[xmlsec] is it possible to do signatures with AES?

Mark Ivey zovirl1_list at sbcglobal.net
Mon Dec 1 13:35:58 PST 2003

On Mon, 2003-12-01 at 13:32, Rich Salz wrote:
> > Is it possible to do XML signatures using the AES algorithm instead of
> > RSA?
> I don't think this makes a lot of sense.  Are you saying to do something 
> like AES-encrypt the SHA-1 message digest?  That would be bad -- it 
> would mean that every signed document is a adding to known-plaintext 
> attacks against the AES key, for example.
> Perhaps you want to use HMAC?
> 	/r$

Oh, that explains why I couldn't find any info on how to do it.  Thanks

-Mark Ivey-

More information about the xmlsec mailing list