WS_SECURITY_ALGORITHM_SUITE structure (webservices.h)
Defines the security algorithms and key lengths to be used with WS-Security. This setting is relevant to message security bindings and mixed-mode security bindings.
Syntax
typedef struct _WS_SECURITY_ALGORITHM_SUITE {
WS_SECURITY_ALGORITHM_ID canonicalizationAlgorithm;
WS_SECURITY_ALGORITHM_ID digestAlgorithm;
WS_SECURITY_ALGORITHM_ID symmetricSignatureAlgorithm;
WS_SECURITY_ALGORITHM_ID asymmetricSignatureAlgorithm;
WS_SECURITY_ALGORITHM_ID encryptionAlgorithm;
WS_SECURITY_ALGORITHM_ID keyDerivationAlgorithm;
WS_SECURITY_ALGORITHM_ID symmetricKeyWrapAlgorithm;
WS_SECURITY_ALGORITHM_ID asymmetricKeyWrapAlgorithm;
ULONG minSymmetricKeyLength;
ULONG maxSymmetricKeyLength;
ULONG minAsymmetricKeyLength;
ULONG maxAsymmetricKeyLength;
WS_SECURITY_ALGORITHM_PROPERTY *properties;
ULONG propertyCount;
} WS_SECURITY_ALGORITHM_SUITE;
Members
canonicalizationAlgorithm
Algorithm to use for XML canonicalization, such as the exclusive XML canonicalization algorithm. Setting this value to WS_SECURITY_ALGORITHM_DEFAULT will default to WS_SECURITY_ALGORITHM_CANONICALIZATION_EXCLUSIVE.
digestAlgorithm
Algorithm to use for message part digests, such as SHA-1, SHA-256, SHA-384, or SHA-512. Setting this value to WS_SECURITY_ALGORITHM_DEFAULT will default to WS_SECURITY_ALGORITHM_DIGEST_SHA1.
symmetricSignatureAlgorithm
Algorithm to use for message authentication codes (also known as MACs or symmetric signatures) such as HMAC-SHA1, HMAC-SHA256, HMAC-SHA384, or HMAC-SHA512. Setting this value to WS_SECURITY_ALGORITHM_DEFAULT will default to WS_SECURITY_ALGORITHM_SYMMETRIC_SIGNATURE_HMAC_SHA1.
asymmetricSignatureAlgorithm
Algorithm to use for asymmetric signatures. Setting this value to WS_SECURITY_ALGORITHM_DEFAULT will default to WS_SECURITY_ALGORITHM_ASYMMETRIC_SIGNATURE_RSA_SHA1.
encryptionAlgorithm
Algorithm to use for message part encryption. Reserved for future use. Should be set to WS_SECURITY_ALGORITHM_DEFAULT.
keyDerivationAlgorithm
Algorithm to use for deriving keys from other symmetric keys. Setting this value to WS_SECURITY_ALGORITHM_DEFAULT will default to WS_SECURITY_ALGORITHM_KEY_DERIVATION_P_SHA1.
symmetricKeyWrapAlgorithm
Algorithm to use for encrypting symmetric keys with other symmetric keys. Reserved for future use. Should be set to WS_SECURITY_ALGORITHM_DEFAULT.
asymmetricKeyWrapAlgorithm
Algorithm to use for encrypting symmetric keys with asymmetric keys. Setting this value to WS_SECURITY_ALGORITHM_DEFAULT will default to WS_SECURITY_ALGORITHM_ASYMMETRIC_KEYWRAP_RSA_OAEP.
minSymmetricKeyLength
The minimum key length (in bits) of symmetric key security tokens. Setting this value to 0 will default to 128 bits.
maxSymmetricKeyLength
The maximum key length (in bits) of symmetric key security tokens. Setting this value to 0 will default to 512 bits.
minAsymmetricKeyLength
The minimum key length (in bits) of asymmetric key security tokens. Setting this value to 0 will default to 1024 bits.
maxAsymmetricKeyLength
The maximum key length (in bits) of asymmetric key security tokens. Setting this value to 0 will default to 16384 bits.
properties
Algorithm properties. Reserved for future use. Should be set to NULL.
propertyCount
Number of entries in properties array. Reserved for future use. Should be set to 0.
Remarks
When key derivation is used, the key length restrictions apply to the source security token from which the signing or encryption derived token are derived.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows 7 [desktop apps only] |
| Minimum supported server | Windows Server 2008 R2 [desktop apps only] |
| Header | webservices.h |
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for