nc="
>> http://www.w3.org/2001/04/xmlenc#";>
>>http://www.w3.org/2001/04/xmlenc#kw-tripledes"; xmlns:xenc="
>> http://www.w3.org/2001/04/xmlenc#"/>
>>http://www.w3.org/2001/04/xmlenc#";>
>>http://www.w3.org/2001/04/xmlenc#
>>
http://www.w3.org/2001/04/xmlenc#";>
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";>mblZKJ25HspqQopvfwUELnbE1hqrKDt54N849eksaQBMZZ4FgWf+N4HYTyA87GLh0m+bZSt3JtlX
GWmPx395ZyGVGEaz3Ic7LoBK+65DSjkmWqKGt1XHSuqpSOK3UKdB4skLqnv7Ji48tmpyHF513Q==
In the X
04/xmlenc#
">mblZKJ25HspqQopvfwUELnbE1hqrKDt54N849eksaQBMZZ4FgWf+N4HYTyA87GLh0m+bZSt3JtlX
GWmPx395ZyGVGEaz3Ic7LoBK+65DSjkmWqKGt1XHSuqpSOK3UKdB4skLqnv7Ji48tmpyHF513Q==
In the XML encryption spec, link here:
http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.html#sec-Extensions-to-KeyInfo
*&q
Jean-Luc Cooke wrote:
http://xml.apache.org/security/Java/index.html
Says:
"Version 1.1 released on 7 April 2004. Includes a beta implementation of
XML Encryption together with minor bug fixes for the XML Signature code."
Does that mean 1.3 is also only Beta XML encryption suppor
http://xml.apache.org/security/Java/index.html
Says:
"Version 1.1 released on 7 April 2004. Includes a beta implementation of
XML Encryption together with minor bug fixes for the XML Signature code."
Does that mean 1.3 is also only Beta XML encryption support?
Cheers,
JLC
> You need to set preserveWhiteSpace(true) or
> something similar to your XML parser (Xerces, MSXML...)
> and force it not to do pretty printing.
Or, even better, change this line:
getElementsbyTagName.item(0).getFirstChild().getValue()
into:
getElementsbyTagName("MyElement").item(0).getElemen
It seems that your document was "changed/modified" a little bit (after
decryption). By modified, I
mean, that it was "pretty printed". This:
some text
was changed into:
some text
Code "getElementsbyTagName.item(0).getFirstChild().getValue()" returns first
node and in your case
it is (nod
Hi,I have an application which sends an encrypted XML document (only a single element is encrypted) to another process over SSL. I am able to encrypt, decrypt and recover data as long as I am within the same application but when I trasnmit the file over SSL, problems arise.
The other end decrypts t
t;empty", ise);
} catch (IllegalBlockSizeException ibse) {
throw new XMLEncryptionException("empty", ibse);
} catch (BadPaddingException bpe) {
throw new XMLEncryptionException("empty", bpe);
}
// Now build up to a pro
signature, but in XML encryption you have
to set it globally that is not good from my point of view (same URI
resolver can change depending of the context you are).
Regards. Yvan Hess
-Original Message-
From: Berin Lautenbach [mailto:[EMAIL PROTECTED]
Sent: mardi, 4. avril 2006 12:06
To
Title: xml encryption/decryption of binary data
The problem is that you have to register the Resolver
globally to get the content associated to the URI. In XML signature you can
set it for each element you want to verify the signature, but in XML
encryption you have to set it globally that
Hess Yvan wrote:
> 3. Then I have to encrypt the external binary
> "urn:hypersuite:534177D3-C0A8027601B4E829-57982AC1" MANUALLY. I didnt
> find a chance to do it using XML security. It seems that the
> functionalilty is implemented into Apache xml-signature but not into
&
Title: xml encryption/decryption of binary data
OK.
To
decrypt, there is xmlCipher.decryptToByteArray(), but I haven't tested it
yet.
-Message d'origine-De : Hess Yvan
[mailto:[EMAIL PROTECTED]Envoyé : mardi 4 avril 2006
11:56À : security-dev@xml.apache.orgObj
Title: xml encryption/decryption of binary data
I din't find a way how to encryts external binary data
using Apache XML Security. I proceed in the following way:
1. I created an encrypted key element using Apache XML
Security producing the following result
http://www.w3.org/20
XML documents.
