If you have done please provide me the code or reference. I have to implement the same.
On Wednesday, February 29, 2012 11:45:47 AM UTC+5:30, Pankaj wrote: > > I want to consume WCF web-service which uses X.509 certificate for > mutual authentication. I had imported certificates using keytools in > BKS keystore & able to use in android code. Now for mutual > authentication i need to create web-request which have message digest > & signature in it > > I am using KSOAP 2. MY android Application working fine till my client > is using https using srever side certificate. > But now my client want X.509 certificate based mutual authentication. > For which I need to form my request as per below mention format which > i had extracted using wireshark (client is developed in Visual studio > 8 which is working fine). > > As per the blogs & articles i need to create message digest then > create signature but before creating message digest i need to create > XML canonicalization > > Referenced Urls : > http://java.sun.com/developer/technicalArticles/xml/dig_signatures/ > > http://docs.oracle.com/javase/6/docs/technotes/guides/security/xmldsig/XMLDigitalSignature.html > > http://java.sun.com/developer/technicalArticles/xml/dig_signature_api/ > > http://svn.apache.org/repos/asf/santuario/xml-security-java/trunk/samples/javax/xml/crypto/dsig/samples/GenEnveloped.java > > http://www.xml.com/pub/a/ws/2002/09/18/c14n.html?page=1 > http://www.w3.org/TR/2000/CR-xmldsig-core-20001031/ > > <s:Header> > <o:Security xmlns:o="http://docs.oasis-open.org/wss/2004/01/ > oasis-200401-wss-wssecurity-secext-1.0.xsd<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>" > > s:mustUnderstand="1"> > <u:Timestamp u:Id="_0"> > <u:Created>2012-02-21T04:45:06.429Z</u:Created> > <u:Expires>2012-02-21T04:50:06.429Z</u:Expires> > </u:Timestamp> > <o:BinarySecurityToken u:Id="uuid-e35f5271-3c4e-47c7- > ba34-8d995e414ba3-1" ValueType="http://docs.oasis-open.org/wss/ > 2004/01/ > oasis-200401-wss-x509-token-profile-1.0#X509v3<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3>" > > EncodingType="http:// > docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message- > security-1.0#Base64Binary<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary>"> > > > MIICbzCCAdygAwIBAgIQfjyZ229iN4tAbV0fiYiVyTAJBgUrDgMCHQUAMD8xPTA7BgNVBAMTNGNsaWVudC5iNTRiYTFkN2U2NzY0ZDdkOWRiMDA3YTgyNmM5ZGE5Ny5jbG91ZGFwcC5uZXQwHhcNMTIwMjE2MTY0MjI1WhcNMzkxMjMxMjM1OTU5WjA/ > > > MT0wOwYDVQQDEzRjbGllbnQuYjU0YmExZDdlNjc2NGQ3ZDlkYjAwN2E4MjZjOWRhOTcuY2xvdWRhcHAubmV0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDRW > > > +Di90XDGulLybdBboUlOilxvbcnfow+NhoNW80uNjmGQiQpxP0oNnYT7RKJ > +nP3+sZxUfRfazLgvOTFn0F9SIFQ9T4I5LNFMHhDfExoT0k/ > aeF870Euy07BiwF7eXw6toSv1dKwKavq20szbIr/NeabIEDS/GzKY6P0/ > TOQfwIDAQABo3QwcjBwBgNVHQEEaTBngBCNb6YOYI3RBR64WvVUjQtPoUEwPzE9MDsGA1UEAxM0Y2xpZW50LmI1NGJhMWQ3ZTY3NjRkN2Q5ZGIwMDdhODI2YzlkYTk3LmNsb3VkYXBwLm5ldIIQfjyZ229iN4tAbV0fiYiVyTAJBgUrDgMCHQUAA4GBAG5v1DZmXQKcaxNzz2VYDZ8aYYrYRQwU4lrBKlI0CnrkcZwQGPmRxdkiET9D91kcN/ > > > fmq90nj1F5FZoqhzeT1moqGKXKT9HRX8j6Ln1QDhsr+0JfgJW9/ > IFaQI14xKwr8bw4+DxIyp0IMpSw9biULmIQ1QuTzfKDEowlcQhsik+E > </o:BinarySecurityToken> > <Signature xmlns="http://www.w3.org/2000/09/xmldsig#";> > <SignedInfo> > <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc- > c14n#"/> > <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa- > sha1 <http://www.w3.org/2000/09/xmldsig#rsa-sha1>"/> > <Reference URI="#_0"> > <Transforms> > <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> > </Transforms> > <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> > <DigestValue>Soj1m/E157CempDHHC6c6gZBd1E=</DigestValue> > </Reference> > </SignedInfo> > <SignatureValue> > kqsIYUc3uYoQpuWVWYOio4KcGpon+3wDDhsAzVgZVljQxEhF7z1JS/ > qzw9ELYCn2JbYIkWMtEeYfXRtPvjrPM1fjJiqbXSKq7jHEeVtMQnOytAHRL1ZFA > +dLq4spJQR7uYnmJ1lmgQnu1kYcteSmD29Xm5e5dPUnz4yap3p7zC4= > </SignatureValue> > <KeyInfo> > <o:SecurityTokenReference> > <o:Reference ValueType="http://docs.oasis-open.org/wss/2004/01/ > oasis-200401-wss-x509-token-profile-1.0#X509v3<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3>" > > URI="#uuid- > e35f5271-3c4e-47c7-ba34-8d995e414ba3-1"/> > </o:SecurityTokenReference> > </KeyInfo> > </Signature> > </o:Security> > </s:Header> > > But to create message digest we need perform XML canonicalization with > "http://www.w3.org/2001/10/xml-exc-c14n#"; transform algorithm. I am > not able to found any API or library which perform above task. > > I had used xmlsec jar but I guess it is not supported by android and > also used all the option which I found after googling. > > I had find out that android don’t have support of following JAVA > packages: > • javax.xml.crypto.dom > • javax.xml.crypto.dsig > • javax.xml.crypto.dsig.dom > • javax.xml.crypto.dsig.keyinfo > • javax.xml.crypto.dsig.spec > > > Please guide me how to call WCF web-service which involve X.509 > certificate based mutual authentication. ASAP -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
