[xmlsec] How to ...

Maffia, Mario MaffiaM at diebold.com
Tue May 9 02:58:54 PDT 2006 

Hi,

I would like to set up the <env:Header><xenc:EncryptedKey>
<xenc:CipherData><xenc:CipherValue>  tag with the generated session key
. I cannot find any method to allow this.
The "xmlSecTmplEncDataEnsureCipherValue" method works fine to add
<xenc:EncryptedKey> <xenc:CipherData><xenc:CipherValue> into the body,
but I cannot figure out on how to make it work for the header.
Could somebody help?

Here is the header I'm using

<?xml version="1.0" encoding="UTF-8" standalone="yes" ?> 
- <>  <env:Envelope
xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"> 
- <>  <env:Header> 
- <>  <wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse
curity-secext-1.0.xsd" env:mustUnderstand="1"> 
<wsse:BinarySecurityToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-
token-profile-1.0#X509v3"
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-so
ap-message-security-1.0#Base64Binary" /> 
- <>  <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> 
- <>  <dsig:SignedInfo> 
<dsig:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> 
<dsig:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> 
- <>  <dsig:Reference> 
- <>  <dsig:Transforms> 
<dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> 
</dsig:Transforms> 
<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />

<dsig:DigestValue /> 
</dsig:Reference> 
</dsig:SignedInfo> 
<dsig:SignatureValue /> 
- <>  <dsig:KeyInfo> 
- <>  <wsse:SecurityTokenReference> 
<wsse:Reference /> 
</wsse:SecurityTokenReference> 
</dsig:KeyInfo> 
</dsig:Signature> 
- <>  <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">

<xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" /> 
- <>  <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> 
- <>  <wsse:SecurityTokenReference> 
<wsse:KeyIdentifier
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-
token-profile-1.0#X509SubjectKeyIdentifier"
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-so
ap-message-security-1.0#Base64Binary" /> 
</wsse:SecurityTokenReference> 
</dsig:KeyInfo> 
- <>  <xenc:CipherData> 
<xenc:CipherValue /> 
</xenc:CipherData> 
- <>  <xenc:ReferenceList> 
<xenc:DataReference /> 
</xenc:ReferenceList> 
</xenc:EncryptedKey> 
</wsse:Security> 
</env:Header>

Regards
Mario


Mario Maffia

DIEBOLD Luxembourg

Tel	: +352 45 35 11 6353 
Fax	: +352 45 35 11 6341
Mobile	: +352 021 359 712
E-mail	: maffiam at diebold.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.aleksey.com/pipermail/xmlsec/attachments/20060509/6aef4f5f/attachment-0002.htm

More information about the xmlsec mailing list