Differences between revisions 22 and 23
Revision 22 as of 2005-03-02 15:45:33
Size: 3019
Comment:
Revision 23 as of 2009-09-20 22:48:17
Size: 3031
Editor: localhost
Comment: converted to 1.6 markup
Deletions are marked like this. Additions are marked like this.
Line 28: Line 28:
attachment:fig1-1.gif {{attachment:fig1-1.gif}}
Line 39: Line 39:
attachment:fig2-1.gif {{attachment:fig2-1.gif}}
Line 43: Line 43:
2.1 ["Architecture of Digital Signature Implementation"] 2.1 [[Architecture_of_Digital_Signature_Implementation]]
Line 52: Line 52:
attachment:archi001.gif {{attachment:archi001.gif}}
Line 54: Line 54:
A client class (e.g. an Axis Handler) of the library would simply make a function call on to ["WSEncryptBody"] which in turn will carry out the encryption of the specified SOAP message as par to the above mentioned specification. A client class (e.g. an Axis Handler) of the library would simply make a function call on to [[WSEncryptBody]] which in turn will carry out the encryption of the specified SOAP message as par to the above mentioned specification.

Introduction

WSS4C is a set of C++ library classes that implement the OASIS Web Services Security: SOAP Messaging Security 1.0 (http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf) specification. Effort has been taken to closely mirror the existing Java implementation (http://ws.apache.org/ws-fx/wss4j/). It is expected that WSS4C will be incorporated in to the Apache Axis C++ project.

The specification describes three criteria that must be satisfied for WS-Security to be implemented

  1. Sending security tokens as part of the message (E.g. Kerberos, Username token, X.509)
  2. Ensure Message integrity (XML Signature: XML syntax used for representing signatures on digital content and
  3. procedures for computing and verifying such signatures. Signatures provide for data integrity and authentication), and Message confidentiality (XML Encryption: Process for encrypting/decrypting digital content)

Contributors to the Project

  • Sameera Perera
  • Dinesh Premalal
  • Sharanka Perera
  • Farhaan Mohideen

References

Architecture

Figure 1-1 shows the Use-Case view of the overall implementation. fig1-1.gif

Figure 1-1

Note: Use-cases 2 and 3, signifies that WSS4C shall not interfere with the processing of regular (i.e. unencrypted and unsigned).

Security Tokens

XML Signature

This section describes the WSS4C implementation of the Digital Signatures for SOAP Message Security. Figure 2-1 illustrates the overall goals of the implementation.

fig2-1.gif

Figure 2-1

2.1 Architecture_of_Digital_Signature_Implementation

2.2 CurrentIssues

XML Encryption

The implementation of WSS4C has used Section 9 (Encryption) of OASIS WSS: SOAP Message Security 1.0 specification, as its starting point. As such, the development effort can be viewed as a “bottom-up” process.

Following diagram reflects the current state of the library.

[ATTACH]

A client class (e.g. an Axis Handler) of the library would simply make a function call on to WSEncryptBody which in turn will carry out the encryption of the specified SOAP message as par to the above mentioned specification. Following diagram reflects the current state of the library.

For Time being Encryption part carried out separatly By using XML-Security Library. For encryption , use many code from XML-Security library.

In this case , encrypts an element( and all its children) from pre-genarated key. It uses randomly genarated key to handle bulk encryption , and then encrypts this using RSA public key. The resultant encrypted key is embeded in an <EncryptedKey> element.

Now it Encrypts only Element what we assinged.

Deployment

Details to be included here

WSS4C (last edited 2009-09-20 22:48:17 by localhost)