KeyInfo-Element inside EncryptedData in Body

[Christian Mielke <cm...@nc-ag.de>]

Hello!

I have noticed that RAMPART creates a KeyInfo-Element inside the EncryptedData-Element in the body of the message. Is this really neccesary? 

I have also seen that Microsoft .NET WCF 3.0 doesn't create such a KeyInfo element inside the body for the encrypted data but never the less RAMPART is able to decrypt the message. Is there any possibility that the response from the AXIS server is also without KeyInfo-Element inside the encrypted body?

Greetings
Christian

Re: KeyInfo-Element inside EncryptedData in Body

[Nandana Mihindukulasooriya <na...@gmail.com>]

Hi Christian,

I have noticed that RAMPART creates a KeyInfo-Element inside the
> EncryptedData-Element in the body of the message. Is this really neccesary?


It depends on whether we use the internal references or external references.
If we place the reference list element inside the encrypted key element (
internal references ) then the encrypted data elements referenced by such a
list need not to have key info elements. But if we have have external
references such that reference list element resides out side the encrypted
key element as a direct child of security header encrypted data referenced
by such a list MUST carry a key info element.


> I have also seen that Microsoft .NET WCF 3.0 doesn't create such a KeyInfo
> element inside the body for the encrypted data but never the less RAMPART is
> able to decrypt the message.


IFAIK, then the reference list element that references those encrypted data
should be a child of encrypted key element.


> Is there any possibility that the response from the AXIS server is also
> without KeyInfo-Element inside the encrypted body?


I think we will be able to do this for scenarios where reference list is a
child element of encrypted key element. Just wondered, does this key info
element cause any interop issue or some other problem ?

/nandana

http://nandana83.blogspot.com/
http://nandanasm.wordpress.com/