I need to use the RSA-OEAP key transport algorithm instead of the default RSA 1.5
for a HMAC WS-Security signature for selected elements.
I've tried adding the following stylesheet parameter, but it
doesn't get picked up by the default store:///sign-wssec.xsl stylesheet.
I can't use the store:///sign-hmac-wssec.xsl stylesheet. It
doesn't appear to support the creation of a WS-Security 1.1 encrypted key.
Any workarounds for using RSA-OAEP, short of writing my own XSL?
We're running on a DataPower XI50 with firmware rev 126.96.36.199
This topic has been locked.
3 replies Latest Post - 2013-09-10T22:55:58Z by etj
Pinned topic Need to use RSA-OEAP key transport algorithm
Answered question This question has been answered.
Unanswered question This question has not been answered yet.
Updated on 2011-05-09T17:52:58Z at 2011-05-09T17:52:58Z by workOfArt
inestlerode 270001CUTT166 PostsACCEPTED ANSWER
Re: Need to use RSA-OEAP key transport algorithm2011-05-09T14:45:45Z in response to workOfArtRSA OAEP can only be used for encryption and decryption. It cannot be used for signing or verifying. This is an algorithm limitation and not a DataPower limitation. Also it isn't very clear why you are trying to mix RSA and HMAC (you would generally use one but not both of them).
workOfArt 0600005CG52 PostsACCEPTED ANSWER
Re: Need to use RSA-OEAP key transport algorithm2011-05-09T17:52:58Z in response to inestlerodeWhen generating an HMAC signature, a Symmetric Key Type of "Use a Random Key and Encrypt It for the Recipient" is specified. This generates the EncryptedKey element as part of a Sign action with a default EncryptionMethod method of rsa-1_5, I need rsa-oaep-mgf1p.