[xmlsec] Encrypting and decripting with private key

Aleksey Sanin aleksey at aleksey.com
Mon Feb 23 11:51:40 PST 2009


Private key contains the public key.

Aleksey

Dimitar Dimitrov wrote:
> Hi,
> 
> 
> I was trying XmlSec to encrypt/decrypt an xml file. That works fine 
> except that I've noticed something strange.
> 
> 
> The following sequence is OK:
> 
> 
> 
> 
> 
> A: xmlsec1 encrypt --pubkey-pem tls/client-pub.pem --session-key des-192 \
> --xml-data data.xml --output data_enc.xml session-key-template.xml
> 
> 
> B: xmlsec1 decrypt --privkey-pem tls/client-key.pem data_enc.xml
> 
> 
> 
> 
> 
> That's encrypting data.xml into data_enc.xml using client's public and 
> private x509 keys as it is supposed to be under normal circumstances.
> 
> 
> But if I twist it a bit (don't ask me why :) and encrypt with client's 
> private key, I can also decrypt with client's private key!? Like this:
> 
> 
> 
> 
> 
> C: xmlsec1 encrypt --pubkey-pem tls/client-key.pem --session-key des-192 \
> --xml-data data.xml --output data_enc.xml session-key-template.xml
> 
> 
> D: xmlsec1 decrypt --privkey-pem tls/client-key.pem data_enc.xml
> 
> 
> 
> 
> 
> Decryption with the public key doesn't work, btw.
> 
> 
> Is this behavior correct? Or I'm doing something wrong?
> I know that in all normal situations one should encrypt with the public 
> key and decrypt with the private, so this is rather an unusual use case. 
> But still curios should it be possible to encrypt and decrypt with the 
> private key only?
> 
> 
> Thanks!
> Dimitar
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec


More information about the xmlsec mailing list