Hess Yvan wrote:
> 3. Then I have to encrypt the external binary
> "urn:hypersuite:534177D3-C0A8027601B4E829-57982AC1" MANUALLY. I didnt
> find a chance to do it using XML security. It seems that the
> functionalilty is implemented into Apache xml-signature but not into
> Apache xml-encryption. I thing I will have the same problem for
> decryption :-)
The reason it currently has to be done manually is that encryption is
very different to reading a URL for signing.
For signature, we just read the reference URL and create the signature
completely separately - it does not impact the source data in any way.
In the encryption case, we not only have to read the data from the URL,
we have to overwrite it with the encrypted data. There are cases where
that's possible, but it's definitely not trivial!
I can't speak for the Java library off the top of my head, but the C++
library allows you to decrypt. However the return data is a byte stream
- not an overwrite of the referenced URL.
Cheers,
Berin
