Return-Path: Delivered-To: apmail-xml-security-dev-archive@www.apache.org Received: (qmail 45258 invoked from network); 23 Oct 2005 07:37:06 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 23 Oct 2005 07:37:06 -0000 Received: (qmail 55719 invoked by uid 500); 23 Oct 2005 07:37:04 -0000 Delivered-To: apmail-xml-security-dev-archive@xml.apache.org Received: (qmail 55706 invoked by uid 500); 23 Oct 2005 07:37:04 -0000 Mailing-List: contact security-dev-help@xml.apache.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: Reply-To: security-dev@xml.apache.org List-Id: Delivered-To: mailing list security-dev@xml.apache.org Received: (qmail 55695 invoked by uid 99); 23 Oct 2005 07:37:04 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 23 Oct 2005 00:37:04 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests=UNPARSEABLE_RELAY X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: local policy) Received: from [194.25.134.80] (HELO mailout01.sul.t-online.com) (194.25.134.80) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 23 Oct 2005 00:37:02 -0700 Received: from fwd29.aul.t-online.de by mailout01.sul.t-online.com with smtp id 1ETaPK-0000Wi-00; Sun, 23 Oct 2005 09:36:42 +0200 Received: from [84.152.79.210] (Ssa4ZwZZZeL6Y582Tk5DiIC08vccvh1XPFnP9FvOW5xY-5PtTJB76+@[84.152.79.210]) by fwd29.sul.t-online.de with esmtp id 1ETaPE-1UCKga0; Sun, 23 Oct 2005 09:36:36 +0200 Message-ID: <435B3D85.1040906@t-online.de> Date: Sun, 23 Oct 2005 09:36:37 +0200 From: Werner Dittmann User-Agent: Mozilla Thunderbird 1.0.6 (X11/20050716) X-Accept-Language: en-us, en MIME-Version: 1.0 To: security-dev@xml.apache.org Subject: Re: how to specify JCE provider for XML encryption References: <949ac9410510220500i4616f156wd80120904f8156b1@mail.gmail.com> <435A2C36.8070504@t-online.de> <949ac9410510220537g7c5f068aw3411e147acec91e3@mail.gmail.com> In-Reply-To: X-Enigmail-Version: 0.92.0.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-ID: Ssa4ZwZZZeL6Y582Tk5DiIC08vccvh1XPFnP9FvOW5xY-5PtTJB76+ X-TOI-MSGID: 07b3cd9f-e0fa-45ea-86da-7aee9f5535fd X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Alexey, with XMLCipher you can only encrypt/decrypt XML documents according to the W3c standard, using symmetric ciphers. You try to use a public key cipher (assymmetric), such a cipher is used to wrap the symmetric key. Regards, Werner Alexey wrote: > Raul Benito apache.org> writes: > > >>This way of setting the Provider using the JCEMapper, has some bugs(it >>works for digesting/signing but not for crypt/decrypt). >>Anyway I was thinking of deprecating/removing this methods. >>So if more people use it please raise your hands, soon. >> >>On 10/22/05, Werner Dittmann t-online.de> wrote: >> >>>In WSS4J I use the follwing way to define the provider to XML-SEC: >>> >>>JCEMapper.setProviderId(id) >>> >>>This static method sets the Id to use for SIgnature etc. For >>>XMLCipher you must use different methods, look at that: >>> >>>if (provider == null) { >>> xmlCipher = XMLCipher.getInstance(symEncAlgo); >>>} >>>else { >>> xmlCipher = XMLCipher.getProviderInstance(symEncAlgo, provider); >>>} >>> >>>If you like to specify a provider for XMLCipher you have >>>to use a specific getInstance method - see above. The provider >>>in this case is the provider id string, e.g. "BC" for >>>BouncyCastle. >>> >>>regards, >>>Werner > > > > I could not find a way to specify that, for example, algorithm defined as > http://www.w3.org/2001/04/xmlenc#rsa-1_5, should be instantiated with IBMJCE's > cipher "RSA". I tried to modify config.xml according to DTD but it doesn't > seem to work. And I used the method XMLCipher.getProviderInstance(algorithm, > provider). > Cheers, > Alex > > > >