Re: UsernameToken key generation

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: casey chesnut (casey_at_MORE_spam_PLEASEbrains-N-brawn.com)
Date: 06/10/04 

Date: Wed, 9 Jun 2004 21:04:51 -0500

it is now 16 bytes of P_SHA1.
how intuitively obvious is that?
i guessed it because the default crypto switched from 3DES (24) to AES128
(16).
stupid waste of time.
casey
http://www.brains-N-brawn.com

"casey chesnut" <casey@braSPAMins-N-braSPAMwn.com> wrote in message
news:OXCfgRYTEHA.3988@TK2MSFTNGP10.phx.gbl...
> my CF code can validate an XmlSignature created by WSE 2.0 Release,
> except for the signed UsernameToken.
> my assumption is that the key generation has changed internally?
>
> the code that worked for WSE 2.0 TP involved:
> HMACSHA1 with 24 bytes of P_SHA1, using a label of WS-Security
> per Hervey's blog:
> http://www.dynamic-cast.com/mt-archives/000019.html
>
> has this changed for Release, and if so how?
> Thank you,
> casey
> http://www.brains-N-brawn.com
>
>

Relevant Pages

  • Re: DIME attachment
    ... > there is already a sample with the spWse test code. ... > it calls the Attachments sample in WSE 2.0. ... >> Casey, ...
    (microsoft.public.dotnet.framework.compactframework)
  • Re: web service security
    ... WSE will do Xml-Encryption as well. ... > You may also want to look into Soap Extensions. ... >> i believe there is a WSE sample called UsernameSigning which does ...
    (microsoft.public.dotnet.framework.aspnet.webservices)
  • Re: Ability to get/set SOAP body xml data at a client program
    ... you can also use a SoapExtension (without WSE) and get access to the Stream ...
    (microsoft.public.dotnet.framework.webservices.enhancements)
  • Re: WSE 2.0 from the Compact Framework
    ... Way to go, Casey! ... > it has been updated for WSE 2.0 and supports WS-Addressing, ... > i've got an article (with client-side code) that shows how to call every ...
    (microsoft.public.dotnet.framework.webservices.enhancements)