santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hess Yvan" <Yvan.H...@imtf.ch>
Subject RE: xml encryption/decryption of binary data
Date Tue, 04 Apr 2006 11:50:17 GMT
The problem is that you have to register the Resolver globally to get the content associated
to the URI. In XML signature you can set it for each element you want to verify the signature,
 but in XML encryption you have to set it globally that is not good from my point of view.
 May be the XML Apache security have to do a refactoring of the interface to allow better
library usage. (may not to be conform to jsr-106 specifications) 
 
Regards. Yvan

________________________________

From: Larchier Christophe [mailto:clarchier@axway.com] 
Sent: mardi, 4. avril 2006 12:01
To: security-dev@xml.apache.org
Subject: RE: xml encryption/decryption of binary data


OK.
To decrypt, there is xmlCipher.decryptToByteArray(), but I haven't tested it yet.
 

	-----Message d'origine-----
	De : Hess Yvan [mailto:Yvan.Hess@imtf.ch]
	Envoyé : mardi 4 avril 2006 11:56
	À : security-dev@xml.apache.org
	Objet : RE: xml encryption/decryption of binary data
	
	
	I din't find a way how to encryts external binary data using Apache XML Security. I proceed
in the following way:
	 
	1. I created an encrypted key element using Apache XML Security producing the following result
	 
	   <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
	      <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
	      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
	         <ds:KeyName>SphinxTest</ds:KeyName>
	      </ds:KeyInfo>
	      <xenc:CipherData>
	         <xenc:CipherValue>EHqHZz7s564E/SQSWjvZ49d3fryP7EN+.....</xenc:CipherValue>
	      </xenc:CipherData>
	      <xenc:CarriedKeyName>Generated-AES-SecretKey</xenc:CarriedKeyName>
	   </xenc:EncryptedKey>
	
	 
	2. Then, I created an EncryptedData using XMLCipher.createEncryptedData(CipherData.REFERENCE_TYPE,
uri);
	   <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
	      <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
	      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
	         <ds:KeyName>Generated-AES-SecretKey</ds:KeyName>
	      </ds:KeyInfo>
	      <xenc:CipherData>
	         <xenc:CipherReference URI="urn:hypersuite:534177D3-C0A8027601B4E829-57982AC1"/>
	      </xenc:CipherData>
	   </xenc:EncryptedData>

	 
	3. Then  I have to encrypt the external binary "urn:hypersuite:534177D3-C0A8027601B4E829-57982AC1"
MANUALLY. I didnt find a chance to do it using XML security. It seems that the functionalilty
is implemented into Apache xml-signature but not into Apache xml-encryption. I thing I will
have the same problem for decryption :-)
	 
	Hope it helps you.
	 
	Regards. Yvan
	 
	 
________________________________

	From: Larchier Christophe [mailto:clarchier@axway.com] 
	Sent: mardi, 4. avril 2006 11:37
	To: security-dev@xml.apache.org
	Subject: RE: xml encryption/decryption of binary data
	
	
	
	The binary datas are externals (payloads of SOAP with attachments messages).
	 

		-----Message d'origine-----
		De : Hess Yvan [mailto:Yvan.Hess@imtf.ch]
		Envoyé : mardi 4 avril 2006 11:29
		À : security-dev@xml.apache.org
		Objet : RE: xml encryption/decryption of binary data
		
		
		Where you binary datas are stored ? Inside the XML document or outside the document ? Actualy
I am "using" XML security to encryt external binary data and may be I can help you if you
explain me the problem in detail.
		 
		Regards. Yvan Hess
________________________________

		From: Larchier Christophe [mailto:clarchier@axway.com] 
		Sent: mardi, 4. avril 2006 10:10
		To: security-dev@xml.apache.org
		Subject: RE: xml encryption/decryption of binary data
		
		
		Which package do you refer to ?
		If it's possible, I'd prefer not setting the world on fire.
		 
		Christophe
		 
		 

			-----Message d'origine-----
			De : Martin Labarthe Dubois [mailto:dubois@consist.com.ar]
			Envoyé : lundi 3 avril 2006 20:13
			À : security-dev@xml.apache.org
			Objet : Re: xml encryption/decryption of binary data
			
			
			why don´t you just use Java crypt primitives for that?
			 

				----- Original Message ----- 
				From: Larchier Christophe <mailto:clarchier@axway.com>  
				To: security-dev@xml.apache.org 
				Sent: Friday, March 31, 2006 4:41 AM
				Subject: RE: xml encryption/decryption of binary data

				Nobody uses xml encryption with binary datas ???
				 

					-----Message d'origine-----
					De : Larchier Christophe [mailto:clarchier@axway.com]
					Envoyé : mercredi 29 mars 2006 17:41
					À : security-dev@xml.apache.org
					Objet : xml encryption/decryption of binary data
					
					

					Hi all, 

					When I use apache xml security library to encrypt an xml document like the following
one, the xml header is loosen. 

					<?xml version="1.0" encoding="UTF-8"?> 

					<PurchaseOrder> 
					... 
					</PurchaseOrder> 


					After encrypting/decrypting, I get only : 

					<PurchaseOrder> 
					... 
					</PurchaseOrder> 


					I use the doFinal() method to encrypt/decrypt with the all document as parameter : 
					xmlCipher.doFinal(doc, doc); 


					How do you manage this ? 

					Is it possible to do xml encryption with binary datas ? 
					I have tried to insert my binary datas into a dom document, but some special characters
are added (to replace < > \). 

					Thanks, 
					Christophe 


Mime
View raw message