You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by Aditya Muralidharan <ad...@mastercard.com> on 2009/07/14 17:29:43 UTC
EncryptedKeyResolver doesn't allow specifying provider
Hi,
We are using hardware-based security providers that we need to explicitly
specify our encryption and decryption providers. I noticed that works for
key encryption, but the decryption doesn't allow an explicit provider when
decrypting (in EncryptedKeyResolver) the symmetric key with the
key-decryption-key. Is there an alternative that allows explicitly
specifying a provider for the key resolver when decrypting the key?
Thanks.
AD
CONFIDENTIALITY NOTICE
This e-mail message and any attachments are only for the use of the intended recipient and may contain information that is privileged, confidential or exempt from disclosure under applicable law. If you are not the intended recipient, any disclosure, distribution or other use of this e-mail message or attachments is prohibited. If you have received this e-mail message in error, please delete and notify the sender immediately. Thank you.
Re: EncryptedKeyResolver doesn't allow specifying provider
Posted by Sean Mullan <Se...@Sun.COM>.
Please file a bug/rfe at https://issues.apache.org/bugzilla/enter_bug.cgi in the
Security project.
We need to add a ctor to the EncryptedKeyResolver class that takes an additional
provider parameter, and then change XMLCipher to call this new ctor and pass it
the provider it is using.
Unfortunately, this is a new feature so it will have to wait until the next
release after 1.4.3.
Thanks,
Sean
Aditya Muralidharan wrote:
>
> Hi,
>
> We are using hardware-based security providers that we need to
> explicitly specify our encryption and decryption providers. I noticed
> that works for key encryption, but the decryption doesn't allow an
> explicit provider when decrypting (in EncryptedKeyResolver) the
> symmetric key with the key-decryption-key. Is there an alternative that
> allows explicitly specifying a provider for the key resolver when
> decrypting the key?
>
> Thanks.
>
> AD
>
> CONFIDENTIALITY NOTICE
> This e-mail message and any attachments are only for the use of the
> intended recipient and may contain information that is privileged,
> confidential or exempt from disclosure under applicable law. If you are
> not the intended recipient, any disclosure, distribution or other use of
> this e-mail message or attachments is prohibited. If you have received
> this e-mail message in error, please delete and notify the sender
> immediately. Thank you.