|
Server : Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17 System : Linux localhost 2.6.18-419.el5 #1 SMP Fri Feb 24 22:47:42 UTC 2017 x86_64 User : nobody ( 99) PHP Version : 5.2.17 Disable Function : NONE Directory : /proc/21571/root/usr/share/doc/xmlsec1/ |
Upload File : |
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>XML Security Library: XML Encryption</title>
</head>
<body><table witdh="100%" valign="top"><tr valign="top">
<td valign="top" align="left" width="210">
<img src="images/logo.gif" alt="XML Security Library" border="0"><p></p>
<ul>
<li><a href="index.html">Home</a></li>
<li><a href="download.html">Download</a></li>
<li><a href="news.html">News</a></li>
<li><a href="documentation.html">Documentation</a></li>
<ul>
<li><a href="faq.html">FAQ</a></li>
<li><a href="api/xmlsec-notes.html">Tutorial</a></li>
<li><a href="api/xmlsec-reference.html">API reference</a></li>
<li><a href="api/xmlsec-examples.html">Examples</a></li>
</ul>
<li><a href="xmldsig.html">XML Digital Signature</a></li>
<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul>
<li><a href="xmlenc.html">XML Encryption</a></li>
<li><a href="c14n.html">XML Canonicalization</a></li>
<li><a href="bugs.html">Reporting Bugs</a></li>
<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
<li><a href="related.html">Related</a></li>
<li><a href="authors.html">Authors</a></li>
</ul>
<table width="100%">
<tr>
<td width="15"></td>
<td><a href="http://xmlsoft.org/"><img src="images/libxml2-logo.png" alt="LibXML2" border="0"></a></td>
</tr>
<tr>
<td width="15"></td>
<td><a href="http://xmlsoft.org/XSLT"><img src="images/libxslt-logo.png" alt="LibXSLT" border="0"></a></td>
</tr>
<tr>
<td width="15"></td>
<td><a href="http://www.openssl.org/"><img src="images/openssl-logo.png" alt="OpenSSL" border="0"></a></td>
</tr>
<!--Sponsored links - start--><!--Sponsored links - end-->
</table>
</td>
<td valign="top"><table width="100%" valign="top"><tr><td valign="top" align="left" id="xmlsecContent"><div align="center">
<h2> XML Encryption </h2>
<div align="left"> <a href="http://www.w3.org/TR/xmlenc-core">XML Encryption</a> standard
specifies
the process for encryptind data and representing the result in XML
document.
The data may be an XML element, or an XML element content, or any
arbitrary
data (including XML document). </div>
<div align="center">
<h3>XML Security Library Interoperability Report</h3>
<h4 style="text-align: center;">XML Encryption (<a href="http://www.w3.org/TR/xmlenc-core/">W3C Recommendation</a>)</h4>
</div>
<div align="center">
<p> </p>
<table style="width: 85%;" border="1" cellpadding="2" cellspacing="2"><tbody>
<tr>
<td style="width: 40%;" align="left" valign="top"><b>Features
and
algorithms<br></b></td>
<td align="left" valign="top"> <b>XMLSec with OpenSSL</b>
</td>
<td style="vertical-align: top;"><b>XMLSec with GnuTLS</b></td>
<td style="vertical-align: top;"> <b>XMLSec with NSS</b>
</td>
<td style="vertical-align: top;"> <b>XMLSec with
MSCrypto</b> </td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">Laxly
valid
schema generation of EncryptedData
/EncryptedKey <br>
</td>
<td align="left" valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">
<ul>
<li> Normalized Form C generations. </li>
</ul>
</td>
<td align="left" valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">Type,
MimeType,
and Encoding <br>
</td>
<td align="left" valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">CipherReference
URI derefencing <br>
</td>
<td align="left" valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">
<ul>
<li> Transforms </li>
</ul>
</td>
<td align="left" valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">ds:KeyInfo
<br>
</td>
<td align="left" valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">
<ul>
<li> enc:DHKeyValue </li>
</ul>
</td>
<td align="left" valign="top">N<br>
</td>
<td style="vertical-align: top;">N<br>
</td>
<td style="vertical-align: top;">N<br>
</td>
<td style="vertical-align: top;">N<br>
</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">
<ul>
<li> ds:KeyName </li>
</ul>
</td>
<td align="left" valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">
<ul>
<li> ds:RetrievalMethod </li>
</ul>
</td>
<td align="left" valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">ReferenceList
<br>
</td>
<td align="left" valign="top">N<br>
</td>
<td style="vertical-align: top;">N<br>
</td>
<td style="vertical-align: top;">N<br>
</td>
<td style="vertical-align: top;">N<br>
</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">EncryptionProperties
<br>
</td>
<td align="left" valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">Satisfactory
Performance<br>
</td>
<td align="left" valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">Required
Type
support: Element and Content. <br>
</td>
<td align="left" valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">Encryption
<br>
</td>
<td align="left" valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">
<ul>
<li> Serialization of XML Element and Content.
<ol>
<li> NFC conversion from non-Unicode encodings.
