[xmlsec] Can't decrypt GCM based algorithms
Timothy Legge
timlegge at gmail.com
Tue Mar 29 15:51:00 UTC 2022
Hi
I am working on adding support for aes*-gcm to perl's XML::Enc. I can:
1. Decrypt SAML responses encrypted with aes*-gcm using XML::Enc
2. Decrypt xmlsec encrypted aes*-gcm XML using XML::Enc
3. Encrypt XML using aes*-gcm with XML::Sec
4. Decrypt XML that was encrypted with XML::Sec using ases*-gcm
However, I cannot use xmlsec to decrypt XML::Sec encrypted XML that
uses aes*-gcm.
I can't think of any issues that would allow me to encrypt and decrypt
XML successfully with XML::Enc but not allow xmlsec to decrypt those
files.
I was wondering if there is a debug flag for XML sec that would allow
me to output the following:
1. base64 of the CipherValue it reads from the XML file
2. base 64 of IV
3 base64 of encrypted data
4 base 64 of the tag
5 base 64 of the key
I don't mind adding some print debugging and recompiling if you can
point me to a starting place. It has been a while since I wrote much
C but I have no issues. Finding the correct spot though...
Tim
Timothy Legge
timlegge at gmail.com
timlegge at cpan.org
More information about the xmlsec
mailing list