Announcement Announcement Module
No announcement yet.
Does Wss4jSecurityInterceptor support the use of SHA-2 algorithms? Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Does Wss4jSecurityInterceptor support the use of SHA-2 algorithms?

    I am using spring-ws 2.0.1 and wss4j 1.5.8. Our current configuration is working using sha1, but we have been asked to support the sha-2 family of algorithms. I changed the securementSignatureAlgorithm property to use sha256 as follows:

    <bean id="wss4jSecurityInterceptor"
    		<property name="enableSignatureConfirmation" value="false" />
    		<property name="validationSignatureCrypto" ref="pubCertCrypto" />
    		<property name="validationDecryptionCrypto" ref="privKeyCrypto" />
    		<property name="validationActions" value="Timestamp Signature Encrypt" />
    		<property name="timestampPrecisionInMilliseconds" value="true" />
    		<property name="validationTimeToLive" value="10" />
    		<property name="timestampStrict" value="true" />
    		<property name="validationCallbackHandlers">
    				<ref bean="keystoreCallbackHandler" />
    		<property name="securementActions" value="Timestamp Signature Encrypt" />
    		<property name="securementUsername" value="wsserver" />
    		<property name="securementPassword" value="password" />
    		<property name="securementPasswordType" value="PasswordText" />
    		<property name="securementSignatureKeyIdentifier" value="DirectReference" />
    		<property name="securementSignatureAlgorithm" value="" />
    		<property name="securementSignatureCrypto" ref="privKeyCrypto" />
    		<property name="securementEncryptionCrypto" ref="pubCertCrypto" />
    		<property name="securementEncryptionUser" value="useReqSigCert" />
    		<property name="securementEncryptionKeyTransportAlgorithm"
    			value="" />
    		<property name="securementEncryptionSymAlgorithm" value="" />
    		<property name="securementSignatureParts"
    			value="{Content}{}Body;" />
    		<property name="securementEncryptionParts"
    			value="{Content}{}BinarySecurityToken;{Content}{}Signature;{Element}{}Timestamp;{Content}{}Body;" />
    		<property name="securementTimeToLive" value="10" />
    With this change, I am now getting the following exception:

    Code: Sorry, you supplied the wrong key type for this operation! You supplied a but a javax.crypto.SecretKey is needed.
    Has anyone configured SHA-2 algorithms using Wss4jSecurityInterceptor, and if so, how did you configure it?