<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1">
<title></title>
</head>
<body text="#000000" bgcolor="#ffffff">
<br>
<blockquote type="cite" cite="mid200311121341.302a@th00.opsion.fr">
<pre wrap="">RSA-v1.5 works for AES192 and 3DES
RSA-OAEP works for AES128 and AES256
(<a class="moz-txt-link-freetext" href="http://www.aleksey.com/xmlsec/xmlenc.html">http://www.aleksey.com/xmlsec/xmlenc.html</a>)
</pre>
</blockquote>
These are MANDATORY requirements for XML Enc interop. Other key sizes
are<br>
also possible:<br>
<a class="moz-txt-link-freetext" href="http://www.w3.org/TR/xmlenc-core/#sec-Alg-KeyTransport">http://www.w3.org/TR/xmlenc-core/#sec-Alg-KeyTransport</a><br>
<br>
And xmlsec does support any symmetric key length if public key size is
enough.<br>
<blockquote type="cite" cite="mid200311121341.302a@th00.opsion.fr">
<pre wrap="">encrypt3.c
(<a class="moz-txt-link-freetext" href="http://www.aleksey.com/xmlsec/api/xmlsec-encrypt-with-session-key.html">http://www.aleksey.com/xmlsec/api/xmlsec-encrypt-with-session-key.html</a>)
uses RSA-OAEP and 3DES (which is no good).
</pre>
</blockquote>
Looks good to me :)<br>
<br>
<blockquote type="cite" cite="mid200311121341.302a@th00.opsion.fr">
<pre wrap="">So I tried different scenarii and got the following:
RSA-v1.5 RSA-OAEP
3DES OK Not-OK
AES128 OK OK
AES192 OK Not-OK
AES256 OK Not-OK
Does that sound good to you?
</pre>
</blockquote>
No, it does not. Since you was able to get RSA-OAEP for the smallest
symmetric key only<br>
then I would think that the problem is in the public key size. Try to
use 2048 bits key.<br>
<span style="font-family: monospace;"><br>
Aleksey<br>
<br>
P.S. If you want me to read your mail then you should subscribe to
xmlsec mailing list.<br>
This is a happy incident that I've discovered your mail in tons of spam
I got on <br>
xmlsec mailing list from not-subscribed people.<br>
<br>
<br>
<br>
<br>
<br>
</span>
</body>
</html>