.Call.invoke(Call.java:2553)
        at org.apache.axis.client.Call.invoke(Call.java:1753)
        at samples.security.Client.doService(Client.java:69)
        at samples.security.Client.main(Client.java:95)


However, I am not able  to create a <ds:KeyValue> which is not a DSA or RSA 
key, I tried to create a KeyValue and pass a non-standard element (with a 
wsse namespace) to it, such as :
KeyValue kv = new KeyValue(doc, securityTokenReference) 

It does not seem to work, it creates an empty <ds:KeyValue> within 
<ds:KeyInfo>, which again gets the same AxisFault.

I create my secrete key as:

       char[] passwordchars = new char[password.length()];
        
        SignatureAlgorithm sa = new SignatureAlgorithm(doc,
                                   
"http://www.w3.org/2000/09/xmldsig#hmac-sha1";,
                                   33);

        SecretKey sk = new SecretKeySpec(password.getBytes(), 
sa.getJCEAlgorithmString());

I have no idea what KeyInfo can be constructed for HMAC key.

Thanks very much.

Mei

Reply via email to