RE: xml encryption/decryption of binary data

[Hess Yvan]

Title: xml encryption/decryption of binary data

The problem is that you have to register the Resolver globally to get the content associated to the URI. In XML signature you can set it for each element you want to verify the signature,  but in XML encryption you have to set it globally that is not good from my point of view.  May be the XML Apache security have to do a refactoring of the interface to allow better library usage. (may not to be conform to jsr-106 specifications)   Regards. Yvan From: Larchier Christophe [mailto:[EMAIL PROTECTED] Sent: mardi, 4. avril 2006 12:01 To: security-dev@xml.apache.org Subject: RE: xml encryption/decryption of binary data OK. To decrypt, there is xmlCipher.decryptToByteArray(), but I haven't tested it yet.   -----Message d'origine----- De : Hess Yvan [mailto:[EMAIL PROTECTED] Envoyé : mardi 4 avril 2006 11:56 À : security-dev@xml.apache.org Objet : RE: xml encryption/decryption of binary data I din't find a way how to encryts external binary data using Apache XML Security. I proceed in the following way:   1. I created an encrypted key element using Apache XML Security producing the following result      <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">       <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>       <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">          <ds:KeyName>SphinxTest</ds:KeyName>       </ds:KeyInfo>       <xenc:CipherData>          <xenc:CipherValue>EHqHZz7s564E/SQSWjvZ49d3fryP7EN+.....</xenc:CipherValue>       </xenc:CipherData>       <xenc:CarriedKeyName>Generated-AES-SecretKey</xenc:CarriedKeyName>    </xenc:EncryptedKey>   2. Then, I created an EncryptedData using XMLCipher.createEncryptedData(CipherData.REFERENCE_TYPE, uri);    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">       <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>       <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">          <ds:KeyName>Generated-AES-SecretKey</ds:KeyName>       </ds:KeyInfo>       <xenc:CipherData>          <xenc:CipherReference URI="urn:hypersuite:534177D3-C0A8027601B4E829-57982AC1"/>       </xenc:CipherData>    </xenc:EncryptedData>   3. Then  I have to encrypt the external binary "urn:hypersuite:534177D3-C0A8027601B4E829-57982AC1" MANUALLY. I didnt find a chance to do it using XML security. It seems that the functionalilty is implemented into Apache xml-signature but not into Apache xml-encryption. I thing I will have the same problem for decryption :-)   Hope it helps you.   Regards. Yvan     From: Larchier Christophe [mailto:[EMAIL PROTECTED] Sent: mardi, 4. avril 2006 11:37 To: security-dev@xml.apache.org Subject: RE: xml encryption/decryption of binary data The binary datas are externals (payloads of SOAP with attachments messages).   -----Message d'origine----- De : Hess Yvan [mailto:[EMAIL PROTECTED] Envoyé : mardi 4 avril 2006 11:29 À : security-dev@xml.apache.org Objet : RE: xml encryption/decryption of binary data Where you binary datas are stored ? Inside the XML document or outside the document ? Actualy I am "using" XML security to encryt external binary data and may be I can help you if you explain me the problem in detail.   Regards. Yvan Hess From: Larchier Christophe [mailto:[EMAIL PROTECTED] Sent: mardi, 4. avril 2006 10:10 To: security-dev@xml.apache.org Subject: RE: xml encryption/decryption of binary data Which package do you refer to ? If it's possible, I'd prefer not setting the world on fire.   Christophe     -----Message d'origine----- De : Martin Labarthe Dubois [mailto:[EMAIL PROTECTED] Envoyé : lundi 3 avril 2006 20:13 À : security-dev@xml.apache.org Objet : Re: xml encryption/decryption of binary data why don´t you just use Java crypt primitives for that?   ----- Original Message ----- From: Larchier Christophe To: security-dev@xml.apache.org Sent: Friday, March 31, 2006 4:41 AM Subject: RE: xml encryption/decryption of binary data Nobody uses xml encryption with binary datas ???   -----Message d'origine----- De : Larchier Christophe [mailto:[EMAIL PROTECTED] Envoyé : mercredi 29 mars 2006 17:41 À : security-dev@xml.apache.org Objet : xml encryption/decryption of binary data Hi all, When I use apache xml security library to encrypt an xml document like the following one, the xml header is loosen. <?xml version="1.0" encoding="UTF-8"?> <PurchaseOrder> ... </PurchaseOrder> After encrypting/decrypting, I get only : <PurchaseOrder> ... </PurchaseOrder> I use the doFinal() method to encrypt/decrypt with the all document as parameter : xmlCipher.doFinal(doc, doc); How do you manage this ? Is it possible to do xml encryption with binary datas ? I have tried to insert my binary datas into a dom document, but some special characters are added (to replace < > \). Thanks, Christophe