File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

SOAP Encryption

 
anubechara Gupta
Greenhorn
Posts: 17
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi

As part of encryotion requirements for encrypting the body of the SOAP Message while calling an external Web Service, it is requried to encrypt using a shared symmetric key.
First step is to create a password digest
Base64(sha1(nonce + createdTimestamp + password)) - This step is working completely fine and produces a 160 bit Hash
The next step is to generate an AES 256 bit key using the above hash as the Seed. This should generate a 256 bit encrytpion key which can then be used to encrypt the message body.

Would appreciate if anyone who knows how to generate AES 256 bit key using a hash seed in Java (v1.4.2) can provide some guidance.

P:S. I am using WSS4J API to use WS-Security
 
Peer Reynders
Bartender
Posts: 2933
5
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Just a guess - you may be looking to use your seed with java.security.SecureRandom.setSeed(byte[]) and then pass the configured pseudo-random number generator to the javax.crypto.KeyGenerator.



Standard Java 1.4.2 only supports 128 bit keys (Strong encryption). Unlimited Encryption (192,256 bits) requires a special download.

Using AES with Java Technology
 
Don't get me started about those stupid light bulbs.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic