santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sean Mullan <Sean.Mul...@Sun.COM>
Subject Re: RetrievalMethod in XMLDecrytion
Date Wed, 07 Sep 2005 20:33:28 GMT
I am not familiar with the RetrievalMethodResolver class - however if 
you wait until the next release of XMLSec (1.4), the JSR 105 API will be 
included and it allows you to create your own URIDereferencer 
implementation for resolving RetrievalMethod URIs (of any type).

--Sean

Julien TAUPIN wrote:
> Hi All
>  
> I work with java xmlsecurity 2.1.
>  
> I would like to know to get the EncryptedKey designed by in URI in a 
> in RetrievalMethod element.
> The RetrievalMethod element is a child of a KeyInfo element, itself a 
> child of an EncryptedData element.
>  
> The RetrievalMethodResolver allows only to acces to a public key or a 
> certificate.
>  
> How can I get the EncryptedKey object.
>  
> This is an example of xml document containing this type of element :
>  
> <apache:RootElement xmlns:apache="http://www.apache.org/ns/#app1" 
> xmlns:foo="http://example.org/#foo" attr1="test1" attr2="test2" 
> foo:attr1="foo's test">Some simple text
> <apache:child1 att1="test1"><xenc:EncryptedData 
> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" 
> Type="http://www.w3.org/2001/04/xmlenc#Content"><xenc:EncryptionMethod 
> <http://www.w3.org/2001/04/xmlenc#Content"><xenc:EncryptionMethod> 
> Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"></xenc:EncryptionMethod

> <http://www.w3.org/2001/04/xmlenc#aes128-cbc"></xenc:EncryptionMethod>>
> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> <ds:RetrievalMethod URI='#Recipient1' 
> Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey"/>
> </ds:KeyInfo><xenc:CipherData><xenc:CipherValue>xiubjAmvwjZO0iAddEq4lhOCU2vklbNchHjpyd/I+GA=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></apache:child1><apache:child2

> att1="test1" foo:attr1="foo's test">Child2 : data1
> Child2 : data2
> </apache:child2><apache:child3>3.testtoto
> <apache:child31>31
> </apache:child31><apache:child32>32
> <apache:child321 id="IDtest">321
> </apache:child321></apache:child32></apache:child3>
> <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" 
> Id="Recipient1"><xenc:EncryptionMethod 
> Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"></xenc:EncryptionMethod 
> <http://www.w3.org/2001/04/xmlenc#rsa-1_5"></xenc:EncryptionMethod>>
> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> <ds:X509Data>
> <ds:X509Certificate>
> MIIDSDCCArGgAwIBAgIIGodjBVfpSx8wDQYJKoZIhvcNAQEFBQAwLzERMA8GA1UEAxMIQUMtZW1h
> aWwxDTALBgNVBAoTBGlsZXgxCzAJBgNVBAYTAmZyMB4XDTA1MDEyNzEzMTgyMVoXDTA3MDEyNzEz
> MjgyMVowajEjMCEGCSqGSIb3DQEJARYUYXBwbGF0b29AaWxleC1zaS5jb20xETAPBgNVBAMTCGFw
> cGxhdG9vMREwDwYDVQQqEwhhcHBsYXRvbzEQMA4GA1UEBBMHUmVjZXR0ZTELMAkGA1UEBhMCRlIw
> gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMS2Ki0wv46ZaTp37On5oq6xzs0Cx4fZsKMyZ6cc
> zyxCoAeCY/N/zdPl0Gh0O9yjRXIGknzHgLlr0M2XHZfSDPuRl+2K3Uh6TjCWbNi83zuRsl94U+A+
> bJI2PysB0MVLPEqyX0bgfOaEMtSrqgmfZgjoRwR4oF1ahiM+OHDFuaHLAgMBAAGjggEwMIIBLDAM
> BgNVHRMEBTADAQEAMA8GA1UdDwEB/wQFAwMH8AAwEwYDVR0lBAwwCgYIKwYBBQUHAwQwHQYDVR0O
> BBYEFAnO7NCiFxjdzY3OUly1A10oAq0lMB8GA1UdIwQYMBaAFCAndWWgFYPA1nORAZ8nkitEEeMv
> MDoGA1UdEQQzMDGBFGFwcGxhdG9vQGlsZXgtc2kuY29toBkGCisGAQQBgjcUAgOgCwwJYXBwbGF0
> b29AMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly93d3cuaWxleC5mci9vY3NwL2NybGRwP2NuPUlw
> a2l6eUVtYWlsMDsGCCsGAQUFBwEBBC8wLTArBggrBgEFBQcwAYYfaHR0cDovL3d3dy5pbGV4LmZy
> L29jc3Avb2NzcHNydjANBgkqhkiG9w0BAQUFAAOBgQAibTBDEuEvihNSwSuI5Gncm2OJUBPFVdCg
> N0ESuHnLkrglLG8+JNUaUZFZtDBMY8YzgCDPwEjya27ofRuJg69Op1KBvH77y3xVOAe3tikby0Xs
> 0/U5FPp1Jo0xlczyLZz1C5UBraJRFr6JEsyImE9+r9GGp4va7FptAtuSdvqW1Q==
> </ds:X509Certificate>
> </ds:X509Data>
> </ds:KeyInfo><xenc:CipherData><xenc:CipherValue>PhoahxIVk7XktcsO9/jVFzARACBhgTTck8rH3mHoGItxE8RmNqkjo6xxDNIql0tGZUrzPRcvyTcD
> GnFHaqT1GUpkfD+jxV+kkvouuzT7tocujWVPiX3z40MBbUAhVXAyjuOGM91EY0PRRkuRDzsNWs9C
> 6qjhotc9yyf2Hp1r6d0=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></apache:RootElement>
> 
> Julien TAUPIN,
> 
> ILEX Systèmes Informatiques,
> 
> 51, Bd Voltaire 92 600 ASNIERES (FRANCE),
> 
> Tél : (33-1) 46 88 03 40, Fax (33-1) 46 88 03 41,
> 
> Internet : site _www.ilex-si.com_ 
> <file:///C:/Documents%20and%20Settings/jtau.ILEX/Application%20Data/Microsoft/Signatures/www.ilex-si.com>,

> email _mailto:julien.taupin@ilex-si.com_
> 
>  


Mime
View raw message