| Author |
SOAP Encryption
|
anubechara Gupta
Greenhorn
Joined: Jul 05, 2006
Posts: 17
|
|
Hi
As part of encryotion requirements for encrypting the body of the SOAP Message while calling an external Web Service, it is requried to encrypt using a shared symmetric key.
First step is to create a password digest
Base64(sha1(nonce + createdTimestamp + password)) - This step is working completely fine and produces a 160 bit Hash
The next step is to generate an AES 256 bit key using the above hash as the Seed. This should generate a 256 bit encrytpion key which can then be used to encrypt the message body.
Would appreciate if anyone who knows how to generate AES 256 bit key using a hash seed in Java (v1.4.2) can provide some guidance.
P:S. I am using WSS4J API to use WS-Security
|
 |
Peer Reynders
Bartender
Joined: Aug 19, 2005
Posts: 2906
|
|
Just a guess - you may be looking to use your seed with java.security.SecureRandom.setSeed(byte[]) and then pass the configured pseudo-random number generator to the javax.crypto.KeyGenerator.
Standard Java 1.4.2 only supports 128 bit keys (Strong encryption). Unlimited Encryption (192,256 bits) requires a special download.
Using AES with Java Technology
|
"Don't succumb to the false authority of a tool or model. There is no substitute for thinking."
Andy Hunt, Pragmatic Thinking & Learning: Refactor Your Wetware p.41
|
|
 |
|
|
subject: SOAP Encryption
|
|
|
0
