ACTION-510 Propose explanation of use of content vs. element in implementations from Pratik Datta on 2010-02-09 (public-xmlsec@w3.org from February 2010)

From: Pratik Datta <PRATIK.DATTA@oracle.com>
Date: Tue, 9 Feb 2010 10:55:10 -0800 (PST)
To: "public-xmlsec@w3.org Public List" <public-xmlsec@w3.org>
Message-ID: <ee041128-bf05-4237-a861-21a08f1bda8d@default>

Thomas,

 

I checked one of our implementations. In this one the decryptor doesn't really need the "content" vs "element".  Here is what the decryptor does :

 

It decrypts the cipher text, to get the plaintext, and then puts the plain text inside dummy start and end tags. I.e. like this  "<dummy> plaintext </dummy>" and then parses this xml document  into a DOM tree. For type = "element" it checks that the <dummy> element has only one child, whereas for type = "content" it doesn't perform this check. In either case it just takes all the children of the <dummy> node and deep imports them into the original document, replacing the <EncryptedData> element. It also does special handling for  namespaces and xml attributes that I have omitted for simplicity

 

I am still checking with the other implementations.

 

Pratik

Received on Tuesday, 9 February 2010 18:56:47 UTC