Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’m posting data to REST URI, in the form of xml snippet with header and body.
The body is encrypted, and then the header includes a digital signature (which is the encypted body hashed with SHA1 and then encrypted.
My question is, how do I create the signature. What is the method used to encrypt – I have been told to use the same shared key as used for the Rinjdael encrypted body.
Thanks
You can do the signing using RSA.
Here’s a link: How to: Sign XML Documents with Digital Signatures
I’m not too sure on using the same key for the encryption as with the signing however, as RSA signing is a public/private key signing method, which allows the signature to be safely created using the private key, and safely verified on the client using the public key only.
As a supplement, Encryption != Hashing. SHA1 is a hashing algorithm, aka. a one-way non-reversible function. Encryption is reversible. Encryption is a two-way function.