[xmlsec] decryption error

Meg Morgan meg@votehere.net
Wed, 29 Jan 2003 17:35:58 +0000


Do you mean set the name of the private key I am loading
or the name of the public key in the encrypted data?


Aleksey Sanin wrote:
> 
> Code looks good to me except the fact that it's worth to check
> that 'rsa' is not null and xmlSec* functions returned non negative
> results. Try to set key name as I suggested before (see examples in
> apps/xmlsec.c)
> 
> Aleksey
> 
> Meg Morgan wrote:
> 
> >Here is my code:
> >
> >         // Load private key from input
> >         BIO * mem = BIO_new_mem_buf(
> >            const_cast<void *>(static_cast<const void *>(prvkey_str.data())), prvkey_str.size());
> >         rsa=PEM_read_bio_RSAPrivateKey(mem, NULL, NULL, passwd);
> >
> >         /* create xmlSecKey */
> >         key = xmlSecKeyCreate(xmlSecRsaKey, xmlSecKeyOriginDefault);
> >         if(key == NULL) {
> >            fprintf(stderr, "Error: failed to create rsa key\n");
> >            result = -1;
> >         }
> >         else
> >         {
> >            xmlSecRsaKeyGenerate(key, rsa);
> >            if(key == NULL) {
> >               message = VHUtil::format("Error: failed to generate key\n");
> >               result = -1;
> >            }
> >            else
> >            {
> >               xmlSecSimpleKeysMngrAddKey(keysMngr, key);
> >            }
> >         }
> >
> >I will try to decrypt it "manually".
> >
> >Thanks!
> >meg
> >
> >Aleksey Sanin wrote:
> >
> >
> >>Have you added key to keys manager? The algorithm is:
> >>    - create xmlSecKey of RSA type
> >>    - set RSA key in created xmlSecKey
> >>    - add key to keys manager
> >>And are you able to decrypt this file with xmlsec tool?
> >>
> >>Aleksey
> >>
> >>Meg Morgan wrote:
> >>
> >>
> >>
> >>>I am getting an error on decryption since I changed from reading keys
> >>>out of files to keeping them in memory.  It is here:
> >>>
> >>>.
> >>>.
> >>>.
> >>>xmlenc.c:1503 key not found
> >>>xmlenc.c:1124 xmlSecEncryptedDataNodeRead returns -1
> >>>xmlenc.c:1018 xmlSecEncStateCreate
> >>>
> >>>
> >>>Here is the encrypted data:
> >>>
> >>><?xml version="1.0"?>
> >>><EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#">
> >>><EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
> >>><KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
> >>><EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
> >>><EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
> >>><KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
> >>><KeyName>RSA Public Key</KeyName>
> >>></KeyInfo>
> >>><CipherData>
> >>><CipherValue>
> >>>TkPFws5FhaCccKU0mMNT4/KzpPISVD7SCxmieywout4qIc6gIPP4O0mEuxSi+OXc
> >>>6kJ0hscqQux8vvmH2zy+z4M1ZSnFJTw8QvJn3hkSZIot07OCGjxhCBeRspEfIuMJ
> >>>PW+z1vSl05q6MPA9APQb9KSUWAbfRYGMgvuzjde4nIo=
> >>></CipherValue>
> >>></CipherData>
> >>></EncryptedKey>
> >>></KeyInfo>
> >>><CipherData>
> >>><CipherValue>
> >>>7aEbGsqV16HcTcFjDZ9GgMERvCd7KwOh2A699XXbDd9ZQbTYjafBQrXm7ebm/LPG
> >>>mx9igP3vejoa0skzgSwjLBEtnGW6sHogCBcrKFGoGBbpedaCfxjXBiCj54oiSphz
> >>>R2o1VvU/pEeEfRIZ0xzhU5X6AqyPloBx
> >>></CipherValue>
> >>></CipherData>
> >>></EncryptedData>
> >>>
> >>>Here is the private key:
> >>>
> >>>-----BEGIN RSA PRIVATE KEY-----
> >>>MIICXgIBAAKBgQDmtPR84F8aArjC03yHSR7VrOOwrOxJcji2RnMsm8lxMsf9yDuC
> >>>ScALJXPt+zYfKv+OCanxjhJLQpQ8xV6dTyg+LpSw4SpjgrXbhZKHXb4gzrr/QqtP
> >>>mn0wulu8hAyWj8HAOrLZ5BLtIiM9NazhkzqGUkzPHuswOjSNKJLpILdDRwIDAQAB
> >>>AoGBAMpqIcgeo9ISaUCmhS+9O8yFsA+m6HlYOeHS1eJhnNAwmb9UGsIpKtGcvqYi
> >>>Lk4ST72zROOmnu5hL+ZR1L14Yfjhp4s0Lt/7w68uGBTKkX+ePwEA/Y6VYyexf4nb
> >>>VZYonh/dK38uVhLm/gaxNMx+lgkOARYW9+pBdlGzWhrmq9jhAkEA//YWWI4m3LO4
> >>>AUwIsRxiFMShjH723KXCwM2VjsmGOdBeRmNpKyWgU6TWFNrgifN6gtjlXqUyt9Qk
> >>>U2qS/I7BtQJBAOa948OjCgGwYjsjaqnTXj1zOeX6abfL8CvZt6QTGS1EPo3FS/UC
> >>>Bhnx8CtmpUngTzLDKU9gCfggCOhWoQqJfosCQQD2HYHPFKB5hrVfSeTxqAEHRyqv
> >>>FUX5U8m36fXsngnafWio9d2iB0PqKY1P8EYHX35lYnjqUJ479FgZfVhoUDwhAkEA
> >>>lP8DZ14NZR/Pnp51DuqVDRstxOqZf3yqPrac1c8bT9akiglfzfsbk39d9biXfQfi
> >>>PEY3k7DRXy7YcacW4GX+lwJAIqqqbwxy+6je6jtmygxQIkePmNUbQU10ifSLsRcT
> >>>JTsJmBxd40JlA3u65iwZNLcapBBU4+wz8EkUDWXTiF3PAQ=="
> >>>-----END RSA PRIVATE KEY-----
> >>>
> >>>Can you help?
> >>>
> >>>Thanks
> >>>meg
> >>>
> >>>
> >>>
> >>>
> >>>
> >
> >
> >

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Meg Morgan                           425/450-2754
meg@votehere.net                   http://www.votehere.net