[xmlsec] encryption works but decryption failed

Balakrishnan Viswanathan bviswana at tibco.com
Fri Jan 18 12:01:07 PST 2008 

Aleksey

I took the template 

http://svn.gnome.org/viewvc/xmlsec/trunk/tests/aleksey-xmlenc-01/enc-des
3cbc-aes192-keyname.tmpl?view=markup

and this time even encrypt failed with "key not found error"

C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --encrypt
--binary-da
ta test.xml --session-key aes-192 --pubkey-pem:test-aes192
leafkeypub.pem --outp
ut testenc.xml templatefromaleksey.xml
func=xmlSecEncCtxEncDataNodeRead:file=..\src\xmlenc.c:line=885:obj=unkno
wn:subj=
unknown:error=45:key is not found:
func=xmlSecEncCtxUriEncrypt:file=..\src\xmlenc.c:line=527:obj=unknown:su
bj=xmlSe
cEncCtxEncDataNodeRead:error=1:xmlsec library function failed:
Error: failed to encrypt file "test.xml"
Error: failed to encrypt file with template "templatefromaleksey.xml"


-Bala

-----Original Message-----
From: Aleksey Sanin [mailto:aleksey at aleksey.com] 
Sent: Friday, January 18, 2008 11:38 AM
To: Balakrishnan Viswanathan
Cc: xmlsec at aleksey.com
Subject: Re: [xmlsec] encryption works but decryption failed

Oh, never mine. I got it. You specify "session key" and
in this case you *must* add <EncryptedKey> to the template
to actually store the session key. Checkout examples
in xmlsec/tests/aleksey-xmlenc-01

Aleksey

Balakrishnan Viswanathan wrote:
> Aleksey,
> 
> I tried that already and same result, commands below:-
> 
> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --encrypt
> --binary-da
> ta test.xml --session-key des-192 --pubkey-pem leafkeypub.pem --output
> testenc.x
> ml template2withoutKeyName.xml
> 
> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>notepad
testenc.xml
> 
> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --decrypt
> --privkey-p
> em leafkey.pem --output testdecrypt.xml testenc.xml
> Enter password for "leafkey.pem" file:
>
func=xmlSecKeysMngrGetKey:file=..\src\keys.c:line=1364:obj=unknown:subj=
> xmlSecKe
> ysMngrFindKey:error=1:xmlsec library function failed:
>
func=xmlSecEncCtxEncDataNodeRead:file=..\src\xmlenc.c:line=885:obj=unkno
> wn:subj=
> unknown:error=45:key is not found:
>
func=xmlSecEncCtxDecryptToBuffer:file=..\src\xmlenc.c:line=643:obj=unkno
> wn:subj=
> xmlSecEncCtxEncDataNodeRead:error=1:xmlsec library function failed:
>
func=xmlSecEncCtxDecrypt:file=..\src\xmlenc.c:line=582:obj=unknown:subj=
> xmlSecEn
> cCtxDecryptToBuffer:error=1:xmlsec library function failed:
> Error: failed to decrypt file
> Error: failed to decrypt file "testenc.xml"
> 
> -Bala
> 
> -----Original Message-----
> From: Aleksey Sanin [mailto:aleksey at aleksey.com] 
> Sent: Friday, January 18, 2008 11:30 AM
> To: Balakrishnan Viswanathan
> Cc: xmlsec at aleksey.com
> Subject: Re: [xmlsec] encryption works but decryption failed
> 
> Could you please to try to remove the KeyName and
> do *not* specify key name in the command line?
> 
> Aleksey
> 
> Balakrishnan Viswanathan wrote:
>> Aleksey,
>>
>> Thanks for your quick response. I tried removing the <KeyName/> from
> the
>> template and also specified the KeyName for encrypt and decrypt, but
>> decrypt still fails with "key not found" error
>>
>>
>> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --encrypt
>> --binary-da
>> ta test.xml --session-key des-192 --pubkey-pem:leaf-key
leafkeypub.pem
>> --output
>> testenc.xml template2withoutKeyName.xml
>>
>> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>notepad
> testenc.xml
>> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --decrypt
>> --privkey-p
>> em:leaf-key leafkey.pem --output testdecrypt.xml testenc.xml
>> Enter password for "leafkey.pem" file:
>>
>
func=xmlSecKeysMngrGetKey:file=..\src\keys.c:line=1364:obj=unknown:subj=
>> xmlSecKe
>> ysMngrFindKey:error=1:xmlsec library function failed:
>>
>
func=xmlSecEncCtxEncDataNodeRead:file=..\src\xmlenc.c:line=885:obj=unkno
>> wn:subj=
>> unknown:error=45:key is not found:
>>
>
func=xmlSecEncCtxDecryptToBuffer:file=..\src\xmlenc.c:line=643:obj=unkno
>> wn:subj=
>> xmlSecEncCtxEncDataNodeRead:error=1:xmlsec library function failed:
>>
>
func=xmlSecEncCtxDecrypt:file=..\src\xmlenc.c:line=582:obj=unknown:subj=
>> xmlSecEn
>> cCtxDecryptToBuffer:error=1:xmlsec library function failed:
>> Error: failed to decrypt file
>> Error: failed to decrypt file "testenc.xml"
>>
>>
>> I am attaching the template and encrypted document. Thanks.
>>
>> -Bala
>>
>> -----Original Message-----
>> From: Aleksey Sanin [mailto:aleksey at aleksey.com] 
>> Sent: Friday, January 18, 2008 10:37 AM
>> To: Balakrishnan Viswanathan
>> Cc: xmlsec at aleksey.com
>> Subject: Re: [xmlsec] encryption works but decryption failed
>>
>> Most likely the cause of the problem is "empty"
>> KeyName node. Try to remove it from the template
>> or specify key name in the command line options
>> for both encryption and decryption.
>>
>> Aleksey
>>
>> Balakrishnan Viswanathan wrote:
>>> Hi All,
>>>
>>>  
>>>
>>> I am a newbie to xmlsec and also to security in general. I am trying
>> to 
>>> use xmlsec utility to encrypt and decrypt using the windows binary 
>>> provided by Igor. I am able to successfully encrypt a xml file using
>> syntax
>>>  
>>>
>>> Encryption:-
>>>
>>>  
>>>
>>> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --encrypt

