[xmlsec] Encrypt/decrypt works in one environment, but not another (parser error : internal error: detected an error in element content)

Aleksey Sanin aleksey at aleksey.com
Sun Jun 23 12:02:58 PDT 2019 

Looks like libxml2 can't parse the file. What version of libxml2
do you have installed? I would suggest to try to upgrade to
the latest version and see if this fixes the problem.

Aleksey

On 6/23/19 8:58 AM, Matthias Hjalmarsson wrote:
> Hi!
> 
> I'm trying to use xmlsec to implement encrypt/decrypt functionality, 
> with help from 
> https://users.dcc.uchile.cl/~pcamacho/tutorial/web/xmlsec/xmlsec.html for providing 
> basic examples.
> 
> I have a problem where a test case works in one environment, but not in 
> another and I'm not sure how to proceed.
> 
> I'm attaching 4 files
> 
> * certificate.p12 - private key given in PKCS #12 for decrypting 
> (password: hello)
> * public.pem - public file for encrypting
> * doc.xml - document to encrypt
> * template.xml - template used for encrypting
> 
> Encrypt:
> xmlsec1 encrypt --pubkey-pem public.pem --session-key des-192 --xml-data 
> doc.xml --output encrypted.xml template.xml
> 
> Decrypt
> xmlsec1 decrypt --output result.xml --pkcs12 certificate.p12 --pwd hello 
> encrypted.xml
> 
> When run with latest version available via cygwin (xmlsec1 1.2.24 
> (openssl)) on Windows, this produces the desired result that result.xml 
> is equivalent to doc.xml. However, when run on CentOS 7 with the latest 
> available version (xmlsec1 1.2.20 (openssl)) decryption fails with:
> 
> Entity: line 2: parser error : internal error: detected an error in 
> element content
> 
> <PayInfo>
>           ^
> func=xmlSecReplaceNodeBufferAndReturn:file=xmltree.c:line=573:obj=unknown:subj=xmlParseInNodeContext:error=5:libxml2 
> library function failed:Failed to parse content
> func=xmlSecEncCtxDecrypt:file=xmlenc.c:line=648:obj=unknown:subj=xmlSecReplaceNodeBuffer:error=1:xmlsec 
> library function failed:node=EncryptedData
> Error: failed to decrypt file
> Error: failed to decrypt file "encrypted.xml"
> 
> Obviously, I see that I'm running different versions, but does anyone 
> know what might be wrong regardless? Is the test case flawed but 1.2.24 
> accepts it anyway, or did I run into a bug?
> 
> Regards,
> Matthias Hjalmarsson
> 
> 
> 
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec
>

More information about the xmlsec mailing list