Hi Joseph, If you want to encrypt a message than you should do the following: 1. Encrypt the message with a secret key. 2. Encrypt the secret key with the PUBLIC key of the receiver.
Apache XML Security supports this steps, at least this is what it's supposed to do. And there is a lot of satisfying sample code shipped with the source code. I gave you some pointers in a previous post. Please take a look at the sample code and if you have got problems with it you are welcome to ask some questions about that. And BTW: There is also no security involved in encrypting anything with the private key of a sender as you mentioned in the last post... You encrypt with the *public* key of the *receiver*. Cheers, Ulrich -----Ursprüngliche Nachricht----- Von: security-dev@xml.apache.org Gesendet: 18.06.07 10:03:15 An: <security-dev@xml.apache.org> Betreff: RE: Encrypt with public key Dear all Thanks for your responses. I understand the argument you have brought forward. Indeed what I needed is to encrypt using the public key of sender, not sign. What I would like to know is what algorithms are available for what I need (e.g. DSA, etc.) and a basic example of using public key for encryption. At the moment I am using a symmetric key for encryption, so if it is possible to encrypt with the private key of the sender, that would be even better. Kind regards Joseph -----Original Message----- From: Ulrich Ackermann [mailto:[EMAIL PROTECTED] Sent: 15 June 2007 21:45 To: security-dev@xml.apache.org Subject: RE: Encrypt with public key Hi Thomas, this is exactly what I was stating in a previous post to Joseph: "Why do you want to SIGN a document with a PUBLIC key? I have never heard of anything like that. There is no authenticy involved when signing with a public key, but I guess you know that." Cheers, Ulrich -----Ursprüngliche Nachricht----- Von: security-dev@xml.apache.org Gesendet: 14.06.07 13:52:54 An: <security-dev@xml.apache.org> Betreff: RE: Encrypt with public key Hi Ulrich, You wrote: > 1. Create a RSAPrivateKeySpec object with the following (the exponents can be retrieved by any > object implementing the RSAPublicKey interface): RSAPrivateKeySpec(BigInteger modulus, BigInteger > privateExponent) 2. Create a KeyFactory: KeyFactory.getInstance("RSA") 3. Generate the PrivateKey > object by calling: generatePrivate(KeySpec keySpec), where keySpec ist the key specification you > got in step 1. How is this supposed to work? The public key contains an exponent, but this is the public not the private exponent. You may be able to use this to create a private key with this exponent, but the usage of such key is questionable. What should the use case of a signature with a public key be? My 2ct. Thomas - speaking for myself and not for my employer. Software AG - Sitz/Registered office: Uhlandstra?e 12, 64297 Darmstadt, Germany, - Registergericht/Commercial register: Darmstadt HRB 1562 - Vorstand/ Management Board: Karl-Heinz Streibich (Vorsitzender/Chairman), David Broadbent, Mark Edwards, Dr. Peter Kurpick, Alfred Pfaff, Arnd Zinnhardt; - Aufsichtsratsvorsitzender/ Chairman of the Supervisory Board: Frank F. Beelitz - http://www.softwareag.com __________________________________________________________________________ Erweitern Sie FreeMail zu einem noch leistungsstärkeren E-Mail-Postfach! Mehr Infos unter http://produkte.web.de/club/?mc=021131 __________________________________________________________________________ Erweitern Sie FreeMail zu einem noch leistungsstärkeren E-Mail-Postfach! Mehr Infos unter http://produkte.web.de/club/?mc=021131
