[xmlsec] Wrong key selection in simple keys store?
Wouter
wsh at xs4all.nl
Sun Sep 14 01:02:17 PDT 2003
Possibly true what you're stating, but this situation is actually
occurring when running the encryption test suite. For example the
command:
"xmlsec encrypt --crypto-config ../tests --keys-file
../tests/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name
--xml-data ../tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5.data
--node-name http://example.org/paymentv2:CreditCard --output
/tmp/testEnc.20030912_215437-600.tmp
../tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5.tmpl" will load
the 256 bits aes key for creating the the encrypted data, which is of
type aes-128 encryption....
Perhaps the test needs to be adjusted then?
Wouter
> -----Original Message-----
> From: Rich Salz [mailto:rsalz at datapower.com]
> Sent: Saturday, September 13, 2003 22:46
> To: Aleksey Sanin
> Cc: Wouter; xmlsec at aleksey.com
> Subject: Re: [xmlsec] Wrong key selection in simple keys store?
>
>
> > And in general, I would not recommend to search for keys without
> > specifying a unique key name. It sounds like a good way to get
> > yourself in trouble.
>
> Strongly agree. Unless the keystore has exactly one key, I
> think a name (or some other identifying information) should
> be required.
>
> Ambiguity in signing is a bad idea. :)
> /r$
>
> --
> Rich Salz Chief Security Architect
> DataPower Technology http://www.datapower.com
> XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
> XML Security Overview
> http://www.datapower.com/xmldev/xmlsecurity.ht> ml
>
>
More information about the xmlsec
mailing list