>>> --binary-da
>>>
>>> ta test.xml --session-key des-192 --pubkey-pem leafkeypub.pem
> --output
>>> testenc.x
>>>
>>> ml template2.xml
>>>
>>>  
>>>
>>> the above works and I can see the encrypted data in <ciphervalue>
> node
>>> of the output document testenc.xml (also attached).
>>>
>>>  
>>>
>>> However, when I try the reverse, i.e, decrypting the document from
>> above 
>>> step I get error below
>>>
>>>  
>>>
>>> Decryption fails:-
>>>
>>>  
>>>
>>> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --decrypt

>>> --privkey-p
>>>
>>> em leafkey.pem --output testdecrypt.xml testenc.xml
>>>
>>> Enter password for "leafkey.pem" file:
>>>
>>>
>
func=xmlSecKeysMngrGetKey:file=..\src\keys.c:line=1364:obj=unknown:subj=
>> xmlSecKe
>>> ysMngrFindKey:error=1:xmlsec library function failed:
>>>
>>>
>
func=xmlSecEncCtxEncDataNodeRead:file=..\src\xmlenc.c:line=885:obj=unkno
>> wn:subj=
>>> unknown:error=45:key is not found:
>>>
>>>
>
func=xmlSecEncCtxDecryptToBuffer:file=..\src\xmlenc.c:line=643:obj=unkno
>> wn:subj=
>>> xmlSecEncCtxEncDataNodeRead:error=1:xmlsec library function failed:
>>>
>>>
>
func=xmlSecEncCtxDecrypt:file=..\src\xmlenc.c:line=582:obj=unknown:subj=
>> xmlSecEn
>>> cCtxDecryptToBuffer:error=1:xmlsec library function failed:
>>>
>>> Error: failed to decrypt file
>>>
>>> Error: failed to decrypt file "testenc.xml"
>>>
>>>  
>>>
>>> The error says "key not found", but key is in the same folder where
I
>> am 
>>> running it from. I am also attaching the private key (password -
> leaf)
>>> and public key that corresponds to it
>>>
>>>  
>>>
>>> I am attaching all the relevant files. Any pointers are appreciated.
>> Thanks.
>>>  
>>>
>>> -Bala
>>>
>>>  
>>>
>>>  
>>>
>>>  
>>>
>>>
>>>
>
------------------------------------------------------------------------
>>> _______________________________________________
>>> xmlsec mailing list
>>> xmlsec at aleksey.com
>>> http://www.aleksey.com/mailman/listinfo/xmlsec
>>>
>>>
>
------------------------------------------------------------------------
>>> _______________________________________________
>>> xmlsec mailing list
>>> xmlsec at aleksey.com
>>> http://www.aleksey.com/mailman/listinfo/xmlsec
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec

More information about the xmlsec mailing list