|

»

»

Apache XML - Security - Dev

RSA-SHA256 xml signature

View: New views

3 Messages — Rating Filter: Alert me

	RSA-SHA256 xml signature by Lukas Jedlicka :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi, I have a question about creating xml signature usig RSAwithSHA256 algorithm. My application receives and sends signed XMLS. My application is written in Java 1.5 and uses Apache xmlsec_1_4_2.jar library for signing XML files. It uses javax.xml.crypto.dsig.SignatureMethod.RSA_SHA1 algorithm for xml signing. Now, I need to change RSA_SHA1 algorithm to RSA_SHA256, but this Java API doesn't support it. Can you please give me an advice, what options do I have? Is there any provider for RSA_SHA256? Thanks, Lukas
	RE: RSA-SHA256 xml signature by Colm O hEigeartaigh :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message I'm pretty sure BouncyCastle supports it: http://www.bouncycastle.org/java.html Apache WSS4J uses BouncyCastle as the crypto provider, and some of the tests use http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 as the signature algorithm. Colm. -----Original Message----- From: Lukas Jedlicka [mailto:lukas.jedlicka@...] Sent: 29 July 2009 12:07 To: security-dev@... Subject: RSA-SHA256 xml signature Hi, I have a question about creating xml signature usig RSAwithSHA256 algorithm. My application receives and sends signed XMLS. My application is written in Java 1.5 and uses Apache xmlsec_1_4_2.jar library for signing XML files. It uses javax.xml.crypto.dsig.SignatureMethod.RSA_SHA1 algorithm for xml signing. Now, I need to change RSA_SHA1 algorithm to RSA_SHA256, but this Java API doesn't support it. Can you please give me an advice, what options do I have? Is there any provider for RSA_SHA256? Thanks, Lukas -- View this message in context: http://www.nabble.com/RSA-SHA256-xml-signature-tp24717024p24717024.html Sent from the Apache XML - Security - Dev mailing list archive at Nabble.com.
	Re: RSA-SHA256 xml signature by sean.mullan :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi, The Java/JSR 105 API also supports this and the underlying JCE cryptographic support for RSA-SHA256 has been in Sun's JDK since 1.4.2. However. you must specify the URI when generating the SignatureMethod, as there is no String constant defined for it yet. So do the following: XMLSignatureFactory fac = XMLSignatureFactory.getInstance(); SignatureMethod sm = fac.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256", ...); --Sean Colm O hEigeartaigh wrote: > I'm pretty sure BouncyCastle supports it: > > http://www.bouncycastle.org/java.html > > Apache WSS4J uses BouncyCastle as the crypto provider, and some of the > tests use http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 as the > signature algorithm. > > Colm. > > -----Original Message----- > From: Lukas Jedlicka [mailto:lukas.jedlicka@...] > Sent: 29 July 2009 12:07 > To: security-dev@... > Subject: RSA-SHA256 xml signature > > > Hi, > I have a question about creating xml signature usig RSAwithSHA256 > algorithm. > My application receives and sends signed XMLS. My application is written > in > Java 1.5 and uses Apache xmlsec_1_4_2.jar library for signing XML files. > It > uses javax.xml.crypto.dsig.SignatureMethod.RSA_SHA1 algorithm for xml > signing. Now, I need to change RSA_SHA1 algorithm to RSA_SHA256, but > this > Java API doesn't support it. Can you please give me an advice, what > options > do I have? Is there any provider for RSA_SHA256? > > Thanks, > > Lukas >