[xmlsec] xmlSecTransformRsaPkcs1

Andrew Fan Andrew.Fan at sun.com
Sun Aug 10 19:20:19 PDT 2003

Hi Tej,

I think in XML Encryption recommendation, we can regard a symmetric key 
and non-key data as a raw symmetric key in the process of key transport( 
RSA-PKCS1), they ship the same standards. After the wrap or unwrap 
process, the application will determine it is a key or non-key.

About the key type problems, I find a quite interesting example in lines 
115 of  lib/crmf/cmmfchal.c, which use a "trick" mechanism. Surely, it 
work, I think, because CRMF is a so general standards. So in my patches, 
I also use a "trick" mechanism when importing symmetric key from a raw 
key or non-key data. It work.

Hope help,

Tej Arora wrote:

> This transform is supposed to encrypt a symmetric key using RSA.
> The key to be encrypted is expected to be in cleartext in the
> input buffer.
> Under some crypto systems like NSS, any keys in cleartext is frowned
> upon. In practice, raw keys reside only in crypto tokens, and when
> they leave the token they're always encrypted.
>  Encryption of key data is called "wrapping" and that of non-key data
> is just called "encryption".
> NSS provides these forms of RSA encryption:
> 1) WRAP a key using RSA. The key must be on some token. If it
> is not on a token, the app must first get it on the token. It is possible
> to get a cleartext key onto a token.  To do that one has to know the
> key type. The implementation of xmlSecTransformRsaPkcs1 is
> such that this information is not available to the transform. XML ENC
> spec actually specifies that information in the schema.
> 2) Encrypt non-key data using RSA (no support for padding)
> The bottom line is that the only way to make the RsaPkcs1 transform
> work for NSS is to implement (2) with padding support. The NSS
> team however has strong objections to encrypting cleartext keys
> in the first place.
> So, I'm writing to ask if you can add a new RSA PKCS1 transform
> whose input is a key reference (not the raw key) and the output is the
> wrapped key.  I understand that xmlsec tests will still load raw keys
> from files, but with the new transform - we'll atleast be able to support
> a secure mode of operation that can be used by NSS based deployments.
> thanks,
> -Tej
> _______________________________________________ xmlsec mailing list 
> xmlsec at aleksey.com http://www.aleksey.com/mailman/listinfo/xmlsec 

More information about the xmlsec mailing list