A23B45C56
-Message d'origine-
De : Berin Lautenbach [mailto:[EMAIL PROTECTED]
Envoyé : mardi 4 avril 2006 11:24
À : security-dev@xml.apache.org
Objet : Re: xml encryption/decryption of binary data
Larchier Christophe wrote:
> I sign
Lautenbach [mailto:[EMAIL PROTECTED]
Envoyé : mardi 4 avril 2006 11:24
À : security-dev@xml.apache.org
Objet : Re: xml encryption/decryption of binary data
Larchier Christophe wrote:
> I sign with XML Signature.
> Note that canonicalization is not allowed.
Then it's not truly XML signatur
Title: xml encryption/decryption of binary data
The binary datas are externals (payloads of SOAP with attachments
messages).
-Message d'origine-De : Hess Yvan
[mailto:[EMAIL PROTECTED]Envoyé : mardi 4 avril 2006
11:29À : security-dev@xml.apache.orgObjet :
RE
Title: xml encryption/decryption of binary data
Where you binary
datas are stored ? Inside the XML document or outside the document ? Actualy I
am "using" XML security to encryt external binary data and may be
I can help you if you explain me the problem in detail.
Regards.
Larchier Christophe wrote:
> I sign with XML Signature.
> Note that canonicalization is not allowed.
Then it's not truly XML signature. Without canonicalisation you run
into the problems that you are seeing. So the only real way past is to
treat your document as a byte stream rather than an XML
Title: xml encryption/decryption of binary data
Which
package do you refer to ?
If
it's possible, I'd prefer not setting the world on fire.
Christophe
-Message d'origine-De : Martin Labarthe Dubois
[mailto:[EMAIL PROTECTED]Envoyé : lundi 3 avril 2006
20
Title: xml encryption/decryption of binary data
why don´t you just use Java crypt primitives for
that?
- Original Message -
From:
Larchier
Christophe
To: security-dev@xml.apache.org
Sent: Friday, March 31, 2006 4:41
AM
Subject: RE: xml encryption/decryption of
I sign with XML Signature.
Note that canonicalization is not allowed.
Christophe
-Message d'origine-
De : Berin Lautenbach [mailto:[EMAIL PROTECTED]
Envoyé : samedi 1 avril 2006 12:09
À : security-dev@xml.apache.org
Objet : Re: xml encryption/decryption of binary data
Lar
Larchier Christophe wrote:
> I have to sign then encrypt the documents, so they must be exactly the same
> before and after encryption/decryption.
> If the start document has an xml header, the finish document must have the
> xml header (even if it is superfluous).
>
>
> Now, as the 2 docume
uot;http://www.w3.org/2001/04/xmlenc#Content";), but
> there is still the problem of base64 encoding/decoding.
>
> Do you have a better idea/solution ?
>
> Christophe
>
>
>
>
> -Message d'origine-
> De : Berin Lautenbach [mailto:[EMAIL PRO
nt";), but
> there is still the problem of base64 encoding/decoding.
>
> Do you have a better idea/solution ?
>
> Christophe
>
>
>
>
> -----Message d'origine-
> De : Berin Lautenbach [mailto:[EMAIL PROTECTED]
> Envoyé : vendredi 31 mars 2006 10:5
TED]
Envoyé : vendredi 31 mars 2006 10:59
À : security-dev@xml.apache.org
Objet : Re: xml encryption/decryption of binary data
Christophe,
I'm not 100% sure I understand the problems, but I'll try to give some
thoughts.
The xml header is added (or not added) as part of the serialisation
4) and then add it. The resultant XML can
then be encrypted.
The alternative is to place the binary data in a separate file and have
a reference to that file in the XML document. But I don't think that is
quite what you want.
Cheers,
Berin
Larchier Christophe wrote:
> Nobody u
Title: xml encryption/decryption of binary data
Nobody
uses xml encryption with binary datas ???
-Message d'origine-De : Larchier Christophe
[mailto:[EMAIL PROTECTED]Envoyé : mercredi 29 mars 2006
17:41À : security-dev@xml.apache.orgObjet :
xml encryption/decrypti
Title: xml encryption/decryption of binary data
Hi all,
When I use apache xml security library to encrypt an xml document like the following one, the xml header is loosen.
...
After encrypting/decrypting, I get only :
...
I use the doFinal() method to encrypt/decrypt
Depends on the Sun JDK version being used. AFAIK, 1.4.2 does not
support both DESede/CBC/ISO10126Padding or RSA/ECB/PKCS1Padding, but
1.5 does.
