<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <title>XML Security Library: XML Encryption</title> </head> <body><table witdh="100%" valign="top"><tr valign="top"> <td valign="top" align="left" width="210"> <img src="images/logo.gif" alt="XML Security Library" border="0"><p></p> <ul> <li><a href="index.html">Home</a></li> <li><a href="download.html">Download</a></li> <li><a href="news.html">News</a></li> <li><a href="documentation.html">Documentation</a></li> <ul> <li><a href="faq.html">FAQ</a></li> <li><a href="api/xmlsec-notes.html">Tutorial</a></li> <li><a href="api/xmlsec-reference.html">API reference</a></li> <li><a href="api/xmlsec-examples.html">Examples</a></li> </ul> <li><a href="xmldsig.html">XML Digital Signature</a></li> <ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul> <li><a href="xmlenc.html">XML Encryption</a></li> <li><a href="c14n.html">XML Canonicalization</a></li> <li><a href="bugs.html">Reporting Bugs</a></li> <li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li> <li><a href="related.html">Related</a></li> <li><a href="authors.html">Authors</a></li> </ul> <table width="100%"> <tr> <td width="15"></td> <td><a href="http://xmlsoft.org/"><img src="images/libxml2-logo.png" alt="LibXML2" border="0"></a></td> </tr> <tr> <td width="15"></td> <td><a href="http://xmlsoft.org/XSLT"><img src="images/libxslt-logo.png" alt="LibXSLT" border="0"></a></td> </tr> <tr> <td width="15"></td> <td><a href="http://www.openssl.org/"><img src="images/openssl-logo.png" alt="OpenSSL" border="0"></a></td> </tr> <!--Links - start--><!--Links - end--> </table> </td> <td valign="top"><table width="100%" valign="top"><tr><td valign="top" align="left" id="xmlsecContent"><div align="center"> <h2> XML Encryption </h2> <div align="left"> <a href="http://www.w3.org/TR/xmlenc-core">XML Encryption 1.0</a> standard specifies the process for encryptind data and representing the result in XML document. The data may be an XML element, or an XML element content, or any arbitrary data (including XML document). </div> <div align="center"> <h3>XML Security Library Interoperability Report</h3> <h4 style="text-align: center;">XML Encryption 1.0 (<a href="http://www.w3.org/TR/xmlenc-core/">W3C Recommendation</a>)</h4> </div> <div align="center"> <p> </p> <table style="width: 85%;" border="1" cellpadding="2" cellspacing="2"><tbody> <tr> <td style="width: 40%;" align="left" valign="top"><b>Features and algorithms<br></b></td> <td align="left" valign="top"> <b>XMLSec with OpenSSL</b> </td> <td style="vertical-align: top;"><b>XMLSec with GnuTLS</b></td> <td style="vertical-align: top;"> <b>XMLSec with NSS</b> </td> <td style="vertical-align: top;"> <b>XMLSec with MSCrypto</b> </td> </tr> <tr> <td style="width: 40%;" align="left" valign="top">Laxly valid schema generation of EncryptedData /EncryptedKey <br> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" align="left" valign="top"> <ul> <li> Normalized Form C generations. </li> </ul> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" align="left" valign="top">Type, MimeType, and Encoding <br> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" align="left" valign="top">CipherReference URI derefencing <br> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" align="left" valign="top"> <ul> <li> Transforms </li> </ul> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" align="left" valign="top">ds:KeyInfo <br> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" align="left" valign="top"> <ul> <li> enc:DHKeyValue </li> </ul> </td> <td align="left" valign="top">N<br> </td> <td style="vertical-align: top;">N<br> </td> <td style="vertical-align: top;">N<br> </td> <td style="vertical-align: top;">N<br> </td> </tr> <tr> <td style="width: 40%;" align="left" valign="top"> <ul> <li> ds:KeyName </li> </ul> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" align="left" valign="top"> <ul> <li> ds:RetrievalMethod </li> </ul> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" align="left" valign="top">ReferenceList <br> </td> <td align="left" valign="top">N<br> </td> <td style="vertical-align: top;">N<br> </td> <td style="vertical-align: top;">N<br> </td> <td style="vertical-align: top;">N<br> </td> </tr> <tr> <td style="width: 40%;" align="left" valign="top">EncryptionProperties <br> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" align="left" valign="top">Satisfactory Performance<br> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" align="left" valign="top">Required Type support: Element and Content. <br> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" align="left" valign="top">Encryption <br> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" align="left" valign="top"> <ul> <li> Serialization of XML Element and Content. <ol> <li> NFC conversion from non-Unicode encodings. </li> </ol> </li> </ul> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" align="left" valign="top"> <ul> <li> Encryptor returns EncryptedData structure. </li> </ul> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" align="left" valign="top"> <ul> <li> Encryptor replaces EncryptedData into source document (when Type is Element or Content). </li> </ul> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" valign="top"> Decryption <br> </td> <td valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" align="left" valign="top"> <ul> <li> The decryptor returns the data and its Type to the application (be it an octet sequence or key value). </li> </ul> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" align="left" valign="top"> <ul> <li> If data is Element or Content the decryptor return the UTF-8 encoding XML character