Here's how I create the algorithm in my security token.
I first get a regular Symmetric algorithm
//algorithmName is a string representing the..uh...algorithm ("Rijndael"
for aes)
SymmetricAlgorithm alg = SymmetricAlgorithm.Create(algorithmName);
alg.KeySize = key.Length * 8;
alg.Key = key;
alg.IV = iv;
if you are GENERATING the key/iv, call GenerateKey(), GenerateIV() on the
SymmetricAlgorithm
Then on your Custom token class (mine supports AES128/192/256 and 3des, depending
on client/server negotiation)
public override KeyAlgorithm Key
{
get
{
if (m_KeyAlgorithm != null) return m_KeyAlgorithm;
if (this.m_SymmetricAlgorithm is Rijndael)
{
switch(this.m_SymmetricAlgorithm.KeySize)
{
case 128:
this.m_KeyAlgorithm = new AES128((Rijndael)this.m_SymmetricAlgorithm);
break;
case 192:
this.m_KeyAlgorithm = new AES192((Rijndael)this.m_SymmetricAlgorithm);
break;
case 256:
this.m_KeyAlgorithm = new AES256((Rijndael)m_SymmetricAlgorithm);
break;
default:
throw(new InvalidOperationException("" + this.m_SymmetricAlgorithm.KeySize
+ " is not a valid key length"));
break;
}
}
else if (this.m_SymmetricAlgorithm is System.Security.Cryptography.TripleDES)
{
this.m_KeyAlgorithm = new Microsoft.Web.Services2.Security.Cryptography.TripleDES(this.m_SymmetricAlgorithm);
}
return this.m_KeyAlgorithm;
}
}
[quoted text, click to view] > Hi everyone,
>
> I'm wanting to encrypt the soap body using the username token (i'm
> using WSE 2 SP3), and it has worked. However my colleague is using PHP
> and is wanting to decrypt the soap message however we are not sure how
> the key and IV for the aes encryption is created. Does anyone know how
> it generates the key and IV for the encryption ? I have looked
> everywhere and can't seem to find anything about it, or anyone who
> knows.
>
> James
>