Regarding instantiating XMLCipher (for performing XML encryption) for a
given algorithm and provider combination
XMLCipher.getProviderInstance
: news [mailto:[EMAIL PROTECTED] Im Auftrag von Alexey
> Gesendet: Montag, 24. Oktober 2005 22:11
> An: security-dev@xml.apache.org
> Betreff: Re: how to specify JCE provider for XML encryption
>
>
> Werner Dittmann t-online.de> writes:
>
> >
> > Alexey,
> &
t; -Message d'origine-
> De : Raul Benito [mailto:[EMAIL PROTECTED]
> Envoyé : samedi 22 octobre 2005 14:37
> À : security-dev@xml.apache.org
> Objet : Re: how to specify JCE provider for XML encryption
>
> This way of setting the Provider using the JCEMapper, has som
Werner Dittmann t-online.de> writes:
>
> Alexey,
>
> I've used such a mechansims in Apache's WSS4J project:
>
> - generate a symmetric key, e.g. for 3DES
> - encrypt some data with this key
> - uses RSA/ECB/PKCS1Padding to encrypt this symmetric
> key (not DESedeWarp, this would be used if y
Alexey,
I've used such a mechansims in Apache's WSS4J project:
- generate a symmetric key, e.g. for 3DES
- encrypt some data with this key
- uses RSA/ECB/PKCS1Padding to encrypt this symmetric
key (not DESedeWarp, this would be used if you encrypt
- wrap - a key with e.g. 3DES). Alternatively
Werner Dittmann t-online.de> writes:
>
> Alexey,
>
> with XMLCipher you can only encrypt/decrypt XML documents
> according to the W3c standard, using symmetric ciphers.
>
> You try to use a public key cipher (assymmetric), such a cipher
> is used to wrap the symmetric key.
>
> Regards,
> Wern
di 22 octobre 2005 14:37
À : security-dev@xml.apache.org
Objet : Re: how to specify JCE provider for XML encryption
This way of setting the Provider using the JCEMapper, has some bugs(it works
for digesting/signing but not for crypt/decrypt).
Anyway I was thinking of deprecating/removing this methods.
Alexey,
with XMLCipher you can only encrypt/decrypt XML documents
according to the W3c standard, using symmetric ciphers.
You try to use a public key cipher (assymmetric), such a cipher
is used to wrap the symmetric key.
Regards,
Werner
Alexey wrote:
> Raul Benito apache.org> writes:
>
>
>>T
Raul Benito apache.org> writes:
>
> This way of setting the Provider using the JCEMapper, has some bugs(it
> works for digesting/signing but not for crypt/decrypt).
> Anyway I was thinking of deprecating/removing this methods.
> So if more people use it please raise your hands, soon.
>
> On 10/
Raul,
is there any better way to do it or will you introduce a new
method to specify a provider?
Regards,
Werner
Raul Benito wrote:
> This way of setting the Provider using the JCEMapper, has some bugs(it
> works for digesting/signing but not for crypt/decrypt).
> Anyway I was thinking of deprec
This way of setting the Provider using the JCEMapper, has some bugs(it
works for digesting/signing but not for crypt/decrypt).
Anyway I was thinking of deprecating/removing this methods.
So if more people use it please raise your hands, soon.
On 10/22/05, Werner Dittmann <[EMAIL PROTECTED]> wrote
In WSS4J I use the follwing way to define the provider to XML-SEC:
JCEMapper.setProviderId(id)
This static method sets the Id to use for SIgnature etc. For
XMLCipher you must use different methods, look at that:
if (provider == null) {
xmlCipher = XMLCipher.getInstance(symEncAlgo);
}
else {
This provider.properties is a relic of the old days. Right now is not
used anymore. (TODO: remove it from the CVS).
Right now the xml-sec use the standard java way of getting a JCE Provider.
Look at
http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html#Provider
for more info.
Regards
Hello,
Can anybody please, navigate me through the process? We're using various JCE
providers, such as SunJCE, IBMJCE. How do I specify particaluar provider and/or
cipher algorithm? Any changes I make to config.xml are ignored and, after
checking the source code I don't see how the following elemen
I am trying using xml encryption syntax to encrypte an external file. For
decryption, xml secruity provide the automatically resoruce solver to get
the external encrypted file; but seems to me the encryption method doesn't
automatcially follow the cipher reference to the external plain
EMAIL PROTECTED]'
Betreff: AW: XML-Encryption
Juergen,
some time ago I had the same problem. The problem was that
the public key size was to small to encrypt my symmetric
key. "Small" means: I used a PKI with a keysize of 512 bits
only, after switching to 1024 it was ok.
