Item1:
SHA1 is used for encryption/decryption only
http://coheigea.blogspot.com/2013/03/signature-and-encryption-key.html
Item2: <sp:AsymmetricBinding >
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";>
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";>
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128/>
</wsp:Policy>
</sp:AlgorithmSuite>notice that AlgorithmSuite sp:Basic128 is common
to both initiator and recipient
how would client signing with rsa-sha1 algorithm be able to communicate with
any webservice expecting rsa-sha256 signature?
Please explain
Martin
______________________________________________
Date: Wed, 9 Mar 2016 19:34:04 +0100
Subject: RE: WSsecurity: SignatureMethod error
From: [email protected]
To: [email protected]
On Mar 9, 2016 15:34, "Martin Gainty" <[email protected]> wrote:
>
> 2000 spec you are
> currently implementing:
> <ds:KeyInfo xmlns:ds="http://
>www.w3.org/2000/09/xmldsig#">
>
> does not acommodate
>256 bit signatures
>
> your current option will only
>allow 2000 xmldsig spec which is why
>you are defaulting to rsa-sha1
>algorithm in SignatureMethod
I want to use rsa-sha1, I don't want to use rsa-sha256 (which is the signature
method my client is currently using).
Regards.
