Submit and vote on feature ideas.

Welcome to the new Parasoft forums! We hope you will enjoy the site and try out some of the new features, like sharing an idea you may have for one of our products or following a category.

XML Encryption using 3DES

LegacyForum
LegacyForum Posts: 1,664 ✭✭
edited December 2016 in SOAtest
can anybody tell me how to use encryption tool to send a secure soap request through the soap client

I want to use 3DES to encrypt the whole message...
I tried it by using the external key option but by any way it was not able to send a encrypted data....

what is the exact method....to send a encryption request

thanks
dhaval
Tagged:

Comments

  • LegacyForum
    LegacyForum Posts: 1,664 ✭✭
    edited December 2003
    Dhaval,

    In order to apply Triple DES encryption algorithm, you need a valid JCEKS key store. Note that with java 1.4.2, a bug was introduced in JCEKS support (not backwards compatible), and Sun says that it will be fixed by 1.5. (SOAPtest 2.5, yet to be released) thus will NOT support JCEKS keystores created with previous java versions.

    To set this up in SOAPtest 2.1 (Nov 4 build) (runs on java 1.4.1_03),
    1) Add Key Store to the Test Suite.
    2) In the Private Key section,
    a) fill in Type: JCEKS
    fill in File - name of keystore file
    c) password
    d) alias
    e) private key password
    3) Send XML Request of SOAP Client to the Encryption Tool.
    4) Choose Triple DES as the algorithm
    5) Choose "Use Key Store" in Key Source. Select the key store added in step 1).
    6) Select "Apply to Entire Document" or the desired XPath to be encrypted.

    Running the test should now correctly encrypt the SOAP Request.

    Let me know if this works for you.
  • LegacyForum
    LegacyForum Posts: 1,664 ✭✭
    hi rockie,

    I really appreciate your help regarding and sorry for replying late ...
    actually I am doing .net stuff
    so what I want to do sending the encrypted soap request with soap client which only understands java base encryption and trying to decrypt with my .net implementation..

    by chance i try to configure keystore ..
    do you have any idea where can I find the key store ?? or am i have to create key store in java

    thanks
    dhaval
  • LegacyForum
    LegacyForum Posts: 1,664 ✭✭
    Dhaval,

    If you do not already have a keystore, you will have to create one. SOAPtest currently only supports symmetric key encryption using Triple DES and AES XXX algorithms. You will have to create a keystore with an asymmetric key and the keystore should be compatible with both Java and .NET encryption. I am not an expert on security, but you may want to look into PKCS#12 type keystores.

    With our next release, we will have a better list of keystores that SOAPtest accepts. Currently, SOAPtest has been tested with only JKS and JCEKS type keystores.
  • LegacyForum
    LegacyForum Posts: 1,664 ✭✭
    Dhaval,

    An easier way to do this if to explicitly type in the key value in the XML Signer GUI. For Triple DES, the valid key length is 128 bits (16 chars). If you know the key, you can bypass using the keystore.