The PKI alg
ht-
> Von: Dittmann Werner [mailto:[EMAIL PROTECTED]
> Gesendet: Montag, 20. September 2004 17:55
> An: '[EMAIL PROTECTED]'
> Betreff: AW: XML-Encryption
>
>
> Juergen,
>
> some time ago I had the same problem. The problem was that
> the public key si
en Key [mailto:[EMAIL PROTECTED]
> Gesendet: Montag, 20. September 2004 15:14
> An: [EMAIL PROTECTED]
> Betreff: XML-Encryption
>
>
> Hi, there,
>
> hope anyone has had the following problem and knows a solution
>
> I want to send a certificate by signing a XML documen
Hi, there,
hope anyone has had the following problem and knows a solution
I want to send a certificate by signing a XML document. The other party
shall answer
with an encrypted XML document (encrypted, that is, with the public key
contained in my certificate).
This means i use the public key as k
Vishal's solution made it.
So currently, if one wishes to use a keystore and a assymetric key-pair
to encrypt the symetric key, the only thing to pay attention to is :
1) generate keys using the appropriate algorythm , i.e. keytool
...-keyalg "RSA...
2) use the good XmlCipher Algorythm : XmlCiphe
Carpe Sebastien wrote:
This is a newbie question on xml-security usage. If i'm targetting the
wrong list, please redirect me and forgive me the buzz.
The wholme project is java. I'm using xmlsec-1.1.0, xerces 2.6.2, and
the last bouncy-castle (downloaded yesterday - Aug, 9th)
Here is what i'd li
This is a newbie question on xml-security usage. If i'm targetting the
wrong list, please redirect me and forgive me the buzz.
The wholme project is java. I'm using xmlsec-1.1.0, xerces 2.6.2, and
the last bouncy-castle (downloaded yesterday - Aug, 9th)
Here is what i'd like to do :
- Encrypt a
1.04 does NOT contain the XMLCipher class
at all, and so my build from CVS is probably more useful in terms of actually
getting a working demo of encryption with Xml Security. Is this correct?
Absolutely correct. 1.04 did not have any of the new XML Encryption
code - only some alpha code that
Thanks Berin. I got all the stuff from CVS, got the config.xml to load
correctly (whew), and now XMLCipherTester is working for 5 out of 9 tests,
which is good enough for my purposes for now.
If I am not completely lost, version 1.04 does NOT contain the XMLCipher class
at all, and so my build
Daniel,
I'm not too sure how far back you are going with the version you were
using. But Axl started a complete rewrite that got incorporated into
the library (replacing the old alpha code) about 6 months ago (I think -
my memory for dates is shocking :>).
You might also want to have a look i
Thanks Berin. It's true, it's hard to figure out how to get these things
working since the classes have changed A LOT.
I can see how the constants have been moved to the config.xml and later appear
in the EncryptionConstants class, but I don't understand how the XmlCipher (in
the older version
Daniel,
Vishal provided twp samples for this.
Have a look-see at
http://cvs.apache.org/viewcvs.cgi/xml-security/src_samples/org/apache/xml/security/samples/encryption/
Both these are in the 1.1 release, but it looks like I may be about to
re-package that, so I hesitate to point you to it.
Che
I'm sure this is a repeat question, but I can only see two weeks of this list.
Please help:
Using Apache XML Security I can sucessfully create and verify a signature, but
I don't have sample code for encrypting (and decrypting) with the lib. Can
anybody give me some sample code, please? Any co
I'm currently evaluating implementations of the W3C XML Enc/Sig.
specifications.
I don't envy you :-)
I've seen an example for XML Encryption using Apache XML Security. It
uses the class XMLCipher.
This class is not included in Version 1.04 and 1.05D2. Neither did I
find an example
Hello everybody,
I'm currently evaluating implementations of the W3C XML Enc/Sig.
specifications.
I've seen an example for XML Encryption using Apache XML Security. It
uses the class XMLCipher.
This class is not included in Version 1.04 and 1.05D2. Neither did I
find an example for enc
Hi,
I recently succesfully finished a test with XML Encryption for our
project and am currently creating something that uses JAXB together with
XML Encryption. I ran into a problem with this however when doing
decryption. I have following encrypted block in my XML (removed the
CypherValue to save
S source.)
Cheers,
Berin
>
>When will be XML Encryption 1.00 released?
>
> Thanks,
> Milan
Title: [c++] XML Encryption
When will be XML Encryption 1.00 released?
Thanks,
Milan
62 matches
Mail list logo
