[xmlsec] detached encrypted key
Aleksey Sanin
aleksey at aleksey.com
Fri Oct 29 11:50:32 PDT 2004
>
> 2. When I try to decrypt the encrypted key element,
> xmlsec tries to replace the encrypted key element, by
> calling xmlSecReplaceNodeBuffer, even though the Type
> attribute says "content". I got the internal parser
> error. ( there is no well formed xml data, it is key,
> so supposedly fails).
BTW, the xmlSecReplaceNodeBuffer function handles "content"
type nicely:
$ cat tests/aleksey-xmlenc-01/enc-des3cbc-keyname-content.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE test [
<!ATTLIST Test Id ID #IMPLIED>
]>
<Test Id="Test"><EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#"
MimeType="text/plain" Type="http://www.w3.org/2001/04/xmlenc#Content">
<EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<KeyName>test-des</KeyName>
</KeyInfo>
<CipherData>
<CipherValue>
V0CekKjZodbqjW4Yq3lMkA==
</CipherValue>
</CipherData>
</EncryptedData></Test>
$ /home/aleksey/dev/xmlsec-tip/apps/xmlsec1 decrypt --crypto-config
/tmp/xmlsec-crypto-config --keys-file tests/keys/keys.xml
tests/aleksey-xmlenc-01/enc-des3cbc-keyname-content.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE test [
<!ATTLIST Test Id ID #IMPLIED>
]>
<Test Id="Test">
test
</Test>
Aleksey
More information about the xmlsec
mailing list