File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Web Services and the fly likes SOAP Encryption Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Web Services
Bookmark "SOAP Encryption" Watch "SOAP Encryption" New topic

SOAP Encryption

anubechara Gupta

Joined: Jul 05, 2006
Posts: 17

As part of encryotion requirements for encrypting the body of the SOAP Message while calling an external Web Service, it is requried to encrypt using a shared symmetric key.
First step is to create a password digest
Base64(sha1(nonce + createdTimestamp + password)) - This step is working completely fine and produces a 160 bit Hash
The next step is to generate an AES 256 bit key using the above hash as the Seed. This should generate a 256 bit encrytpion key which can then be used to encrypt the message body.

Would appreciate if anyone who knows how to generate AES 256 bit key using a hash seed in Java (v1.4.2) can provide some guidance.

P:S. I am using WSS4J API to use WS-Security
Peer Reynders

Joined: Aug 19, 2005
Posts: 2933
Just a guess - you may be looking to use your seed with[]) and then pass the configured pseudo-random number generator to the javax.crypto.KeyGenerator.

Standard Java 1.4.2 only supports 128 bit keys (Strong encryption). Unlimited Encryption (192,256 bits) requires a special download.

Using AES with Java Technology
I agree. Here's the link:
subject: SOAP Encryption
It's not a secret anymore!