[xmlsec] Encrypting Content
Aleksey Sanin
aleksey at aleksey.com
Sat Mar 26 14:06:12 UTC 2022
Hi Timothy,
I am not exactly sure what are you trying to do but I recommend
checking out examples:
https://github.com/lsh123/xmlsec/tree/master/examples
and tests:
https://github.com/lsh123/xmlsec/tree/master/tests
Also, if you can explain what is your goal, then it might be easier
to provide a solution for your problem.
Best,
Aleksey
On 3/25/22 7:15 PM, Timothy Legge wrote:
> Hi
>
> Sorry, I sent this directly to Aleksey initially...
>
> I was following:
> https://users.dcc.uchile.cl/~pcamacho/tutorial/web/xmlsec/xmlsec.html
> (which is reasonably close enough for me to get encryption working.
>
> Specifically the following command results in the Content in
> /PayInfo/CreditCard/Number/text() being properly encrypted. However,
> I would expect that the EncryptedData Type should be
> "http://www.w3.org/2001/04/xmlenc#Content" instead of the specified
> Element for this to properly encrypt the Content. Changing it to
> Content causes the doc-encrypted.xml created to be missing data in the
> Number tags: "<Number></Number>".
>
> To me it appears this to be a bug but likely I am misreading the
> XML-Enc specifications.
>
> Any thoughts?
>
> xmlsec1 --encrypt --pubkey-cert-pem t/sign-certonly.pem
> --session-key des-192 --xml-data doc-plain.xml --output
> doc-encrypted.xml --node-xpath '/PayInfo/CreditCard/Number/text()'
> session-key-template.xml
>
> ========================================
> doc-plain.xml
> ========================================
> <?xml version="1.0" encoding="utf-8" ?>
> <PayInfo>
> <Name>John Smith</Name>
> <CreditCard Limit='2,000' Currency='USD'>
> <Number>1076 2478 0678 5589</Number>
> <Issuer>CitiBank</Issuer>
> <Expiration>06/10</Expiration>
> </CreditCard>
> </PayInfo>
> ========================================
> session-key-template.xml
> ==========================================
> <?xml version="1.0" encoding="UTF-8"?>
> <!--
> XML Security Library example: Original XML
> doc file before encryption (encrypt3 example).
> -->
> <EncryptedData
> xmlns="http://www.w3.org/2001/04/xmlenc#"
> Type="http://www.w3.org/2001/04/xmlenc#Element">
> <EncryptionMethod Algorithm=
> "http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
> <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
> <EncryptionMethod Algorithm=
> "http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
> <KeyName/>
> </KeyInfo>
> <CipherData>
> <CipherValue/>
> </CipherData>
> </EncryptedKey>
> </KeyInfo>
> <CipherData>
> <CipherValue/>
> </CipherData>
> </EncryptedData>
> ==========================================
>
>
> Timothy Legge
> timlegge at gmail.com
> timlegge at cpan.org
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec
More information about the xmlsec
mailing list