Versions Compared

Old Version 6

changes.mady.by.user Bogdan DUMITRIU

Saved on

compared with

New Version Current

changes.mady.by.user Bogdan DUMITRIU

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Here are the available artefacts (not meant for production!):

  • eu.europa.ec.edelivery.apache.santuario:xmlsec:3.0.5-RC01
  • eu.europa.ec.edelivery.apache.wss4j:*:3.0.4-RC01RC02 (See the note below about the release of a new version)
  • eu.europa.ec.edelivery.apache.cxf:*:4.0.5-RC01

...

  • notify us if you use these libraries so that we can let you know in case a new version is published or in case you can switch to the official Apache ones once they are officially released. (In case we publish new versions, they will have increasing -RCx suffixes.)
  • share your feedback
  • ask for support


Important note: New version of eu.europa.ec.edelivery.apache.wss4j:*:3.0.4-RC02

On 12 June 2024, a new version of Apache WSS4J was released: eu.europa.ec.edelivery.apache.wss4j:*:3.0.4-RC02

This updated library enhances incoming message validation for key agreement and key derivation functions. By utilizing the new library, you can configure a WSS4JInInterceptor on the receiving side to validate required algorithms, including encryption algorithms, key wrapping algorithms, agreement methods, and key derivation functions.

Code Block
languagejava
titleWSS4JInInterceptor
...
Map<String, Object> inProperties = new HashMap<>();
inProperties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SIGNATURE
        + " " + ConfigurationConstants.ENCRYPTION);
inProperties.put(ConfigurationConstants.SIG_VER_PROP_FILE, "****");
inProperties.put(ConfigurationConstants.USER, signAlias);

// validation of incoming message
inProperties.put(ConfigurationConstants.ENC_SYM_ALGO, WSS4JConstants.AES_128_GCM);
inProperties.put(ConfigurationConstants.ENC_KEY_TRANSPORT, WSS4JConstants.KEYWRAP_AES128);
inProperties.put(ConfigurationConstants.ENC_KEY_AGREEMENT_METHOD, WSS4JConstants.AGREEMENT_METHOD_X25519);
inProperties.put(ConfigurationConstants.ENC_KEY_DERIVATION_FUNCTION, WSS4JConstants.KEYDERIVATION_HKDF);
....


Crypto tool

This crypto tool simulates a lightweight Access Point which can be used to generate and verify security headers (signature and encryption) of the AS4 UserMessage using the eDelivery AS4 2.0 profile.

...

The crypto tool can be downloaded from Nexus and you can find the source code in BitBucket. In order to use the crypto tool please follow the instructions.

...