Hi
All
I work with java
xmlsecurity 2.1.
I would like to know
to get the EncryptedKey designed by in URI in a in RetrievalMethod
element.
The RetrievalMethod
element is a child of a KeyInfo element, itself a child of an EncryptedData
element.
The RetrievalMethodResolver
allows only to acces to a public key or a certificate.
How can I get the
EncryptedKey object.
This is an example
of xml document containing this type of element :
<apache:RootElement
xmlns:apache="http://www.apache.org/ns/#app1"
xmlns:foo="http://example.org/#foo"
attr1="test1" attr2="test2" foo:attr1="foo's test">Some simple
text
<apache:child1 att1="test1"><xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Content"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"></xenc:EncryptionMethod>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:RetrievalMethod URI='#Recipient1' Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey"/>
</ds:KeyInfo><xenc:CipherData><xenc:CipherValue>xiubjAmvwjZO0iAddEq4lhOCU2vklbNchHjpyd/I+GA=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></apache:child1><apache:child2 att1="test1" foo:attr1="foo's test">Child2 : data1
Child2 : data2
</apache:child2><apache:child3>3.testtoto
<apache:child31>31
</apache:child31><apache:child32>32
<apache:child321 id="IDtest">321
</apache:child321></apache:child32></apache:child3>
<xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="Recipient1"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"></xenc:EncryptionMethod>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>
MIIDSDCCArGgAwIBAgIIGodjBVfpSx8wDQYJKoZIhvcNAQEFBQAwLzERMA8GA1UEAxMIQUMtZW1h
aWwxDTALBgNVBAoTBGlsZXgxCzAJBgNVBAYTAmZyMB4XDTA1MDEyNzEzMTgyMVoXDTA3MDEyNzEz
MjgyMVowajEjMCEGCSqGSIb3DQEJARYUYXBwbGF0b29AaWxleC1zaS5jb20xETAPBgNVBAMTCGFw
cGxhdG9vMREwDwYDVQQqEwhhcHBsYXRvbzEQMA4GA1UEBBMHUmVjZXR0ZTELMAkGA1UEBhMCRlIw
gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMS2Ki0wv46ZaTp37On5oq6xzs0Cx4fZsKMyZ6cc
zyxCoAeCY/N/zdPl0Gh0O9yjRXIGknzHgLlr0M2XHZfSDPuRl+2K3Uh6TjCWbNi83zuRsl94U+A+
bJI2PysB0MVLPEqyX0bgfOaEMtSrqgmfZgjoRwR4oF1ahiM+OHDFuaHLAgMBAAGjggEwMIIBLDAM
BgNVHRMEBTADAQEAMA8GA1UdDwEB/wQFAwMH8AAwEwYDVR0lBAwwCgYIKwYBBQUHAwQwHQYDVR0O
BBYEFAnO7NCiFxjdzY3OUly1A10oAq0lMB8GA1UdIwQYMBaAFCAndWWgFYPA1nORAZ8nkitEEeMv
MDoGA1UdEQQzMDGBFGFwcGxhdG9vQGlsZXgtc2kuY29toBkGCisGAQQBgjcUAgOgCwwJYXBwbGF0
b29AMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly93d3cuaWxleC5mci9vY3NwL2NybGRwP2NuPUlw
a2l6eUVtYWlsMDsGCCsGAQUFBwEBBC8wLTArBggrBgEFBQcwAYYfaHR0cDovL3d3dy5pbGV4LmZy
L29jc3Avb2NzcHNydjANBgkqhkiG9w0BAQUFAAOBgQAibTBDEuEvihNSwSuI5Gncm2OJUBPFVdCg
N0ESuHnLkrglLG8+JNUaUZFZtDBMY8YzgCDPwEjya27ofRuJg69Op1KBvH77y3xVOAe3tikby0Xs
0/U5FPp1Jo0xlczyLZz1C5UBraJRFr6JEsyImE9+r9GGp4va7FptAtuSdvqW1Q==
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo><xenc:CipherData><xenc:CipherValue>PhoahxIVk7XktcsO9/jVFzARACBhgTTck8rH3mHoGItxE8RmNqkjo6xxDNIql0tGZUrzPRcvyTcD
