Carl Darski wrote on 2009-08-31: > Hello, > > I am testing the RetrievalMethod element for the apache xml encryption > implementation. I am trying to use multiple <ds:RetrievalMethod> > elements to specify multiple encrypted keys.
Not 100% sure that's the appropriate syntax, but without getting into that... > My experience has been that the DSIGInfoList::loadListFromXML(...) > method will process only the first <ds:RetrievalMethod> encountered. > While searching for transforms, tmpKI becomes NULL, so subsequent > processing after the initial <ds:RetrievalMethod> appears to get skipped. Sounds like a bug, please file it. > Is this by design? There is no real world design underpinning any of that code. I recommend you implement your own key resolution logic. I certainly have (and I'm the one stuck maintaining that code now), so don't expect much improvement there. -- Scott
