axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ruchith Fernando <ruchith.ferna...@gmail.com>
Subject Re: SHA2 support
Date Fri, 01 Apr 2011 05:09:07 GMT
Hi Leos,

SHA256 is not supported right now.

I just checked the rampart code to verify this and seems like we are
not using the digest value from the AlgorithmSuite available in the
policy.

Also asymmetricSignature in AlgorithmSuite is hard coded to
http://www.w3.org/2000/09/xmldsig#rsa-sha1
This value should be constructed properly depending on the parameters
available. (Example : See the use of
http://www.w3.org/2001/04/xmlenc#sha256 in [1])

Thanks,
Ruchith

1. http://www.w3.org/TR/2010/WD-xmldsig-core1-20101130/Overview.html#sec-o-Simple

2011/3/17 Leos Literak <leos.literak@gemsystem.cz>:
> Hi,
>
>
>
> Can anybody reply me? Is SHA256 really supported?
>
>
>
> Leos
>
>
>
> Od: Leos Literak [mailto:leos.literak@gemsystem.cz]
> Odesláno: 15. března 2011 8:48
>
> Komu: java-dev@axis.apache.org
> Předmět: RE: SHA2 support
>
>
>
> Hello,
>
>
>
> Is there anybody out there who has ever used the SHA256 algorithm / knows
> how to configure it?
>
>
>
> Can you please help us? It becomes a major issue as SHA1 is obsoleted.
>
> Thank you in advance
>
>
>
> Leos
>
>
>
> Od: Leos Literak [mailto:leos.literak@gemsystem.cz]
> Odesláno: 11. března 2011 15:49
> Komu: java-dev@axis.apache.org
> Předmět: RE: SHA2 support
>
>
>
> As mentioned in https://issues.apache.org/jira/browse/RAMPART-216 we used
> <sp:Basic256Sha256/> as well (and few others) with no luck.
>
>
>
> Od: Leos Literak [mailto:leos.literak@gemsystem.cz]
> Odesláno: 11. března 2011 15:36
> Komu: 'java-dev@axis.apache.org'
> Předmět: RE: SHA2 support
>
>
>
> Martin,
>
>
>
> Thank you for your quick reply. Can you help us, how to setup axis to use
> SHA256?
>
>
>
> Leoš
>
>
>
> Od: Martin Gainty [mailto:mgainty@hotmail.com]
> Odesláno: 11. března 2011 15:06
> Komu: java-dev@axis.apache.org
> Předmět: RE: SHA2 support
>
>
>
> the currently supported (Rampart) Digest Algorithms are:
>
> contents of org.apache.ws.secpolicy.SPConstants:
>
>     public final static String SHA1 =
> "http://www.w3.org/2000/09/xmldsig#sha1";
>     public final static String SHA256 =
> "http://www.w3.org/2001/04/xmlenc#sha256";
>     public final static String SHA512 =
> "http://www.w3.org/2001/04/xmlenc#sha512";
>
> if wish to request (rampart) support for a new Algorithm please file jira
> request at
>
> https://issues.apache.org/jira/browse/Rampart



-- 
http://ruchith.org

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org


Mime
View raw message