Hi Colm,
Can we also use DirectReference here?
owsm sample message is like below:-
<wsse:SecurityTokenReference
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>
<wsse:Reference
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
URI="#EK-2deZQwKG5A6NaqfWCcmbQw22"
ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#*EncryptedKey*"/>
</wsse:SecurityTokenReference>
Please note value of "ValueType" in this case.
Thanks
Nitin
Colm O hEigeartaigh (JIRA) wrote:
[ https://issues.apache.org/jira/browse/WSS-179?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12703209#action_12703209 ]
Colm O hEigeartaigh commented on WSS-179:
-----------------------------------------
Sample output from a WSS4J test-case for this:
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
<SOAP-ENV:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
SOAP-ENV:mustUnderstand="1">
<ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
Id="Signature-1">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; />
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"; />
<ds:Reference URI="#id-2">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; />
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; />
<ds:DigestValue>
Whe5tgUMuuyUEYW65h91XDlWcVU=
</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
o9SGdoU/qqwoHdvpLuoZFmyYWvA=
</ds:SignatureValue>
<ds:KeyInfo
Id="KeyId-F5BDB50F834424710412408502863721">
<wsse:SecurityTokenReference
wsu:Id="STRId-F5BDB50F834424710412408502863722">
<wsse:KeyIdentifier
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1";>
jecP0O1sa7j7PH7EDdXh5Zue6ac=
</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
</SOAP-ENV:Header>
<SOAP-ENV:Body
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
wsu:Id="id-2">
<add xmlns="http://ws.apache.org/counter/counter_port_type";>
<value xmlns="">15</value>
</add>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
Allow signature using a symmetric key and EncryptedKeySHA1
----------------------------------------------------------
Key: WSS-179
URL: https://issues.apache.org/jira/browse/WSS-179
Project: WSS4J
Issue Type: Improvement
Components: WSS4J Core
Affects Versions: 1.5.7
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
Fix For: 1.5.8, 1.6
This task is to allow WSSecSignature to take in a SecretKey object or an array
of bytes representing a symmetric key, and use it to sign data. The key will be
referenced using EncryptedKeySHA1.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