</li>
</ol>
</li>
</ul>
</td>
<td align="left" valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">
<ul>
<li> Encryptor returns EncryptedData structure. </li>
</ul>
</td>
<td align="left" valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">
<ul>
<li> Encryptor replaces EncryptedData into source
document (when Type is Element or Content). </li>
</ul>
</td>
<td align="left" valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" valign="top"> Decryption <br>
</td>
<td valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">
<ul>
<li> The decryptor returns the data and its Type to
the application (be
it an octet sequence or key value). </li>
</ul>
</td>
<td align="left" valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">
<ul>
<li> If data is Element or Content the decryptor
return the UTF-8 encoding XML character data. </li>
</ul>
</td>
<td align="left" valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">
<ul>
<li> If data is Element or Content the decryptor
replaces the EncryptedData in the source document with the decrypted
data. </li>
</ul>
</td>
<td align="left" valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">TRIPLEDES<br>
</td>
<td align="left" valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">AES-128<br>
</td>
<td align="left" valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">AES-256<br>
</td>
<td align="left" valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" valign="top"> AES-192<br>
</td>
<td valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" align="left" valign="top">RSA-v1.5
(192 bit keys
for AES or DES)<br>
</td>
<td align="left" valign="top">Y<br>
</td>
<td style="vertical-align: top;">N<br>
</td>
<td style="vertical-align: top;">N</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" valign="top"> RSA-OAEP (128
and 256 bit keys for
AES)<br>
</td>
<td valign="top">Y<a href="#rsa-oaep"><sup>(1)</sup></a>
<br>
</td>
<td style="vertical-align: top;">N</td>
<td style="vertical-align: top;">N</td>
<td style="vertical-align: top;">N</td>
</tr>
<tr>
<td style="width: 40%;" valign="top"> Diffie-Hellman
Key Agreement<br>
</td>
<td valign="top">N<br>
</td>
<td style="vertical-align: top;">N</td>
<td style="vertical-align: top;">N</td>
<td style="vertical-align: top;">N</td>
</tr>
<tr>
<td style="width: 40%;" valign="top"> TRIPLEDES Key
Wrap<br>
</td>
<td valign="top">Y<br>
</td>
<td style="vertical-align: top;">N</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">N</td>
</tr>
<tr>
<td style="width: 40%;" valign="top"> AES-128 Key
Wrap (128 bit keys)<br>
</td>
<td valign="top">Y<br>
</td>
<td style="vertical-align: top;">N</td>
<td style="vertical-align: top;">Y<br>
</td>
<td style="vertical-align: top;">N<br>
</td>
</tr>
<tr>
<td style="width: 40%;" valign="top"> AES-256 Key
Wrap (256 bit keys)<br>
</td>
<td valign="top">Y<br>
</td>
<td style="vertical-align: top;">N</td>
<td style="vertical-align: top;">Y<br>
</td>
<td style="vertical-align: top;">N<br>
</td>
</tr>
<tr>
<td style="width: 40%;" valign="top"> AES-192 Key Wrap<br>
</td>
<td valign="top">Y<br>
</td>
<td style="vertical-align: top;">N</td>
<td style="vertical-align: top;">Y<br>
</td>
<td style="vertical-align: top;">N</td>
</tr>
<tr>
<td style="width: 40%;" valign="top"> SHA1<br>
</td>
<td valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y<br>
</td>
<td style="vertical-align: top;">Y<br>
</td>
<td style="vertical-align: top;">Y<br>
</td>
</tr>
<tr>
<td style="width: 40%;" valign="top"> SHA256<br>
</td>
<td valign="top">Y <br>
</td>
<td style="vertical-align: top;">N</td>
<td style="vertical-align: top;">N</td>
<td style="vertical-align: top;">N</td>
</tr>
<tr>
<td style="width: 40%;" valign="top"> SHA512<br>
</td>
<td valign="top">Y<br>
</td>
<td style="vertical-align: top;">N</td>
<td style="vertical-align: top;">N</td>
<td style="vertical-align: top;">N</td>
</tr>
<tr>
<td style="width: 40%;" valign="top"> RIPEMD-160<br>
</td>
<td valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y<br>
</td>
<td style="vertical-align: top;">N<br>
</td>
<td style="vertical-align: top;">N<br>
</td>
</tr>
<tr>
<td style="width: 40%;" valign="top"> XML Digital
Signature <br>
</td>
<td valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y<br>
</td>
<td style="vertical-align: top;">Y<br>
</td>
<td style="vertical-align: top;">Y<br>
</td>
</tr>
<tr>
<td style="width: 40%;" valign="top"> Decryption
Transform for XML Signature <br>
</td>
<td valign="top">N<br>
</td>
<td style="vertical-align: top;">N</td>
<td style="vertical-align: top;">N</td>
<td style="vertical-align: top;">N</td>
</tr>
<tr>
<td style="width: 40%;" valign="top">
<ul>
<li> XPointer support in <code>Except</code><code>
URI</code>.</li>
</ul>
</td>
<td valign="top">N<br>
</td>
<td style="vertical-align: top;">N</td>
<td style="vertical-align: top;">N</td>
<td style="vertical-align: top;">N</td>
</tr>
<tr>
<td style="width: 40%;" valign="top">
<p> Canonical
XML (with and without comments) </p>
</td>
<td valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" valign="top"> Exclusive
Canonicalization (with and without comments)<br>
</td>
<td valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
<tr>
<td style="width: 40%;" valign="top">Base64 Encoding<br>
</td>
<td valign="top">Y<br>
</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
<td style="vertical-align: top;">Y</td>
</tr>
</tbody></table>
<div align="left"> <br><a name="rsa-oaep"></a> <sup>(1)</sup> OpenSSL (and XML
Security Library) supports only SHA1 as the digest in the RSA-OAEP key
transport.<br><p> <b>Test vectors (from <a href="http://www.w3.org/Encryption/2002/02-xenc-interop.html">W3C XML
Encryption
interop page</a>): </b><br><a href="http://lists.w3.org/Archives/Public/xml-encryption/2002Mar/0008.html">merlin-xmlenc-five.tar.gz</a>
<br><a href="http://lists.w3.org/Archives/Public/xml-encryption/2002Mar/att-0052/01-phaos-xmlenc-3.zip">phaos-xmlenc-3.zip</a>
<br></p>
</div>
</div>
</div></td></tr></table></td>
</tr></table></body>
</html>