You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by Carpe Sebastien <se...@atosorigin.com> on 2004/08/10 15:36:40 UTC
Re: Puzzled with xml encryption using a key pair [Solved]
Vishal's solution made it.
So currently, if one wishes to use a keystore and a assymetric key-pair
to encrypt the symetric key, the only thing to pay attention to is :
1) generate keys using the appropriate algorythm , i.e. keytool
...-keyalg "RSA...
2) use the good XmlCipher Algorythm : XmlCipher.RSA_v1dot5
beside this (and the modification implied by the fact you use a keystore
and so, need to load keys from there instead of the "kek" file) the
sample code to encrypt/decrypt an xml file works out of the box.
Hope this helps the next puzzled one ;-)
Seb C.
Vishal Mahajan wrote:
> Carpe Sebastien wrote:
>
>> This is a newbie question on xml-security usage. If i'm targetting
>> the wrong list, please redirect me and forgive me the buzz.
>>
>> The wholme project is java. I'm using xmlsec-1.1.0, xerces 2.6.2, and
>> the last bouncy-castle (downloaded yesterday - Aug, 9th)
>> Here is what i'd like to do :
>> - Encrypt a full xml file with a generated key.
>> - wrap the key inside the xml, encoded with a public key.
>>
>> The receiver should be able to decrypt the key with his private key,
>> and then decrypt the xml datas.
>>
>> Currently, i've understood and generated the key pair in a key store.
>> I have managed to retrieve both keys.
>>
>> I've managed to run the samples (encrypter/decrypter) successfully.
>> The only thing i'm missing, i think, is the link between my public
>> key from key store, and the symetric key encryption. Starting for the
>> sample code, i've tried a few things, like simply using my private
>> key (i know, it should be the public one, but that's not the point),
>> or trying to change the algorythm uri to something similar to the one
>> used when generating the keys, but failed.
>>
>> The keypair was generated using the keytool tool, with default values
>> (DSA algo, 1024 key size).
>
>
> Use an RSA key-pair instead of DSA. Then in the code below specify the
> "algorithmURI" value as "XMLCipher.RSA_v1dot5".
>
> Hope this helps,
>
> Vishal
>
>>
>> The faulting code is :
>> ----------------------
>> String algorithmURI = XMLCipher.TRIPLEDES_KeyWrap;
>>
>> XMLCipher keyCipher = XMLCipher.getInstance(algorithmURI);
>> keyCipher.init(XMLCipher.WRAP_MODE, privateKey);
>> EncryptedKey encryptedKey = keyCipher.encryptKey(document,
>> symmetricKey);
>> -----------------------
>> private key is ... my private key... I'm also half sure that the
>> Algorithm URI is a bad one..
>>
>> Anyway, if somebody could help me, send me some sample code, or point
>> me to any URL, that would help me a lot.
>> I've browsed google, about 15 sites, and 6 month or mailing list
>> archive without getting a clue
>>
>> Thanx for any consideration,
>>
>> Seb C.
>>
>
>
>