Hello, Here is the example. <?xml version="1.0"?> <Envelope>
<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#"; Id="ED" Type="http://www.w3.org/2001/04/xmlenc#Element";> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";> <RetrievalMethod URI="#EK" Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey"/> </KeyInfo> <CipherData> <CipherValue>wWismvRBdhesImbEdHUlpvxQs5OHw5U4Oe2KpaKebBfunz1/7plB+Urme0MT8dU9 Y2cX0kBmselmGQBLG5oH14YNaCEyqQ4z5UMb7QucTt2PH4OG/2a3aYPeEGj6zdUu Hi0IxawMhQ2JhchKmGXo9M3iclf3QUq1cUlbpPbQaU5MghADC+bUajz9IAiCUKNM WdpGSCqXFn/ycNH3GSGsKDEn/zlmqYnfuMMhQLCyZpkjY2aYObzNxoHXFLlvsAvk TAkujClmdx52JWk7eAuBaz58GTSokBdHo8/tsPiavH044x8uTngw4vIYMM3nzlxz 6I2HSr8aB/ztCMa+JyxIJ2AEop2SrAsPg9WTCTJSoBXv+97+YLV4pcp2ttyXqGgP</CipherValue> </CipherData> </EncryptedData> <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#"; Id="EK" Type="http://www.w3.org/2001/04/xmlenc#Content";> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";> <KeyName>rsakeyvar1.pem</KeyName> </KeyInfo> <CipherData> <CipherValue>JEHLRrvwQwZOLBnfbww6dpdoBPMW71j0X6Ji0OLQmP074kw90MTs95sNi02kBlN9 4p9PC0T0nDFY5U8O+K/p2g==</CipherValue> </CipherData> <ReferenceList> <DataReference URI="#ED"/> </ReferenceList> </EncryptedKey> </Envelope> My questions are 1. When i try to decrypt the encrypted data element, in the key info element, the xmlsec tries to evaluate the Xpointer expression for the URI attribute of RetreivalMethod element and fails as "EK" is not registered yet. 2. When I try to decrypt the encrypted key element, xmlsec tries to replace the encrypted key element, by calling xmlSecReplaceNodeBuffer, even though the Type attribute says "content". I got the internal parser error. ( there is no well formed xml data, it is key, so supposedly fails). Regards Nitin --- Aleksey Sanin <[EMAIL PROTECTED]> wrote: > > I understand the problem, it is like Xpointer > > evaluation > > of URI attribute in RetreivalMethod fails because > the > > ID attribute of Encrypted Key is still not > registered > > with the libxml2. > Not sure I understand this. xmlsec first parses the > XML > using libxml2 and most of ID attributes are > registered > *before* xmlsec code is executed. xmlsec does > register > ID attributes for XMLEnc and XMLDSig schema > automatically > and it is one of the first things xmlsec is doing. > > > I know that xmlsec registers these ID attributes > only > > when > > reading the Encrypted key or Encrypted Data > elements. > I think you are mistaken or I don't understand what > you mean. > > A *small* example that demonstrates your problem > will be helpful. > > Aleksey > __________________________________ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail _______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec
