[xmlsec] decryption error

Aleksey Sanin aleksey@aleksey.com
Wed, 29 Jan 2003 09:24:19 -0800


Code looks good to me except the fact that it's worth to check
that 'rsa' is not null and xmlSec* functions returned non negative
results. Try to set key name as I suggested before (see examples in
apps/xmlsec.c)

Aleksey



Meg Morgan wrote:

>Here is my code:
>
>         // Load private key from input
>         BIO * mem = BIO_new_mem_buf(
>            const_cast<void *>(static_cast<const void *>(prvkey_str.data())), prvkey_str.size());
>         rsa=PEM_read_bio_RSAPrivateKey(mem, NULL, NULL, passwd);
>         
>         /* create xmlSecKey */
>         key = xmlSecKeyCreate(xmlSecRsaKey, xmlSecKeyOriginDefault);
>         if(key == NULL) {
>            fprintf(stderr, "Error: failed to create rsa key\n");
>            result = -1;
>         }
>         else
>         {
>            xmlSecRsaKeyGenerate(key, rsa);
>            if(key == NULL) {
>               message = VHUtil::format("Error: failed to generate key\n");
>               result = -1;
>            }
>            else
>            {
>               xmlSecSimpleKeysMngrAddKey(keysMngr, key);
>            }
>         }
>
>I will try to decrypt it "manually".
>
>Thanks!
>meg
>
>Aleksey Sanin wrote:
>  
>
>>Have you added key to keys manager? The algorithm is:
>>    - create xmlSecKey of RSA type
>>    - set RSA key in created xmlSecKey
>>    - add key to keys manager
>>And are you able to decrypt this file with xmlsec tool?
>>
>>Aleksey
>>
>>Meg Morgan wrote:
>>
>>    
>>
>>>I am getting an error on decryption since I changed from reading keys
>>>out of files to keeping them in memory.  It is here:
>>>
>>>.
>>>.
>>>.
>>>xmlenc.c:1503 key not found
>>>xmlenc.c:1124 xmlSecEncryptedDataNodeRead returns -1
>>>xmlenc.c:1018 xmlSecEncStateCreate
>>>
>>>
>>>Here is the encrypted data:
>>>
>>><?xml version="1.0"?>
>>><EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#">
>>><EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
>>><KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
>>><EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
>>><EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
>>><KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
>>><KeyName>RSA Public Key</KeyName>
>>></KeyInfo>
>>><CipherData>
>>><CipherValue>
>>>TkPFws5FhaCccKU0mMNT4/KzpPISVD7SCxmieywout4qIc6gIPP4O0mEuxSi+OXc
>>>6kJ0hscqQux8vvmH2zy+z4M1ZSnFJTw8QvJn3hkSZIot07OCGjxhCBeRspEfIuMJ
>>>PW+z1vSl05q6MPA9APQb9KSUWAbfRYGMgvuzjde4nIo=
>>></CipherValue>
>>></CipherData>
>>></EncryptedKey>
>>></KeyInfo>
>>><CipherData>
>>><CipherValue>
>>>7aEbGsqV16HcTcFjDZ9GgMERvCd7KwOh2A699XXbDd9ZQbTYjafBQrXm7ebm/LPG
>>>mx9igP3vejoa0skzgSwjLBEtnGW6sHogCBcrKFGoGBbpedaCfxjXBiCj54oiSphz
>>>R2o1VvU/pEeEfRIZ0xzhU5X6AqyPloBx
>>></CipherValue>
>>></CipherData>
>>></EncryptedData>
>>>
>>>Here is the private key:
>>>
>>>-----BEGIN RSA PRIVATE KEY-----
>>>MIICXgIBAAKBgQDmtPR84F8aArjC03yHSR7VrOOwrOxJcji2RnMsm8lxMsf9yDuC
>>>ScALJXPt+zYfKv+OCanxjhJLQpQ8xV6dTyg+LpSw4SpjgrXbhZKHXb4gzrr/QqtP
>>>mn0wulu8hAyWj8HAOrLZ5BLtIiM9NazhkzqGUkzPHuswOjSNKJLpILdDRwIDAQAB
>>>AoGBAMpqIcgeo9ISaUCmhS+9O8yFsA+m6HlYOeHS1eJhnNAwmb9UGsIpKtGcvqYi
>>>Lk4ST72zROOmnu5hL+ZR1L14Yfjhp4s0Lt/7w68uGBTKkX+ePwEA/Y6VYyexf4nb
>>>VZYonh/dK38uVhLm/gaxNMx+lgkOARYW9+pBdlGzWhrmq9jhAkEA//YWWI4m3LO4
>>>AUwIsRxiFMShjH723KXCwM2VjsmGOdBeRmNpKyWgU6TWFNrgifN6gtjlXqUyt9Qk
>>>U2qS/I7BtQJBAOa948OjCgGwYjsjaqnTXj1zOeX6abfL8CvZt6QTGS1EPo3FS/UC
>>>Bhnx8CtmpUngTzLDKU9gCfggCOhWoQqJfosCQQD2HYHPFKB5hrVfSeTxqAEHRyqv
>>>FUX5U8m36fXsngnafWio9d2iB0PqKY1P8EYHX35lYnjqUJ479FgZfVhoUDwhAkEA
>>>lP8DZ14NZR/Pnp51DuqVDRstxOqZf3yqPrac1c8bT9akiglfzfsbk39d9biXfQfi
>>>PEY3k7DRXy7YcacW4GX+lwJAIqqqbwxy+6je6jtmygxQIkePmNUbQU10ifSLsRcT
>>>JTsJmBxd40JlA3u65iwZNLcapBBU4+wz8EkUDWXTiF3PAQ=="
>>>-----END RSA PRIVATE KEY-----
>>>
>>>Can you help?
>>>
>>>Thanks
>>>meg
>>>
>>>
>>>
>>>      
>>>
>
>  
>