[xmlsec] How to encrypt a key ?

Sébastien Hinderer Sebastien.Hinderer at snv.jussieu.fr
Mon May 11 09:29:25 PDT 2009


Dear all,

I went through xmlsec's tutorial and examined several pages of the API
reference, but cant't really figure out how to encrypt a key with
another key.

The scenario is as follows.
1. An AES 192 bits key is generated.
2. This key is encrypted with an RSA public key, so that it can be
decrypted only on a device owning the corresponding private key.
3. The AES key generated in step 1 is used to encrypt a series of XML
files, so that these files are readable only on one device.

My uestion is about step 2.
More precisely, I know how to load the rea key, assume it is placed in a
variable called rsaPublicKey.
I also know how to generate the AES key, spposed it is placed in a
variable called aesKey.
Now that these two keys are available, how to produce something looking
like this:
<xe:EncryptedKey>
  <xe:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
  <xe:CipherData>
    <xe:CipherValue>...</xe:CipherValue>
  </xe:CipherData>
  <xe:CarriedKeyName>keyname</xe:CarriedKeyName>
</xe:EncryptedKey>
My guess is that the operation will involve xmlSecTransformRsaPkcs1Id,
but I can't find more precisely the wayleading from the two keys to the
previously shown output.

Any help would be gratly appreciate.

Thanks much in advance,
Sébastien.


More information about the xmlsec mailing list