[xmlsec] How to encrypt a key ?

Sébastien Hinderer Sebastien.Hinderer at snv.jussieu.fr
Mon May 11 10:37:07 PDT 2009

Dear Aleksey,

First of all, many thanks for your prompt reply. 

> You create a template that specifies
> <EncryptionMethod Algorithm="...#aes128-cbc">
> and then specify the encrypted key as follows
> <EncryptedKey>
>   <EncryptionMethod Algorithm="...#rsa-1_5"/>
>   ...
> </>

I'm sorry, I am not sure that I understand this correctly. Are you
saying that the encrypted key is a part of the template ? So this means
that each encrypted XML file will contain the kAES ey used to encrypt the
corresponding xml clear file, the key bing itself encrypted with the RSA
key ?
> This will automatically create "session" AES key, use
> this session key to encrypt data and then put encrypted
> session key in the <EncryptedKey> element.

And it will then be possible to extract this node and its content from
the template to dump it in another file... is that correct ?

> Search for "aes128-cbc" string in the xmlsec/tests folder for
> examples.

I'll look, thanks.

More information about the xmlsec mailing list