GnFHaqT1GUpkfD+jxV+kkvouuzT7tocujWVPiX3z40MBbUAhVXAyjuOGM91EY0PRRkuRDzsNWs9C
6qjhotc9yyf2Hp1r6d0=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></apache:RootElement>
<apache:child1 att1="test1"><xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Content"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"></xenc:EncryptionMethod>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:RetrievalMethod URI='#Recipient1' Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey"/>
</ds:KeyInfo><xenc:CipherData><xenc:CipherValue>xiubjAmvwjZO0iAddEq4lhOCU2vklbNchHjpyd/I+GA=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></apache:child1><apache:child2 att1="test1" foo:attr1="foo's test">Child2 : data1
Child2 : data2
</apache:child2><apache:child3>3.testtoto
<apache:child31>31
</apache:child31><apache:child32>32
<apache:child321 id="IDtest">321
</apache:child321></apache:child32></apache:child3>
<xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="Recipient1"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"></xenc:EncryptionMethod>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>
MIIDSDCCArGgAwIBAgIIGodjBVfpSx8wDQYJKoZIhvcNAQEFBQAwLzERMA8GA1UEAxMIQUMtZW1h
aWwxDTALBgNVBAoTBGlsZXgxCzAJBgNVBAYTAmZyMB4XDTA1MDEyNzEzMTgyMVoXDTA3MDEyNzEz
MjgyMVowajEjMCEGCSqGSIb3DQEJARYUYXBwbGF0b29AaWxleC1zaS5jb20xETAPBgNVBAMTCGFw
cGxhdG9vMREwDwYDVQQqEwhhcHBsYXRvbzEQMA4GA1UEBBMHUmVjZXR0ZTELMAkGA1UEBhMCRlIw
gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMS2Ki0wv46ZaTp37On5oq6xzs0Cx4fZsKMyZ6cc
zyxCoAeCY/N/zdPl0Gh0O9yjRXIGknzHgLlr0M2XHZfSDPuRl+2K3Uh6TjCWbNi83zuRsl94U+A+
bJI2PysB0MVLPEqyX0bgfOaEMtSrqgmfZgjoRwR4oF1ahiM+OHDFuaHLAgMBAAGjggEwMIIBLDAM
BgNVHRMEBTADAQEAMA8GA1UdDwEB/wQFAwMH8AAwEwYDVR0lBAwwCgYIKwYBBQUHAwQwHQYDVR0O
BBYEFAnO7NCiFxjdzY3OUly1A10oAq0lMB8GA1UdIwQYMBaAFCAndWWgFYPA1nORAZ8nkitEEeMv
MDoGA1UdEQQzMDGBFGFwcGxhdG9vQGlsZXgtc2kuY29toBkGCisGAQQBgjcUAgOgCwwJYXBwbGF0
b29AMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly93d3cuaWxleC5mci9vY3NwL2NybGRwP2NuPUlw
a2l6eUVtYWlsMDsGCCsGAQUFBwEBBC8wLTArBggrBgEFBQcwAYYfaHR0cDovL3d3dy5pbGV4LmZy
L29jc3Avb2NzcHNydjANBgkqhkiG9w0BAQUFAAOBgQAibTBDEuEvihNSwSuI5Gncm2OJUBPFVdCg
N0ESuHnLkrglLG8+JNUaUZFZtDBMY8YzgCDPwEjya27ofRuJg69Op1KBvH77y3xVOAe3tikby0Xs
0/U5FPp1Jo0xlczyLZz1C5UBraJRFr6JEsyImE9+r9GGp4va7FptAtuSdvqW1Q==
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo><xenc:CipherData><xenc:CipherValue>PhoahxIVk7XktcsO9/jVFzARACBhgTTck8rH3mHoGItxE8RmNqkjo6xxDNIql0tGZUrzPRcvyTcD
GnFHaqT1GUpkfD+jxV+kkvouuzT7tocujWVPiX3z40MBbUAhVXAyjuOGM91EY0PRRkuRDzsNWs9C
6qjhotc9yyf2Hp1r6d0=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></apache:RootElement>
Julien TAUPIN,
ILEX Systèmes Informatiques,
51, Bd Voltaire 92 600 ASNIERES (FRANCE),
Tél : (33-1) 46 88 03 40, Fax (33-1) 46 88 03 41,
Internet : site
www.ilex-si.com, email mailto:[EMAIL PROTECTED]