Please file a bug/rfe at https://issues.apache.org/bugzilla/enter_bug.cgi in the
Security project.
We need to add a ctor to the EncryptedKeyResolver class that takes an additional
provider parameter, and then change XMLCipher to call this new ctor and pass it
the provider it is using.
Unfortunately, this is a new feature so it will have to wait until the next
release after 1.4.3.
Thanks,
Sean
Aditya Muralidharan wrote:
Hi,
We are using hardware-based security providers that we need to
explicitly specify our encryption and decryption providers. I noticed
that works for key encryption, but the decryption doesn't allow an
explicit provider when decrypting (in EncryptedKeyResolver) the
symmetric key with the key-decryption-key. Is there an alternative that
allows explicitly specifying a provider for the key resolver when
decrypting the key?
Thanks.
AD
CONFIDENTIALITY NOTICE
This e-mail message and any attachments are only for the use of the
intended recipient and may contain information that is privileged,
confidential or exempt from disclosure under applicable law. If you are
not the intended recipient, any disclosure, distribution or other use of
this e-mail message or attachments is prohibited. If you have received
this e-mail message in error, please delete and notify the sender
immediately. Thank you.
