[xmlsec] Re: Comment (and namespace)

Aleksey Sanin aleksey@aleksey.com
Fri, 26 Apr 2002 09:53:35 -0700


Hi, Joseph!

I know about the namespace problem and it is laready fixed (recently I 
did a big
cleanup and this was one of the items). BTW, you example also have to be 
changed
to something like this:

<HMACKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">

 Since <HMACKeyValue> tag is not defined by XMLDSig as well :)

Regading the problem you have: you forgot to specify "template" file. 
This is not very clear
from the current help (thanks for noting it!) but the actual command 
format is
    xmlsec encrypt [<options>] [<tmpl> [<tmpl> [ ... ]]]
The template specifies how to encrypt the binary file you've specified 
with '--binary' option.
For examples, please take a look at the tests/testEnc.sh folder and 
templates in
    tests/merlin-xmlenc-five/*.tmpl
    tests/aleksey-xmlenc-01/*.tmpl
    tests/01-phaos-xmlenc-3/*.tmpl
Please let me know if you'll have any other problems.

I have plans to support PGP but first I would like to finish XML Enc (I 
still have few itesm "to-do")


Aleksey.   




Joseph Reagle wrote:

>Hi Aleksey,
>
>The Debian unstable debs now permit the compilation of your code! Like the 
>rpm's, OpenSSL 0.9.7 debs aren't available yet. But I can compile it, and 
>to test it I create a hmackey (any plans to support gpg keys?!)  and run 
>the following, but nothing is output on standard out:
>
> xmlsec encrypt --keys keys --binary test
>
>What would I be doing incorrectly?
>
>Also, I note an error in your key format. You should use your own namespace 
>for your "Keys" element, not the dsig one. Something like:
>
><?xml version="1.0"?>
><Keys xmlns="http://www.aleksey.com/xmlsec/2002">
><KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">>
><KeyName>foo</KeyName>
><KeyValue>
><HMACKeyValue>kTSc236F7vTznHMKB/a9jVv8cpwa1/j9</HMACKeyValue>
></KeyValue>
></KeyInfo>
></Keys>
>