aleksey at aleksey.com
Sun Aug 10 17:19:05 PDT 2003
> So, I'm writing to ask if you can add a new RSA PKCS1 transform
> whose input is a key reference (not the raw key) and the output is the
> wrapped key.
Well, I am not sure that new transform would help. Probably what
you actualy want is a new "xmlSecEncCtxKeyEncrypt ()" function
that would accept an xmlSecKey pointer and do key encryption
according to a template (and context :) ). However, the problem is
not here but inside transforms code itself. Currently there are only
two types of data available: binary and xml. I don't think that adding
"key" to this list would be an easy thing. Finally, as you probably
know the XMLEnc spec states that RSA-PKCS1 might be used
for both keys and data.
Bottom line: I would be glad to find a solution for this problem but
I am not sure I have any suggestions myself. It seems that just adding
a new transform would not be enough and changing transforms
engine itself seems like a big problem for me.
More information about the xmlsec