May not to provide a method for crypting external references as you have the pending to decrypt an external reference "xmlCipher.decryptToByteArray()". Moreover, why not to allow to set a URI resolver to XMLCipher. In XML signature you can set it for each element you want to verify the signature, but in XML encryption you have to set it globally that is not good from my point of view (same URI resolver can change depending of the context you are).
Regards. Yvan Hess -----Original Message----- From: Berin Lautenbach [mailto:[EMAIL PROTECTED] Sent: mardi, 4. avril 2006 12:06 To: [email protected] Subject: Re: xml encryption/decryption of binary data Hess Yvan wrote: > 3. Then I have to encrypt the external binary > "urn:hypersuite:534177D3-C0A8027601B4E829-57982AC1" MANUALLY. I didnt > find a chance to do it using XML security. It seems that the > functionalilty is implemented into Apache xml-signature but not into > Apache xml-encryption. I thing I will have the same problem for > decryption :-) The reason it currently has to be done manually is that encryption is very different to reading a URL for signing. For signature, we just read the reference URL and create the signature completely separately - it does not impact the source data in any way. In the encryption case, we not only have to read the data from the URL, we have to overwrite it with the encrypted data. There are cases where that's possible, but it's definitely not trivial! I can't speak for the Java library off the top of my head, but the C++ library allows you to decrypt. However the return data is a byte stream - not an overwrite of the referenced URL. Cheers, Berin
