0
Answer

XML Web Services signatures

Matti Maalari

Matti Maalari
15y
3.5k
1
Hello,

I like to send this kind of web services messages:

<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:tns="http://bxd.fi/CorporateFileService" xmlns:ns1="http://model.bxd.fi">
    <soap:Header>
        <wsse:Security soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
            <wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-9a805f99-9e86-46eb-a5ad-70898b4e8d23">removed</wsse:BinarySecurityToken>
            <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
                <SignedInfo>
                    <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
                    <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
                    <Reference URI="#SecurityToken-9a805f99-9e86-46eb-a5ad-70898b4e8d23">
                        <Transforms>
                            <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </Transforms>
                        <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                        <DigestValue>4zpCo6NIk2DsUOatgTjQCwODcso=</DigestValue>
                    </Reference>
                    <Reference URI="#Id-e6b1da0b-89dd-4486-b56b-0f8409ef6c28">
                        <Transforms>
                            <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </Transforms>
                        <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                        <DigestValue>hoSJvD9ebSKXkPbJdF1EQ975bjE=</DigestValue>
                    </Reference>
                </SignedInfo>                <SignatureValue>HA3Vk8ac1lF1+Z5edI726g2POawUrR0Rosh6MDn4P4vysUFoHroSe840lx9WZ41BzQGxNdmdKEkPm+zi9y20BMBfgyBUm67ih1B3/ho0yaPdLRkgNIGB4wKgOyxiBNFiQeGd1mZZZRnzIdf/GG+1I5fjDkc2nGgQ5JlE16kRKvA=</SignatureValue>
                <KeyInfo>
                    <wsse:SecurityTokenReference>
                        <wsse:Reference URI="#SecurityToken-9a805f99-9e86-46eb-a5ad-70898b4e8d23" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
                    </wsse:SecurityTokenReference>
                </KeyInfo>
            </Signature>
        </wsse:Security>
    </soap:Header>
    <soap:Body wsu:Id="Id-e6b1da0b-89dd-4486-b56b-0f8409ef6c28" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
        Removed
    </soap:Body>
</soap:Envelope>

I have p12-file where I have imported certificate to store. I have tried to use WSE 2.0 for using that certificate for signing my web services messages as above. Algorithm is RSA-SHA1. Problem is that I don't find solution from web, how to use certificate what have password secured private key. I have tried to find some token example, without help. Is the using of WSE 2.0 wrong way to solve this problem? Is there any links where to find right solution? If you have time could you paste some helpful code to this?

Thank you very much!

Matti
Next Recommended Forum