[xmlsec] Encrypt using Triple-DES with openssl
Kaushalye Kapuruge
kaushalye at wso2.com
Mon Jul 17 00:09:47 PDT 2006
Hi,
I'm a new bee to xml security world.
Requirement:
I need to write a library to encrypt/sign xml. i.e. Something similar to
xmlsec.
But my library is not based on DOM. It has another parsing mechanism.
Crypto library:
I 'm going to use openssl for this.
Question:
If I need to support Triple-DES as the initial
step(http://www.w3.org/2001/04/xmlenc#tripledes-cbc), is there a
straight forward way in Openssl?
I found that openssl has cipher "EVP_des_ede3_cbc()".
If I send this cipher to EVP_CipherInit_ex() method and get the result
using EVP_CipherUpdate() and EVP_CipherFinal_ex) calls, does that mean
the resulting buffer has encrypted data?
Or Do I have to send the resulted data three times(3 calls to Update) to
comply with http://www.w3.org/2001/04/xmlenc#tripledes-cbc? (before
encode and attach to the xml doc)
Please rectify me if Im wrong :)
Thanks,
Kaushalye
More information about the xmlsec
mailing list