cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Pröls (JIRA) <j...@apache.org>
Subject [jira] [Comment Edited] (CXF-5200) Support newer signature algorithms in WS-SecurityPolicy (such as RSA-SHA256)
Date Fri, 04 Sep 2015 14:21:46 GMT

    [ https://issues.apache.org/jira/browse/CXF-5200?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14730872#comment-14730872
] 

Stefan Pröls edited comment on CXF-5200 at 9/4/15 2:20 PM:
-----------------------------------------------------------

I have a similar requirement for SYMMETRIC signatures.

>From the WSDL I'm trying to write a client for:

               <sp:SymmetricBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
                    <wsp:Policy>
                       ...
                        <sp:AlgorithmSuite>
                            <wsp:Policy>
                              <sp:Basic256Sha256/>
                            </wsp:Policy>
                        </sp:AlgorithmSuite>
                       ...
                    </wsp:Policy>
                </sp:SymmetricBinding>

<sp:Basic256Sha256/> requires SHA256.

It would be perfect if this could be imported from the WSDL policy, but it would be sufficient
if there was something like a

ws-security.symmetric.signature.algorithm

property, too, which I could set to

http://www.w3.org/2001/04/xmldsig-more#rsa-sha256


was (Author: s.proels):
I have a similar requirement for SYMMETRIC signatures.

>From the WSDL I'm trying to write a client for:

               <sp:SymmetricBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
                    <wsp:Policy>
                       ...
                        <sp:AlgorithmSuite>
                            <wsp:Policy>
                              <sp:Basic256Sha256/>
                            </wsp:Policy>
                        </sp:AlgorithmSuite>
                       ...
                    </wsp:Policy>
                </sp:SymmetricBinding>

<sp:Basic256Sha256/> requires SHA256.

It would be perfect if this could be imported from the WSDL policy, but it would be sufficient
if there was something like a

ws-security.symmetric.signature.algorithm

property, too, which I could set to

http://www.w3.org/2000/09/xmldsig#hmac-sha1


> Support newer signature algorithms in WS-SecurityPolicy (such as RSA-SHA256)
> ----------------------------------------------------------------------------
>
>                 Key: CXF-5200
>                 URL: https://issues.apache.org/jira/browse/CXF-5200
>             Project: CXF
>          Issue Type: Improvement
>          Components: WS-* Components
>    Affects Versions: 2.7.6
>            Reporter: Colm O hEigeartaigh
>            Assignee: Colm O hEigeartaigh
>             Fix For: 2.7.7
>
>
> This task is to find a way to support newer signature algorithms when using WS-SecurityPolicy
(such as RSA-SHA256). By default, only RSA-SHA1 is supported (as this is all the specification
mandates).



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message