data. </li> </ul> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" align="left" valign="top"> <ul> <li> If data is Element or Content the decryptor replaces the EncryptedData in the source document with the decrypted data. </li> </ul> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" align="left" valign="top">TRIPLEDES<br> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" align="left" valign="top">AES-128<br> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" align="left" valign="top">AES-256<br> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" valign="top"> AES-192<br> </td> <td valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" align="left" valign="top">RSA-v1.5 (192 bit keys for AES or DES)<br> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">N<br> </td> <td style="vertical-align: top;">N</td> <td style="vertical-align: top;">Y</td> </tr> <tr> <td style="width: 40%;" valign="top"> RSA-OAEP (128 and 256 bit keys for AES)<br> </td> <td valign="top">Y<a href="#rsa-oaep"><sup>(1)</sup></a> <br> </td> <td style="vertical-align: top;">N</td> <td style="vertical-align: top;">N</td> <td style="vertical-align: top;">N</td> </tr> <tr> <td style="width: 40%;" valign="top"> Diffie-Hellman Key Agreement<br> </td> <td valign="top">N<br> </td> <td style="vertical-align: top;">N</td> <td style="vertical-align: top;">N</td> <td style="vertical-align: top;">N</td> </tr> <tr> <td style="width: 40%;" valign="top"> TRIPLEDES Key Wrap<br> </td> <td valign="top">Y<br> </td> <td style="vertical-align: top;">N</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">N</td> </tr> <tr> <td style="width: 40%;" valign="top"> AES-128 Key Wrap (128 bit keys)<br> </td> <td valign="top">Y<br> </td> <td style="vertical-align: top;">N</td> <td style="vertical-align: top;">Y<br> </td> <td style="vertical-align: top;">N<br> </td> </tr> <tr> <td style="width: 40%;" valign="top"> AES-256 Key Wrap (256 bit keys)<br> </td> <td valign="top">Y<br> </td> <td style="vertical-align: top;">N</td> <td style="vertical-align: top;">Y<br> </td> <td style="vertical-align: top;">N<br> </td> </tr> <tr> <td style="width: 40%;" valign="top"> AES-192 Key Wrap<br> </td> <td valign="top">Y<br> </td> <td style="vertical-align: top;">N</td> <td style="vertical-align: top;">Y<br> </td> <td style="vertical-align: top;">N</td> </tr> <tr> <td style="width: 40%;" valign="top"> SHA1<br> </td> <td valign="top">Y<br> </td> <td style="vertical-align: top;">Y<br> </td> <td style="vertical-align: top;">Y<br> </td> <td style="vertical-align: top;">Y<br> </td> </tr> <tr> <td style="width: 40%;" valign="top"> SHA256<br> </td> <td valign="top">Y<br> </td> <td style="vertical-align: top;">N</td> <td style="vertical-align: top;">N</td> <td style="vertical-align: top;">N</td> </tr> <tr> <td style="width: 40%;" valign="top"> SHA512<br> </td> <td valign="top">Y<br> </td> <td style="vertical-align: top;">N</td> <td style="vertical-align: top;">N</td> <td style="vertical-align: top;">N</td> </tr> <tr> <td style="width: 40%;" valign="top"> RIPEMD-160<br> </td> <td valign="top">Y<br> </td> <td style="vertical-align: top;">Y<br> </td> <td style="vertical-align: top;">N<br> </td> <td style="vertical-align: top;">N<br> </td> </tr> <tr> <td style="width: 40%;" valign="top"> XML Digital Signature <br> </td> <td valign="top">Y<br> </td> <td style="vertical-align: top;">Y<br> </td> <td style="vertical-align: top;">Y<br> </td> <td style="vertical-align: top;">Y<br> </td> </tr> <tr> <td style="width: 40%;" valign="top"> Decryption Transform<br> </td> <td valign="top">N<br> </td> <td style="vertical-align: top;">N</td> <td style="vertical-align: top;">N</td> <td style="vertical-align: top;">N</td> </tr> <tr> <td style="width: 40%;" valign="top"> <ul> <li>XPointer support in <code>Except URI</code> </li> </ul> </td> <td valign="top">N<br> </td> <td style="vertical-align: top;">N</td> <td style="vertical-align: top;">N</td> <td style="vertical-align: top;">N</td> </tr> <tr> <td style="width: 40%;" align="left" valign="top"> <a href="http://www.w3.org/TR/xml-c14n">Canonical XML 1.0</a> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y<br> </td> <td style="vertical-align: top;">Y<br> </td> <td style="vertical-align: top;">Y<br> </td> </tr> <tr> <td style="width: 40%;" align="left" valign="top"> <a href="http://www.w3.org/TR/xml-exc-c14n">Exlusive Canonical XML 1.0</a> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y<br> </td> <td style="vertical-align: top;">Y<br> </td> <td style="vertical-align: top;">Y<br> </td> </tr> <tr> <td style="width: 40%;" align="left" valign="top"> <a href="http://www.w3.org/TR/xml-c14n11/">Canonical XML 1.1</a> </td> <td align="left" valign="top">Y<br> </td> <td style="vertical-align: top;">Y<br> </td> <td style="vertical-align: top;">Y<br> </td> <td style="vertical-align: top;">Y<br> </td> </tr> <tr> <td style="width: 40%;" valign="top">Base64 Encoding<br> </td> <td valign="top">Y<br> </td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> <td style="vertical-align: top;">Y</td> </tr> </tbody></table> <div align="left"> <br><a name="rsa-oaep"></a> <sup>(1)</sup> OpenSSL (and XML Security Library) supports only SHA1 as the digest in the RSA-OAEP key transport.<br><p> <b>Test vectors (from <a href="http://www.w3.org/Encryption/2002/02-xenc-interop.html">W3C XML Encryption interop page</a>): </b><br><a href="http://lists.w3.org/Archives/Public/xml-encryption/2002Mar/0008.html">merlin-xmlenc-five.tar.gz</a> <br><a href="http://lists.w3.org/Archives/Public/xml-encryption/2002Mar/att-0052/01-phaos-xmlenc-3.zip">phaos-xmlenc-3.zip</a> <br></p> </div> </div> </div></td></tr></table></td> </tr></table></body> </html>