Re: [xmlsec] encryption works but decryption failed

Fri, 18 Jan 2008 10:37:18 -0800 

Most likely the cause of the problem is "empty"
KeyName node. Try to remove it from the template
or specify key name in the command line options
for both encryption and decryption.

Aleksey

Balakrishnan Viswanathan wrote:

Hi All,
I am a newbie to xmlsec and also to security in general. I am trying to use xmlsec utility to encrypt and decrypt using the windows binary provided by Igor. I am able to successfully encrypt a xml file using syntax 


Encryption:-
C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --encrypt --binary-da
ta test.xml --session-key des-192 --pubkey-pem leafkeypub.pem --output testenc.x 

ml template2.xml
the above works and I can see the encrypted data in <ciphervalue> node of the output document testenc.xml (also attached).
However, when I try the reverse, i.e, decrypting the document from above step I get error below 


Decryption fails:-
C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --decrypt --privkey-p 

em leafkey.pem --output testdecrypt.xml testenc.xml

Enter password for "leafkey.pem" file:

func=xmlSecKeysMngrGetKey:file=..\src\keys.c:line=1364:obj=unknown:subj=xmlSecKe

ysMngrFindKey:error=1:xmlsec library function failed:

func=xmlSecEncCtxEncDataNodeRead:file=..\src\xmlenc.c:line=885:obj=unknown:subj=

unknown:error=45:key is not found:

func=xmlSecEncCtxDecryptToBuffer:file=..\src\xmlenc.c:line=643:obj=unknown:subj=

xmlSecEncCtxEncDataNodeRead:error=1:xmlsec library function failed:

func=xmlSecEncCtxDecrypt:file=..\src\xmlenc.c:line=582:obj=unknown:subj=xmlSecEn

cCtxDecryptToBuffer:error=1:xmlsec library function failed:

Error: failed to decrypt file

Error: failed to decrypt file "testenc.xml"
The error says “key not found”, but key is in the same folder where I am running it from. I am also attaching the private key (password – leaf) and public key that corresponds to it 


I am attaching all the relevant files. Any pointers are appreciated. Thanks.


-Bala



------------------------------------------------------------------------

_______________________________________________
xmlsec mailing list
xmlsec@aleksey.com
http://www.aleksey.com/mailman/listinfo/xmlsec

_______________________________________________
xmlsec mailing list
xmlsec@aleksey.com
http://www.aleksey.com/mailman/listinfo/xmlsec

Reply via email to