Antwort: Re: [xmlsec] MAC algorithms in XMLsec?

Hans-Juergen.Heinrich at de.gi-de.com Hans-Juergen.Heinrich at de.gi-de.com
Tue May 21 05:30:13 PDT 2002


OK, so it's possible, thank you.

But how does Alice load the key into the manager?
Suppose she has the secret key stored somewhere in a
file or as a byte array (8 bytes for DES, e.g.).
Does she have to call xmlSecSimpleKeysMngrAddKey and
provide a keyPtr structure as the 2nd parameter? In this
case, would she have to construct the keyPtr herself?

Regards,
Hans-Juergen



                                                                                         
                    Aleksey Sanin                                                        
                    <aleksey at aleks        An:     Hans-Juergen.Heinrich at de.gi-de.com     
                    ey.com>               Kopie:  xmlsec at aleksey.com                     
                    Gesendet von:         Thema:  Re: [xmlsec] MAC algorithms in XMLsec? 
                    xmlsec-admin at a                                                       
                    leksey.com                                                           
                                                                                         
                                                                                         
                    17.05.02 17:50                                                       
                                                                                         
                                                                                         




Yes, it is possible. If you know how to exchange symmetric
(DES, HMAC, AES,...) keys between Alice and Bob then
you can specify the key using <ds:KeyName> element
of <ds:KeyInfo>. In particular, in XMLSec case, Alice should
load the key into keys manager and add <ds:KeyName> node
when you are signing/encrypting document. Bob simply loads
this key into keys manager and XMLSec "magically" finds it
when it decrypts/verifies the message.

Aleksey.

Hans-Juergen.Heinrich at de.gi-de.com wrote:

>Hi,
>
>I wonder if it's possible to use MAC algorithms (with
>secret keys) instead of public key algorithms in XMLsec?
>
>In the keys.h-file I only see the key types "public", "private"
>and the generic type "any".
>Would it be possible to - for example - read a secret key
>from a file and sign a XML file with this key and TripleDES?
>How would that work?
>
>Any help appreciated
>Hans-Juergen Heinrich
>
>----------------------------------
>Dr. Hans-Jürgen Heinrich
>System engineer, 4TE3
>Giesecke & Devrient GmbH, Truderinger Straße 15, D-81607 München
>Phone:  +49 89 4119-2625, FAX:     +49 89 4119-1629
>mailto:hans-juergen.heinrich at de.gi-de.com
>http://www.gieseckedevrient.com
>
>_______________________________________________
>xmlsec mailing list
>xmlsec at aleksey.com
>http://www.aleksey.com/mailman/listinfo/xmlsec
>


_______________________________________________
xmlsec mailing list
xmlsec at aleksey.com
http://www.aleksey.com/mailman/listinfo/xmlsec






More information about the xmlsec mailing list