Ok thanks. So for the moment I can say that the RetrievalMethod is not supported by XmlSec ?
I tried to see how to perform the resolution of the URI by myself, but I don't have found a simple method to perform this. Julien -----Message d'origine----- De : Sean Mullan [mailto:[EMAIL PROTECTED] Envoyé : mercredi 7 septembre 2005 22:33 À : security-dev@xml.apache.org Objet : Re: RetrievalMethod in XMLDecrytion I am not familiar with the RetrievalMethodResolver class - however if you wait until the next release of XMLSec (1.4), the JSR 105 API will be included and it allows you to create your own URIDereferencer implementation for resolving RetrievalMethod URIs (of any type). --Sean Julien TAUPIN wrote: > Hi All > > I work with java xmlsecurity 2.1. > > I would like to know to get the EncryptedKey designed by in URI in a > in RetrievalMethod element. > The RetrievalMethod element is a child of a KeyInfo element, itself a > child of an EncryptedData element. > > The RetrievalMethodResolver allows only to acces to a public key or a > certificate. > > How can I get the EncryptedKey object. > > This is an example of xml document containing this type of element : > > <apache:RootElement xmlns:apache="http://www.apache.org/ns/#app1"; > xmlns:foo="http://example.org/#foo"; attr1="test1" attr2="test2" > foo:attr1="foo's test">Some simple text > <apache:child1 att1="test1"><xenc:EncryptedData > xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; > Type="http://www.w3.org/2001/04/xmlenc#Content";><xenc:EncryptionMethod > <http://www.w3.org/2001/04/xmlenc#Content";><xenc:EncryptionMethod> > Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc";></xenc:Encrypt > ionMethod > <http://www.w3.org/2001/04/xmlenc#aes128-cbc";></xenc:EncryptionMethod> > > <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> > <ds:RetrievalMethod URI='#Recipient1' > Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey"/> > </ds:KeyInfo><xenc:CipherData><xenc:CipherValue>xiubjAmvwjZO0iAddEq4lh > OCU2vklbNchHjpyd/I+GA=</xenc:CipherValue></xenc:CipherData></xenc:Encr > yptedData></apache:child1><apache:child2 > att1="test1" foo:attr1="foo's test">Child2 : data1 > Child2 : data2 > </apache:child2><apache:child3>3.testtoto > <apache:child31>31 > </apache:child31><apache:child32>32 > <apache:child321 id="IDtest">321 > </apache:child321></apache:child32></apache:child3> > <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; > Id="Recipient1"><xenc:EncryptionMethod > Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5";></xenc:Encryption > Method > <http://www.w3.org/2001/04/xmlenc#rsa-1_5";></xenc:EncryptionMethod>> > <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> > <ds:X509Data> > <ds:X509Certificate> > MIIDSDCCArGgAwIBAgIIGodjBVfpSx8wDQYJKoZIhvcNAQEFBQAwLzERMA8GA1UEAxMIQU > MtZW1h > aWwxDTALBgNVBAoTBGlsZXgxCzAJBgNVBAYTAmZyMB4XDTA1MDEyNzEzMTgyMVoXDTA3MD > EyNzEz > MjgyMVowajEjMCEGCSqGSIb3DQEJARYUYXBwbGF0b29AaWxleC1zaS5jb20xETAPBgNVBA > MTCGFw > cGxhdG9vMREwDwYDVQQqEwhhcHBsYXRvbzEQMA4GA1UEBBMHUmVjZXR0ZTELMAkGA1UEBh > MCRlIw > gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMS2Ki0wv46ZaTp37On5oq6xzs0Cx4fZsK > MyZ6cc > zyxCoAeCY/N/zdPl0Gh0O9yjRXIGknzHgLlr0M2XHZfSDPuRl+2K3Uh6TjCWbNi83zuRsl > 94U+A+ > bJI2PysB0MVLPEqyX0bgfOaEMtSrqgmfZgjoRwR4oF1ahiM+OHDFuaHLAgMBAAGjggEwMI > bJI2PysB0MVLPEqyX0bgfOaEMtSrqgmfZgjoRwR4oF1ahiM+IBLDAM > BgNVHRMEBTADAQEAMA8GA1UdDwEB/wQFAwMH8AAwEwYDVR0lBAwwCgYIKwYBBQUHAwQwHQ > YDVR0O > BBYEFAnO7NCiFxjdzY3OUly1A10oAq0lMB8GA1UdIwQYMBaAFCAndWWgFYPA1nORAZ8nki > tEEeMv > MDoGA1UdEQQzMDGBFGFwcGxhdG9vQGlsZXgtc2kuY29toBkGCisGAQQBgjcUAgOgCwwJYX > BwbGF0 > b29AMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly93d3cuaWxleC5mci9vY3NwL2NybGRwP2 > NuPUlw > a2l6eUVtYWlsMDsGCCsGAQUFBwEBBC8wLTArBggrBgEFBQcwAYYfaHR0cDovL3d3dy5pbG > V4LmZy > L29jc3Avb2NzcHNydjANBgkqhkiG9w0BAQUFAAOBgQAibTBDEuEvihNSwSuI5Gncm2OJUB > PFVdCg > N0ESuHnLkrglLG8+JNUaUZFZtDBMY8YzgCDPwEjya27ofRuJg69Op1KBvH77y3xVOAe3ti > N0ESuHnLkrglLG8+kby0Xs > 0/U5FPp1Jo0xlczyLZz1C5UBraJRFr6JEsyImE9+r9GGp4va7FptAtuSdvqW1Q== > </ds:X509Certificate> > </ds:X509Data> > </ds:KeyInfo><xenc:CipherData><xenc:CipherValue>PhoahxIVk7XktcsO9/jVFz > ARACBhgTTck8rH3mHoGItxE8RmNqkjo6xxDNIql0tGZUrzPRcvyTcD > GnFHaqT1GUpkfD+jxV+kkvouuzT7tocujWVPiX3z40MBbUAhVXAyjuOGM91EY0PRRkuRDz > GnFHaqT1GUpkfD+jxV+sNWs9C > 6qjhotc9yyf2Hp1r6d0=</xenc:CipherValue></xenc:CipherData></xenc:Encryp > tedKey></apache:RootElement> > > Julien TAUPIN, > > ILEX Systèmes Informatiques, > > 51, Bd Voltaire 92 600 ASNIERES (FRANCE), > > Tél : (33-1) 46 88 03 40, Fax (33-1) 46 88 03 41, > > Internet : site _www.ilex-si.com_ > <file:///C:/Documents%20and%20Settings/jtau.ILEX/Application%20Data/Mi > crosoft/Signatures/www.ilex-si.com>, > email _mailto:[EMAIL PROTECTED] > >
