Topic
  • 1 reply
  • Latest Post - ‏2013-04-18T15:05:03Z by JoeMorganNTST
JoeMorganNTST
JoeMorganNTST
427 Posts

Pinned topic How to validate an hmac-sha1 signature?

‏2013-04-16T21:18:56Z |

XI52 on 5.0.0.3

My client is using WCF to sign a SOAP message with a "hmac-sha1" signature.  The validate action fails with

store:///dp/ws-sx-utils.xsl:720: Cannot convert this value to a nodeset

Of course, I cannot see that XSL, so I have no idea what is wrong, if anything, in the message.

So, how do I validate an hmac signature? 

The validate action is configured to validate hmac signatures, and I see nothing in the advanced settings that suggests I need to do anything else.

I do see 2 signatures in the message.  The first, the "hmac" signature, is definitely the one used to sign the message. Then there is an rsa signature, apparently used to sign the hmac signature??? I really don't know as I've never seen this kind of thing before.

My client is saying they cannot sign with standard RSA type signature, and I don't know WCF and cannot suggest how they can do that.

So, I really need to know one of two things.  How to get WCF to sign only with RSA and X509, or how to configure datapower to properly validate the hmac signature.

 

  • JoeMorganNTST
    JoeMorganNTST
    427 Posts
    ACCEPTED ANSWER

    Re: How to validate an hmac-sha1 signature?

    ‏2013-04-18T15:05:03Z  

    I can only suspect that whatever the WCF configuration was, we could not figure out how to match it on the DataPower side.  I convinced them to change it back to an RSA signature.

  • JoeMorganNTST
    JoeMorganNTST
    427 Posts

    Re: How to validate an hmac-sha1 signature?

    ‏2013-04-18T15:05:03Z  

    I can only suspect that whatever the WCF configuration was, we could not figure out how to match it on the DataPower side.  I convinced them to change it back to an RSA signature.