rss
 
comment(s)

archives
J|F|M|A|M|J|J|A|S|O|N|D
(20##) 10 9 8 7 6 5 4 3 2 1 0 <
 
DesktopWeb FormText   AES128 and EntropyTue, 13 Jul 2004 16:19:44 GMT # 

fixed the bug i was having with AES128 yesterday. ended up i was doing CBC padding where i needed to be doing ECB. with that fix, i was able to call the WSE 2.0 samples without having to modify the server side! also, this let me call the WS-SecureConversation sample with Entropy (since the STS cannot be configured to do TripleDES Entropy). the Entropy sample works by generating a random key on the client and passing it as Entroy to the STS, encrypted with RSA. the STS then generates its own random key, and passes that back, AES128 key wrapped with the key passed in the request. the client can decrypt that key wrap with the key it originally passed to the server. the client then does P_SHA1(requestEntropy, responseEntropy) to derive the secure conversation key to securely call the web service.