It's not a secret anymore!
The moose likes Web Services and the fly likes SOAP Encryption Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Web Services
Bookmark "SOAP Encryption" Watch "SOAP Encryption" New topic

SOAP Encryption

anubechara Gupta

Joined: Jul 05, 2006
Posts: 17

As part of encryotion requirements for encrypting the body of the SOAP Message while calling an external Web Service, it is requried to encrypt using a shared symmetric key.
First step is to create a password digest
Base64(sha1(nonce + createdTimestamp + password)) - This step is working completely fine and produces a 160 bit Hash
The next step is to generate an AES 256 bit key using the above hash as the Seed. This should generate a 256 bit encrytpion key which can then be used to encrypt the message body.

Would appreciate if anyone who knows how to generate AES 256 bit key using a hash seed in Java (v1.4.2) can provide some guidance.

P:S. I am using WSS4J API to use WS-Security
Peer Reynders

Joined: Aug 19, 2005
Posts: 2930
Just a guess - you may be looking to use your seed with[]) and then pass the configured pseudo-random number generator to the javax.crypto.KeyGenerator.

Standard Java 1.4.2 only supports 128 bit keys (Strong encryption). Unlimited Encryption (192,256 bits) requires a special download.

Using AES with Java Technology
I agree. Here's the link:
subject: SOAP Encryption
It's not a secret anymore!