You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@santuario.apache.org by Daniel Naro <dn...@ac.upc.edu> on 2017/12/14 08:40:56 UTC

Is there support for "derived keys"?

Hi,

First of all, please forgive any blunder in etiquette, but this is my 
first use of a technical mailing list: from what I have understood I can 
ask over here my technical doubts, if I am wrong please let me know 
where I should send this.

I wanted to do some tests on the “derived key” features of XML 
encryption 1.1. While doing some research (in the Java version), I found 
some references to this part of the standard in the documentation (e.g. 
DerivedKeyToken), or in the source code (DerivedKeyType). However, I do 
not find any call within the code to key derivation methods such as 
PBKDF2. Have I overlooked them? In case where the answer is no, does 
this mean that the feature is not implemented? Are there any mechanisms 
to implement a resolver for this very task?

Best regards,

Daniel Naro

Re: Is there support for "derived keys"?

Posted by Colm O hEigeartaigh <co...@apache.org>.

No, it's not supported for the Java library. Contributions are very welcome
though :-)

Colm.

On Thu, Dec 14, 2017 at 2:34 PM, Cantor, Scott <ca...@osu.edu> wrote:

> > I wanted to do some tests on the “derived key” features of XML encryption
> > 1.1. While doing some research (in the Java version), I found some
> > references to this part of the standard in the documentation (e.g.
> > DerivedKeyToken), or in the source code (DerivedKeyType). However, I do
> > not find any call within the code to key derivation methods such as
> PBKDF2.
> > Have I overlooked them? In case where the answer is no, does this mean
> > that the feature is not implemented? Are there any mechanisms to
> > implement a resolver for this very task?
>
> I'm not aware of anything in either version of the library. OpenSSL being
> essentially undocumented, I couldn't make any headway in this for the C++
> version many years ago when I looked at it.
>
> -- Scott
>
>


-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

RE: Is there support for "derived keys"?

Posted by "Cantor, Scott" <ca...@osu.edu>.

> I wanted to do some tests on the “derived key” features of XML encryption
> 1.1. While doing some research (in the Java version), I found some
> references to this part of the standard in the documentation (e.g.
> DerivedKeyToken), or in the source code (DerivedKeyType). However, I do
> not find any call within the code to key derivation methods such as PBKDF2.
> Have I overlooked them? In case where the answer is no, does this mean
> that the feature is not implemented? Are there any mechanisms to
> implement a resolver for this very task?

I'm not aware of anything in either version of the library. OpenSSL being essentially undocumented, I couldn't make any headway in this for the C++ version many years ago when I looked at it.

-- Scott