[xmlsec] enc1 example does not exactly produce the output xml?

Aleksey Sanin aleksey@aleksey.com
Tue, 07 Jan 2003 08:22:06 -0800


--------------010805000609040405030008
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit

There is no such Web site, it's only a transform href. Let me guess, you 
are using Windows.
Most likely you are using Igor's Windows binaries with MS VC 6.0. There 
were reported
similar problems in this situation and the best advise I can give is to 
try to recompile
everything by you "native" compiler.

Aleksey

Meg Morgan wrote:

>Well clearly my problem is that the encryption itself is failing, and
>I had not gotten around to asking you about it yet, thinking that these
>were problems that needed solving first.  The encryption complains about
>the transform:
>
>xmlSecTransformFind <..\src\transforms.c:331>: error 10:  :
>href=http://www.w3.org/2001/04/xmlenc#tripledes-cbc
>
>I am able to go to that website, so I don't know what exactly is the problem.
>
>Thank you again,
>meg
>
>
>
>Aleksey Sanin wrote:
>  
>
>>The session DES key is generated in the enc1/enc1.c:generateDesKey()
>>function and
>>loaded in the keys manager in the same function. When the data is
>>encrypted by xmlsec
>>library it searches the keys manager for a key for specified algorithm
>>and sets all the
>>required values from the key into XML data. In this particular case, it
>>encrypts the
>>DES key with RSA key as it is described in the created template
>>(enc1/enc1.c:encrypt()
>>function).
>>I am not sure why you needed to make these changes but everything works
>>just fine
>>except an assert in the xmlSecAddIDs (doc != NULL) which could be safely
>>ignored
>>(and this is already fixed in the CVS 0.0.X branch). The result
>>encrypted document is
>>generated and it could be decrypted using the xmlsec application.
>>
>>Aleksey
>>
>>
>>Meg Morgan wrote:
>>
>>    
>>
>>>Unless I'm mistaken, there are a few omissions in the
>>>encryption example.  In order to get the element <KeyName>
>>>and the content "test-des3" I had to add/change the following:
>>>
>>>xmlNodePtr encKeyInfo = NULL;
>>>encKeyInfo = xmlSecEncDataAddKeyInfo(encData);  // your code (cur renamed to encKeyInfo)
>>>cur = xmlSecKeyInfoAddKeyName(encKeyInfo);      // my added two lines
>>>xmlNodeSetContent(cur, BAD_CAST des3Key->name);
>>>
>>>Similarly, the example code provided an element for the KeyName
>>>"test-rsa-key" but didn't set the content:
>>>
>>>cur = xmlSecKeyInfoAddKeyName(cur);  // your code
>>>xmlNodeSetContent(cur, BAD_CAST key->name);  // my added line
>>>
>>>
>>>Was there some other means of populating the content of these
>>>elements?  Similarly, I don't see in your code where the encrypted
>>>session key and the encryption data get stuffed into their respective
>>>CipherValue elements.
>>>
>>>Thank you for your help,
>>>Meg Morgan
>>>
>>>
>>>
>>>      
>>>
>
>  
>


--------------010805000609040405030008
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
  <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1">
  <title></title>
</head>
<body>
There is no such Web site, it's only a transform href. Let me guess, you
are using Windows.<br>
Most likely you are using Igor's Windows binaries with MS VC 6.0. There were
reported <br>
similar problems in this situation and the best advise I can give is to try
to recompile <br>
everything by you "native" compiler.<br>
<br>
Aleksey<br>
<br>
Meg Morgan wrote:<br>
<blockquote type="cite" cite="mid3E1AF3A9.F9FC4D62@votehere.net">
  <pre wrap="">Well clearly my problem is that the encryption itself is failing, and
I had not gotten around to asking you about it yet, thinking that these
were problems that needed solving first.  The encryption complains about
the transform:

xmlSecTransformFind &lt;..\src\transforms.c:331&gt;: error 10:  :
href=<a class="moz-txt-link-freetext" href="http://www.w3.org/2001/04/xmlenc#tripledes-cbc">http://www.w3.org/2001/04/xmlenc#tripledes-cbc</a>

I am able to go to that website, so I don't know what exactly is the problem.

Thank you again,
meg



Aleksey Sanin wrote:
  </pre>
  <blockquote type="cite">
    <pre wrap="">The session DES key is generated in the enc1/enc1.c:generateDesKey()
function and
loaded in the keys manager in the same function. When the data is
encrypted by xmlsec
library it searches the keys manager for a key for specified algorithm
and sets all the
required values from the key into XML data. In this particular case, it
encrypts the
DES key with RSA key as it is described in the created template
(enc1/enc1.c:encrypt()
function).
I am not sure why you needed to make these changes but everything works
just fine
except an assert in the xmlSecAddIDs (doc != NULL) which could be safely
ignored
(and this is already fixed in the CVS 0.0.X branch). The result
encrypted document is
generated and it could be decrypted using the xmlsec application.

Aleksey


Meg Morgan wrote:

    </pre>
    <blockquote type="cite">
      <pre wrap="">Unless I'm mistaken, there are a few omissions in the
encryption example.  In order to get the element &lt;KeyName&gt;
and the content "test-des3" I had to add/change the following:

xmlNodePtr encKeyInfo = NULL;
encKeyInfo = xmlSecEncDataAddKeyInfo(encData);  // your code (cur renamed to encKeyInfo)
cur = xmlSecKeyInfoAddKeyName(encKeyInfo);      // my added two lines
xmlNodeSetContent(cur, BAD_CAST des3Key-&gt;name);

Similarly, the example code provided an element for the KeyName
"test-rsa-key" but didn't set the content:

cur = xmlSecKeyInfoAddKeyName(cur);  // your code
xmlNodeSetContent(cur, BAD_CAST key-&gt;name);  // my added line


Was there some other means of populating the content of these
elements?  Similarly, I don't see in your code where the encrypted
session key and the encryption data get stuffed into their respective
CipherValue elements.

Thank you for your help,
Meg Morgan



      </pre>
    </blockquote>
  </blockquote>
  <pre wrap=""><!---->
  </pre>
</blockquote>
<br>
</body>
</html>

--------------010805000609040405030008--