Thanks, So for signing and encryption outside of WCF, bouncy castle does provide signing and encryption functionality.
Kind regards, Jean-Paul ________________________________________ From: Harris, Andrew [[email protected]] Sent: Wednesday, June 26, 2013 2:27 PM To: Jean-Paul Berthelot Cc: Jean-Paul Berthelot; Peter Dettman; [email protected] Subject: RE: [dev-crypto-csharp] Signing and encryption for SWA with Bouncy Castle c# Are you wanting SWA or MTOM (which supercedes SWA)? If you have to use SWA then you are right, WCF doesn't support this and you will need to do something like this http://code.msdn.microsoft.com/Send-Soap-with-Attachments-3784e5f6. If you can use MTOM then start here http://msdn.microsoft.com/en-us/library/aa395209.aspx. As for Signing and Encryption, have a look at the vast range of Algorithms supported by WCF http://msdn.microsoft.com/en-us/library/system.servicemodel.security.securityalgorithmsuite.aspx Regards Andrew Harris Dun & Bradstreet Australia | Level 5, 479 St Kilda Rd, Melbourne VIC 3004 Work +61 3 9828 3346 | Mobile +61 418 599 547 | • [email protected] | • www.dnb.com.au From: Jean-Paul Berthelot [mailto:[email protected]] Sent: Wednesday, 26 June 2013 2:05 PM To: Harris, Andrew Cc: Jean-Paul Berthelot; Peter Dettman; [email protected] Subject: Re: [dev-crypto-csharp] Signing and encryption for SWA with Bouncy Castle c# Hi Andrew, Thank you for your email. To explain my situation, I am implementing an EBMS client that requires support for Soap With Attachments (SWA). This means that I have had to implement beyond WCF which evidently does not support SWA. I am currently looking for a library that will allow me to support all algorithms required under WS-Security for signing and encryption. For example to support RSA SHA-256. I am thinking would Bouncy Castle allow me to be able to have support for signing and encryption algorithms complying to comply WS-Security. Therefore say if I wished to signed an XML message, I could pass an XML Document or byte array into the function to be signed Would Bouncy Castle c# offer me the functionality I described? Kind regards, Jean-Paul Sent from my iPhone On 26/06/2013, at 1:07 PM, "Harris, Andrew" <[email protected]<mailto:[email protected]>> wrote: I don’t see how WSS4J is relevant to Bouncy Castle. What are you trying to achieve? Connection to a Java Based Web Service from a C# application? Or to implement a Web Service that enforces WS-Security? For the former http://social.msdn.microsoft.com/Forums/vstudio/en-US/1bd6409b-5033-4951-bee6-de400cb8504d/consume-java-web-service-with-wssecurity For the latter http://msdn.microsoft.com/en-us/library/ms731172.aspx Regards Andrew Harris Dun & Bradstreet Australia | Level 5, 479 St Kilda Rd, Melbourne VIC 3004 Work +61 3 9828 3346 | Mobile +61 418 599 547 | • [email protected] | • www.dnb.com.au From: Jean-Paul Berthelot [mailto:[email protected]] Sent: Wednesday, 26 June 2013 11:20 AM To: Peter Dettman Cc: [email protected]<mailto:[email protected]> Subject: RE: [dev-crypto-csharp] Signing and encryption for SWA with Bouncy Castle c# Hi all, I have a question regarding Bouncy Castle C# API and support for WSS4J in C#. Does Bouncy Castle C# API have support for WSS4J? Regards, Jean-Paul Jean-Paul Berthelot | Developer SyncSoft | Ground Floor, 19-23 Prospect Street | Box Hill Vic 3128 | Australia T: +61 3 9236 1936 | M: 0432327799 | F: +61 3 9236 1999 E: [email protected]<mailto:[email protected]> | W: www.syncsoft.com.au<http://www.syncsoft.com.au> ***NOTICE*** This e-mail/facsimile may contain confidential or legally privileged material and if you are not the intended recipient, you are advised that Synchronised Software Pty Ltd does not consent to you reading or copying the material and does not waive any confidentiality or legal privilege associated with it. This e-mail/facsimile may also contain material which is protected by copyright and if you are not the intended recipient, you are advised that Synchronised Software Pty Ltd has not consented to your reproduction of the material and there is no intention to provide you with an implied licence to exercise any of the rights of the copyright owner or an authorised licensee. If you have received this e-mail/facsimile in error, please advise Synchronised Software Pty Ltd immediately by return e-mail/facsimile or by telephone on 61-3-9236-1900. The recipient of this e-mail/facsimile is solely responsible for conducting such tests and virus scanning as may be necessary, before using any attachment, to ensure that the attachment does not contain any virus and that use of the attached materials will in no way corrupt the recipient's data or systems or those of any other person. Please consider the environment before printing this message. From: Peter Dettman [mailto:[email protected]] Sent: Monday, 24 June 2013 10:02 PM To: Jean-Paul Berthelot Subject: Re: [dev-crypto-csharp] Signing and encryption for SWA with Bouncy Castle c# Hi Jean-Paul, BouncyCastle C# APIs more than likely supports the cryptographic algorithms you need, but we don't have any high-level APIs specifically for working with SWA, or XML signing in general. You will find lots of examples of the low-level cryptography operations in the tests that come with the source code, or by searching the web. Regards, Pete Dettman On 24/06/2013 1:16 PM, Jean-Paul Berthelot wrote: Hi all, I am new to the Bouncy Castle C# SDK and I was wondering if the API supports SWA signing and encryption? Essentially I am trying to find a C# API that can support signing and encryption with Soap With Attachments. With regards to signing I am very interested in support for XML signing with X.509 certificates with the RSA SHA-256 algorithm. Also, would there be any online examples of how to approach signing and encryption in bouncy castle? Jean-Paul Berthelot | Senior Developer SyncSoft | Ground Floor, 19-23 Prospect Street | Box Hill Vic 3128 | Australia T: +61 3 9236 1936 | M: 0432327799 | F: +61 3 9236 1999 E: [email protected]<mailto:[email protected]> | W: www.syncsoft.com.au<http://www.syncsoft.com.au> ***NOTICE*** This e-mail/facsimile may contain confidential or legally privileged material and if you are not the intended recipient, you are advised that Synchronised Software Pty Ltd does not consent to you reading or copying the material and does not waive any confidentiality or legal privilege associated with it. This e-mail/facsimile may also contain material which is protected by copyright and if you are not the intended recipient, you are advised that Synchronised Software Pty Ltd has not consented to your reproduction of the material and there is no intention to provide you with an implied licence to exercise any of the rights of the copyright owner or an authorised licensee. If you have received this e-mail/facsimile in error, please advise Synchronised Software Pty Ltd immediately by return e-mail/facsimile or by telephone on 61-3-9236-1900. The recipient of this e-mail/facsimile is solely responsible for conducting such tests and virus scanning as may be necessary, before using any attachment, to ensure that the attachment does not contain any virus and that use of the attached materials will in no way corrupt the recipient's data or systems or those of any other person. Please consider the environment before printing this message.
