Hi Eric, if i understand your code right, you treat your XML document as a string of UTF-8 characters and encrypt those directly using the javax.crypto classes with the application of a base64 transform at the end to get some string data as ciphertext. This way of encrypting XML data has nothing to do with XML Security - it would apply to any data you choose. XML Encryption on the contrary as understood on this list is about encrypting, decrypting, signing and verification of XML Documents, where the result is again such an XML Document with parts of it probably encrypted. With the technology in here you can take an XML document describing an employee and encrypt only the salary field, while keeping the rest of the data in clear form. All this requires of course some additional, XML Security specific, XML elements to be added to the document. I think the difference becomes obvious when you search for samples of XML documents that were encrypted using XML Security. HTH Thomas - speaking for me and not for my employer...
________________________________ From: Eric Tournier [mailto:[EMAIL PROTECTED] Sent: Mittwoch, 11. April 2007 13:45 To: security-dev@xml.apache.org Subject: XML Security and JCE Hi :) I'm hoping this is the right list to be emailing this question to. I'm using a home-made XML Encryption implementation which uses javax.crypto.* classes but unfortunately I'm not the developer of this implementation. In order to test interoperability of it with well-known API, I'm trying to encrypt a XML document with XML Security and decrypt the result with my implementation, and vice-versa. I don't known how to do this and I feel a lilltle bit lost with all the initialization and configuration paramters of XML Security. Could someone teach me how to do ? Here are XML Security encryption : ======== KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede", "BC"); keyGenerator.init(secureRandom); SecretKey sessionKey = keyGenerator.generateKey(); XMLCipher xmlCipherRSA = XMLCipher.getProviderInstance(XMLCipher.RSA_v1dot5, "BC"); xmlCipherRSA.init(XMLCipher.WRAP_MODE, clefPublique); EncryptedKey encryptedKey = xmlCipherRSA.encryptKey(doc, sessionKey); Element rootElement = doc.getDocumentElement(); XMLCipher xmlCipher = XMLCipher.getProviderInstance(TRIPLEDES, "BC"); xmlCipher.init(XMLCipher.ENCRYPT_MODE, sessionKey); EncryptedData encryptedData = xmlCipher.getEncryptedData(); KeyInfo keyInfo = encryptedData.getKeyInfo(); if (keyInfo == null) { keyInfo = new KeyInfo(doc); encryptedData.setKeyInfo(keyInfo); } keyInfo.add(encryptedKey); xmlCipher.doFinal(doc, rootElement, true); ======== Here are home-made encryption : ======== KeyGenerator keyGen; keyGen = KeyGenerator.getInstance("DESede", "BC"); keyGen.init(secureRandom); SecretKey key = keyGen.generateKey(); Cipher cipherRSA = Cipher.getInstance("RSA/NONE/PKCS1PADDING", "BC"); cipherRSA.init(Cipher.ENCRYPT_MODE, this.publicKey); byte[] encryptedKey = cipherRSA.doFinal(key.getEncoded()); String sessionKey = new String(Base64.encodeBase64(encryptedKey, false)); byte[] iv = { (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00 }; Cipher cipher = Cipher.getInstance("DESede/CBC/ISO10126-2Padding", "BC"); cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(iv)); byte[] encryptedBytes = cipher.doFinal(data.substring(begin + 1, end).getBytes("UTF-8")); byte[] ivBytes = concatanate(iv, encryptedBytes); String cipherValue = new String(Base64.encodeBase64(ivBytes)); ======== Thanks in advance for all Ticker Software AG - Sitz/Registered office: Uhlandstra?e 12, 64297 Darmstadt, Germany, - Registergericht/Commercial register: Darmstadt HRB 1562 - Vorstand/ Management Board: Karl-Heinz Streibich (Vorsitzender/Chairman), David Broadbent, Mark Edwards, Dr. Peter Kurpick, Alfred Pfaff, Arnd Zinnhardt; - Aufsichtsratsvorsitzender/ Chairman of the Supervisory Board: Frank F. Beelitz - http://www.softwareag.com
