Namespace URI http://www.w3.org/2001/04/xmlenc#
(Normally mapped to the xenc prefix)
Uses some elements from XML digital signatures for keys
Typical form:
<EncryptedData Id="unique_value"
Type="http://www.w3.org/2001/04/xmlenc#Element |
http://www.w3.org/2001/04/xmlenc#Content |
MIME media type URI">
<EncryptionMethod Algorithm="URI"/>
<ds:KeyInfo>
<ds:KeyName>Plain text name of key</ds:KeyName>
<ds:RetrievalMethod URI="key location"
Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey" />
</ds:KeyInfo>
<CipherData Nonce="Base-64 encoded salt">
<CipherValue>Base-64 encoded cipher text</CipherValue>
<CipherReference URI="URL of cipher text">
<Transforms>
<ds:Transform
Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
<ds:XPath xmlns:rep="http://www.example.org/repository">
self::text()[parent::CipherValue[@id="example1"]]
</ds:XPath>
<ds:Transform>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64"/>
</Transforms>
</CipherReference>
</CipherData>
</EncryptedData>At a minimum, each EncryptedData must contain
a CipherData which contains either a
CipherValue or a CipherReference.
Everything else is optional.