RE: [xmlsec] encryption works but decryption failed

Balakrishnan Viswanathan Fri, 18 Jan 2008 11:21:12 -0800

Aleksey,

Thanks for your quick response. I tried removing the <KeyName/> from the
template and also specified the KeyName for encrypt and decrypt, but
decrypt still fails with "key not found" error



C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --encrypt
--binary-da
ta test.xml --session-key des-192 --pubkey-pem:leaf-key leafkeypub.pem
--output
testenc.xml template2withoutKeyName.xml

C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>notepad testenc.xml

C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --decrypt
--privkey-p
em:leaf-key leafkey.pem --output testdecrypt.xml testenc.xml
Enter password for "leafkey.pem" file:
func=xmlSecKeysMngrGetKey:file=..\src\keys.c:line=1364:obj=unknown:subj=
xmlSecKe
ysMngrFindKey:error=1:xmlsec library function failed:
func=xmlSecEncCtxEncDataNodeRead:file=..\src\xmlenc.c:line=885:obj=unkno
wn:subj=
unknown:error=45:key is not found:
func=xmlSecEncCtxDecryptToBuffer:file=..\src\xmlenc.c:line=643:obj=unkno
wn:subj=
xmlSecEncCtxEncDataNodeRead:error=1:xmlsec library function failed:
func=xmlSecEncCtxDecrypt:file=..\src\xmlenc.c:line=582:obj=unknown:subj=
xmlSecEn
cCtxDecryptToBuffer:error=1:xmlsec library function failed:
Error: failed to decrypt file
Error: failed to decrypt file "testenc.xml"


I am attaching the template and encrypted document. Thanks.

-Bala

-----Original Message-----
From: Aleksey Sanin [mailto:[EMAIL PROTECTED] 
Sent: Friday, January 18, 2008 10:37 AM
To: Balakrishnan Viswanathan
Cc: xmlsec@aleksey.com
Subject: Re: [xmlsec] encryption works but decryption failed

Most likely the cause of the problem is "empty"
KeyName node. Try to remove it from the template
or specify key name in the command line options
for both encryption and decryption.

Aleksey

Balakrishnan Viswanathan wrote:
> Hi All,
> 
>  
> 
> I am a newbie to xmlsec and also to security in general. I am trying
to 
> use xmlsec utility to encrypt and decrypt using the windows binary 
> provided by Igor. I am able to successfully encrypt a xml file using
syntax
> 
>  
> 
> Encryption:-
> 
>  
> 
> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --encrypt 
> --binary-da
> 
> ta test.xml --session-key des-192 --pubkey-pem leafkeypub.pem --output

> testenc.x
> 
> ml template2.xml
> 
>  
> 
> the above works and I can see the encrypted data in <ciphervalue> node

> of the output document testenc.xml (also attached).
> 
>  
> 
> However, when I try the reverse, i.e, decrypting the document from
above 
> step I get error below
> 
>  
> 
> Decryption fails:-
> 
>  
> 
> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --decrypt 
> --privkey-p
> 
> em leafkey.pem --output testdecrypt.xml testenc.xml
> 
> Enter password for "leafkey.pem" file:
> 
>
func=xmlSecKeysMngrGetKey:file=..\src\keys.c:line=1364:obj=unknown:subj=
xmlSecKe
> 
> ysMngrFindKey:error=1:xmlsec library function failed:
> 
>
func=xmlSecEncCtxEncDataNodeRead:file=..\src\xmlenc.c:line=885:obj=unkno
wn:subj=
> 
> unknown:error=45:key is not found:
> 
>
func=xmlSecEncCtxDecryptToBuffer:file=..\src\xmlenc.c:line=643:obj=unkno
wn:subj=
> 
> xmlSecEncCtxEncDataNodeRead:error=1:xmlsec library function failed:
> 
>
func=xmlSecEncCtxDecrypt:file=..\src\xmlenc.c:line=582:obj=unknown:subj=
xmlSecEn
> 
> cCtxDecryptToBuffer:error=1:xmlsec library function failed:
> 
> Error: failed to decrypt file
> 
> Error: failed to decrypt file "testenc.xml"
> 
>  
> 
> The error says "key not found", but key is in the same folder where I
am 
> running it from. I am also attaching the private key (password - leaf)

> and public key that corresponds to it
> 
>  
> 
> I am attaching all the relevant files. Any pointers are appreciated.
Thanks.
> 
>  
> 
> -Bala
> 
>  
> 
>  
> 
>  
> 
> 
>
------------------------------------------------------------------------
> 
> _______________________________________________
> xmlsec mailing list
> xmlsec@aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec

<?xml version="1.0"?>
<!-- 
XML Security Library example: Simple encryption template file for encrypt1 example. 
-->
<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#";>
    <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
    <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";>
    </KeyInfo>   
    <CipherData>
	<CipherValue>z7KUZeM4wNhByVE5iYfYT30uZAdYh/YbfIclJssJPtr0jmAQESeM+D3QbhEhmHkL
Ms1cCVUAOJI9Kl1EA1kHgub5AGhjPMp5tF+dLfUJmcfax8eSjX1RuUo77o6J/oMY
BuUCroXzJ3Gs0d1hJzpu+MT3AX8mdOYApOH2VfPXJV8Mej6EZfrgXGKVGJJA8HMG
puxCmg9ufejIW9yeDcjUiB7xGZTjgWpC</CipherValue>
    </CipherData>
</EncryptedData>

<?xml version="1.0"?>
<!-- 
XML Security Library example: Simple encryption template file for encrypt1 example. 
-->
<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#";>
    <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
    <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";>
    </KeyInfo>   
    <CipherData>
	<CipherValue></CipherValue>
    </CipherData>
</EncryptedData>

_______________________________________________
xmlsec mailing list
xmlsec@aleksey.com
http://www.aleksey.com/mailman/listinfo/xmlsec

RE: [xmlsec] encryption works but decryption failed

Reply via email to