[xmlsec] XMLsec Command Line Utility and MSCrypto

Edward Shallow ed.shallow at rogers.com
Thu Sep 18 21:21:07 PDT 2003


Here is the encrypt example: would that be sufficient when using MS Crypto
build when specifying the recipient's pubkey  - Steve Archdeacon here ?

<?xml version="1.0" encoding="UTF-8"?>
<!-- 
XML Security Library example: XML doc file encrypted with --session-key then
transported using xmlenc#rsa-1_5 
-->
<EncryptedData Id="ED" Type="http://www.w3.org/2001/04/xmlenc#Content"
xmlns="http://www.w3.org/2001/04/xmlenc#">
  <EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
  <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
    <EncryptedKey Id="EK" xmlns="http://www.w3.org/2001/04/xmlenc#">
    <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:KeyName>Steve Archdeacon</ds:KeyName>
      </ds:KeyInfo>
      <CipherData>
        <CipherValue />
      </CipherData>
    </EncryptedKey>
  </ds:KeyInfo>
  <CipherData>
    <CipherValue />
  </CipherData>
</EncryptedData> 


-----Original Message-----
From: Aleksey Sanin [mailto:aleksey at aleksey.com] 
Sent: September 18, 2003 11:07 PM
To: Edward Shallow
Cc: xmlsec at aleksey.com

I am not very familiar with MS Crypto code yet but I would think so. If you
have a key with a name "Ed Shallow" in the crypto store then xmlsec should
be able to find it. 
The private/public is
determined by the operation we are doing (encryption/verification -->
public, decryption/signature
--> private). And I am not sure I clear understand how certificates fit
into this picture because
this example does not seem to have any.

I hope Wouter would correct me if I am wrong :)

Aleksey

>  For Ms Crypto, if you simply specify the following in the template, 
>is that sufficient for all cert/key pre-requisites ? Private or public 
>? Sign and encrypt ?
>
><KeyInfo>
>  <KeyName>Ed Shallow</KeyName>
></KeyInfo>
>  
>
>





More information about the xmlsec mailing list