So, I'm writing to ask if you can add a new RSA PKCS1 transform whose input is a key reference (not the raw key) and the output is the wrapped key.
Well, I am not sure that new transform would help. Probably what you actualy want is a new "xmlSecEncCtxKeyEncrypt ()" function that would accept an xmlSecKey pointer and do key encryption according to a template (and context :) ). However, the problem is not here but inside transforms code itself. Currently there are only two types of data available: binary and xml. I don't think that adding "key" to this list would be an easy thing. Finally, as you probably know the XMLEnc spec states that RSA-PKCS1 might be used for both keys and data.
Bottom line: I would be glad to find a solution for this problem but I am not sure I have any suggestions myself. It seems that just adding a new transform would not be enough and changing transforms engine itself seems like a big problem for me.
Aleksey
_______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec
