santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Werner Dittmann <>
Subject Re: how to specify JCE provider for XML encryption
Date Mon, 24 Oct 2005 19:14:40 GMT

I've used such a mechansims in Apache's WSS4J project:

- generate a symmetric key, e.g. for 3DES
- encrypt some data with this key
- uses RSA/ECB/PKCS1Padding to encrypt this symmetric
  key (not DESedeWarp, this would be used if you encrypt
  - wrap - a key with e.g. 3DES). Alternatively you may
  use RSA-OAEP (also provided by BC) to encrypt the
  generated symmetric key.

The module in WSS4J that uses and implements this is


Alexey wrote:
> Werner Dittmann <Werner.Dittmann <at>> writes:
>>with XMLCipher you can only encrypt/decrypt XML documents
>>according to the W3c standard, using symmetric ciphers.
>>You try to use a public key cipher (assymmetric), such a cipher
>>is used to wrap the symmetric key.
> Hi Werner,
> Actually I tried symmetric (3DES) with the same result. If I were to code to
> standard, I'd still need to get an instance of RSA (assymetric) cipher, would I
> not? To "wrap" the symmetric key. I understand, that BC defined RSA cipher as
> "RSA/ECB/PKCS1Padding" and triple-DES as "DESedeWrap", which can't be found in
> my provider, so the question is has anybody worked around the same issue?
> Thanks,
> Alexey

View raw message