[xmlsec] Re: Comment (and namespace)
Aleksey Sanin
aleksey@aleksey.com
Fri, 26 Apr 2002 09:53:35 -0700
Hi, Joseph!
I know about the namespace problem and it is laready fixed (recently I
did a big
cleanup and this was one of the items). BTW, you example also have to be
changed
to something like this:
<HMACKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">
Since <HMACKeyValue> tag is not defined by XMLDSig as well :)
Regading the problem you have: you forgot to specify "template" file.
This is not very clear
from the current help (thanks for noting it!) but the actual command
format is
xmlsec encrypt [<options>] [<tmpl> [<tmpl> [ ... ]]]
The template specifies how to encrypt the binary file you've specified
with '--binary' option.
For examples, please take a look at the tests/testEnc.sh folder and
templates in
tests/merlin-xmlenc-five/*.tmpl
tests/aleksey-xmlenc-01/*.tmpl
tests/01-phaos-xmlenc-3/*.tmpl
Please let me know if you'll have any other problems.
I have plans to support PGP but first I would like to finish XML Enc (I
still have few itesm "to-do")
Aleksey.
Joseph Reagle wrote:
>Hi Aleksey,
>
>The Debian unstable debs now permit the compilation of your code! Like the
>rpm's, OpenSSL 0.9.7 debs aren't available yet. But I can compile it, and
>to test it I create a hmackey (any plans to support gpg keys?!) and run
>the following, but nothing is output on standard out:
>
> xmlsec encrypt --keys keys --binary test
>
>What would I be doing incorrectly?
>
>Also, I note an error in your key format. You should use your own namespace
>for your "Keys" element, not the dsig one. Something like:
>
><?xml version="1.0"?>
><Keys xmlns="http://www.aleksey.com/xmlsec/2002">
><KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">>
><KeyName>foo</KeyName>
><KeyValue>
><HMACKeyValue>kTSc236F7vTznHMKB/a9jVv8cpwa1/j9</HMACKeyValue>
></KeyValue>
></KeyInfo>
></Keys>
>