[xmlsec] command-line question

Rich Salz rsalz@datapower.com
Tue, 27 May 2003 12:20:52 -0400


This is a multi-part message in MIME format.
--------------040801030302020300090706
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit

What would be the right command-line to decrypt the attached file?
The following doesn't work -- xmlsec
xmlsec1 decrypt \
      --privkey:Alice alice.pem \
      --privkey:name:Alice alice.pem \
      /tmp/sample-128.out
We get the following traceback:

func=xmlSecEncCtxEncDataNodeRead:file=xmlenc.c:line=768:obj=unknown:subj=EncryptionMethod:error=21:invalid 
node:node=CipherData
func=xmlSecEncCtxDecryptToBuffer:file=xmlenc.c:line=643:obj=unknown:subj=xmlSecEncCtxEncDataNodeRead:error=1:xmlsec 
library function failed:
func=xmlSecKeysMngrGetKey:file=keys.c:line=912:obj=unknown:subj=xmlSecKeysMngrFindKey:error=1:xmlsec 
library function failed:
func=xmlSecEncCtxEncDataNodeRead:file=xmlenc.c:line=884:obj=unknown:subj=unknown:error=45:key 
is not found:
func=xmlSecEncCtxDecryptToBuffer:file=xmlenc.c:line=643:obj=unknown:subj=xmlSecEncCtxEncDataNodeRead:error=1:xmlsec 
library function failed:
func=xmlSecEncCtxDecrypt:file=xmlenc.c:line=582:obj=unknown:subj=xmlSecEncCtxDecryptToBuffer:error=1:xmlsec 
library function failed:
Error: failed to decrypt file
Error: failed to decrypt file "sample-128.out"
         exit 1
;

-- 
Rich Salz, Chief Security Architect
DataPower Technology         http://www.datapower.com
XS40 XML Security Gateway    http://www.datapower.com/products/xs40.html

--------------040801030302020300090706
Content-Type: text/plain;
 name="alice.pem"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="alice.pem"

Private-Key: (1024 bit)
modulus:
    00:94:23:3d:c5:f4:ac:20:bb:9e:d0:7c:04:d9:7c:
    22:66:26:ad:24:36:85:c5:37:67:1a:81:13:ff:62:
    d1:fe:4f:70:34:7f:20:3a:83:43:00:48:09:23:45:
    7e:30:68:e0:99:2f:f0:e9:97:e9:08:c9:48:85:8d:
    b0:e4:bb:6b:cd:21:94:b8:f4:e0:ba:ea:0d:36:d5:
    b2:09:a4:31:eb:57:6f:a7:30:bf:97:0d:ce:6d:4c:
    e8:32:34:25:f6:76:b4:f7:00:bf:51:8e:3d:a0:b8:
    02:2f:51:02:ef:8b:c3:63:ee:c7:76:3c:bf:7c:87:
    8c:02:29:00:97:6c:ca:4e:77
publicExponent: 65537 (0x10001)
privateExponent:
    76:69:f1:40:22:c3:d0:ea:89:19:b8:79:1b:ec:49:
    87:04:55:94:c3:ec:8c:68:2c:07:98:b4:86:89:d4:
    b8:87:81:76:c5:43:da:e2:00:15:e2:7f:43:6d:92:
    60:5a:05:67:0e:56:72:33:57:39:09:c4:e9:d5:08:
    58:de:a4:5d:3b:89:bd:57:90:dc:40:94:3f:54:7a:
    d3:1a:ff:0d:ea:89:a8:4c:55:70:b0:3f:f9:c9:3d:
    08:04:2b:42:d0:b9:9b:66:20:72:76:02:4f:a2:15:
    7e:3b:e9:54:6f:27:02:31:d5:d4:66:1d:0d:d3:72:
    09:1c:b6:6b:04:af:b8:c9
prime1:
    00:e0:67:3b:eb:f6:34:75:07:99:40:b4:48:64:5b:
    68:7e:55:0b:3a:b1:21:4f:58:ff:af:3e:ac:8d:1e:
    c5:fd:f5:65:4a:b9:cf:00:f9:f2:ce:92:5b:1c:2f:
    ba:2b:d7:f4:7f:c1:14:07:e1:4b:d2:64:83:12:bc:
    33:80:36:a8:b3
prime2:
    00:a8:fe:f6:70:50:20:2b:d8:8e:3f:b3:e7:71:db:
    85:3a:d9:97:a5:6f:d5:17:0e:6e:4c:88:b1:22:26:
    f8:fa:70:82:eb:95:e2:88:c8:cc:c7:7e:3e:40:36:
    93:f9:5f:f3:c7:fb:82:71:c4:cd:da:1a:75:fa:b9:
    1b:15:14:3d:2d
exponent1:
    00:aa:c4:c4:eb:f7:4b:ca:37:83:1f:a3:52:67:d4:
    cb:fb:3f:9a:b1:0a:74:cf:de:69:8d:22:03:cb:cc:
    bc:5d:5b:ee:be:64:12:2c:ab:09:64:bc:29:cb:94:
    62:77:d4:fa:c2:71:db:5d:77:cc:ec:8a:02:d9:32:
    11:7b:23:9d:53
exponent2:
    00:93:38:d2:6d:d3:8f:c3:42:bb:e1:89:13:96:9f:
    db:b8:01:f9:57:19:4e:b4:f0:50:6c:82:24:76:11:
    27:93:dd:52:60:73:c9:ce:c9:c7:83:ff:59:b1:cd:
    1a:2a:04:4a:36:ac:c7:dd:de:ca:4a:38:05:11:b0:
    12:84:d1:85:dd
coefficient:
    00:a6:9a:06:bc:7d:47:25:2b:b4:52:c7:f7:d8:79:
    68:81:49:a4:da:e4:fe:13:15:28:a0:e7:da:91:90:
    07:f8:3a:3f:62:37:ab:90:bb:dd:10:8a:dc:af:59:
    13:9b:4e:8c:4a:3a:8b:bf:31:5f:91:d2:a9:df:6b:
    7c:f8:4c:07:9e
-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQCUIz3F9Kwgu57QfATZfCJmJq0kNoXFN2cagRP/YtH+T3A0fyA6
g0MASAkjRX4waOCZL/Dpl+kIyUiFjbDku2vNIZS49OC66g021bIJpDHrV2+nML+X
Dc5tTOgyNCX2drT3AL9Rjj2guAIvUQLvi8Nj7sd2PL98h4wCKQCXbMpOdwIDAQAB
AoGAdmnxQCLD0OqJGbh5G+xJhwRVlMPsjGgsB5i0honUuIeBdsVD2uIAFeJ/Q22S
YFoFZw5WcjNXOQnE6dUIWN6kXTuJvVeQ3ECUP1R60xr/DeqJqExVcLA/+ck9CAQr
QtC5m2YgcnYCT6IVfjvpVG8nAjHV1GYdDdNyCRy2awSvuMkCQQDgZzvr9jR1B5lA
tEhkW2h+VQs6sSFPWP+vPqyNHsX99WVKuc8A+fLOklscL7or1/R/wRQH4UvSZIMS
vDOANqizAkEAqP72cFAgK9iOP7PncduFOtmXpW/VFw5uTIixIib4+nCC65XiiMjM
x34+QDaT+V/zx/uCccTN2hp1+rkbFRQ9LQJBAKrExOv3S8o3gx+jUmfUy/s/mrEK
dM/eaY0iA8vMvF1b7r5kEiyrCWS8KcuUYnfU+sJx2113zOyKAtkyEXsjnVMCQQCT
ONJt04/DQrvhiROWn9u4AflXGU608FBsgiR2ESeT3VJgc8nOyceD/1mxzRoqBEo2
rMfd3spKOAURsBKE0YXdAkEAppoGvH1HJSu0Usf32HlogUmk2uT+ExUooOfakZAH
+Do/YjerkLvdEIrcr1kTm06MSjqLvzFfkdKp32t8+EwHng==
-----END RSA PRIVATE KEY-----


Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 0 (0x0)
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=US, ST=MA, L=Cambridge, O=DataPower, CN=Alice
        Validity
            Not Before: Nov 23 01:15:33 2002 GMT
            Not After : Nov 23 01:15:33 2012 GMT
        Subject: C=US, ST=MA, L=Cambridge, O=DataPower, CN=Alice
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (1024 bit)
                Modulus (1024 bit):
                    00:94:23:3d:c5:f4:ac:20:bb:9e:d0:7c:04:d9:7c:
                    22:66:26:ad:24:36:85:c5:37:67:1a:81:13:ff:62:
                    d1:fe:4f:70:34:7f:20:3a:83:43:00:48:09:23:45:
                    7e:30:68:e0:99:2f:f0:e9:97:e9:08:c9:48:85:8d:
                    b0:e4:bb:6b:cd:21:94:b8:f4:e0:ba:ea:0d:36:d5:
                    b2:09:a4:31:eb:57:6f:a7:30:bf:97:0d:ce:6d:4c:
                    e8:32:34:25:f6:76:b4:f7:00:bf:51:8e:3d:a0:b8:
                    02:2f:51:02:ef:8b:c3:63:ee:c7:76:3c:bf:7c:87:
                    8c:02:29:00:97:6c:ca:4e:77
                Exponent: 65537 (0x10001)
    Signature Algorithm: sha1WithRSAEncryption
        90:4a:7d:03:7b:84:96:76:b4:d8:cb:89:95:a9:5d:a4:72:89:
        37:3c:d1:30:d9:84:f6:58:b1:20:04:31:82:75:dd:1e:20:71:
        38:6e:66:e4:a4:a6:bd:ea:c6:97:47:a2:d4:bc:2a:13:67:ec:
        5c:d5:9f:f2:ad:3a:78:75:7e:a0:86:41:0e:94:7d:18:91:02:
        d1:2b:ba:16:81:0c:8f:63:72:e9:70:41:1c:b3:9b:b0:2b:77:
        ba:b9:30:b2:08:c7:70:8a:8d:a7:f5:da:43:75:9a:61:1d:1c:
        e8:ad:a5:f6:fe:d8:b3:3f:92:c0:48:11:a2:76:30:2e:45:d0:
        9b:e2
-----BEGIN CERTIFICATE-----
MIICGDCCAYGgAwIBAgIBADANBgkqhkiG9w0BAQUFADBSMQswCQYDVQQGEwJVUzEL
MAkGA1UECBMCTUExEjAQBgNVBAcTCUNhbWJyaWRnZTESMBAGA1UEChMJRGF0YVBv
d2VyMQ4wDAYDVQQDEwVBbGljZTAeFw0wMjExMjMwMTE1MzNaFw0xMjExMjMwMTE1
MzNaMFIxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNQTESMBAGA1UEBxMJQ2FtYnJp
ZGdlMRIwEAYDVQQKEwlEYXRhUG93ZXIxDjAMBgNVBAMTBUFsaWNlMIGfMA0GCSqG
SIb3DQEBAQUAA4GNADCBiQKBgQCUIz3F9Kwgu57QfATZfCJmJq0kNoXFN2cagRP/
YtH+T3A0fyA6g0MASAkjRX4waOCZL/Dpl+kIyUiFjbDku2vNIZS49OC66g021bIJ
pDHrV2+nML+XDc5tTOgyNCX2drT3AL9Rjj2guAIvUQLvi8Nj7sd2PL98h4wCKQCX
bMpOdwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAJBKfQN7hJZ2tNjLiZWpXaRyiTc8
0TDZhPZYsSAEMYJ13R4gcThuZuSkpr3qxpdHotS8KhNn7FzVn/KtOnh1fqCGQQ6U
fRiRAtEruhaBDI9jculwQRyzm7Ard7q5MLIIx3CKjaf12kN1mmEdHOitpfb+2LM/
ksBIEaJ2MC5F0Jvi
-----END CERTIFICATE-----

--------------040801030302020300090706
Content-Type: text/xml;
 name="sample-128.out"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="sample-128.out"

<?xml version="1.0" encoding="UTF-8"?>
<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element" xml:space="preserve">
  
  <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
  <ds:KeyInfo>
    <EncryptedKey Recipient="name:Alice">
      <ds:KeyInfo>
        <ds:KeyName>Alice</ds:KeyName>
      </ds:KeyInfo>
      <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
      <CipherData>
        <CipherValue>btBa+BvpJVNIpsVeQdQmm9fmambNozkFn+Gu/h1Iex8NLUOH0prkpILhlRmHz97vwygEVzw3pGvwq7FryhV3O+D38JexZ1LJb+u1qqxVHisjpA1D9rc93S9F4XFw/ZBi+BVxXwG2dXu5mKaDq/rJpx5oMoXPeABHoKYaWIiRIV4=</CipherValue>
      </CipherData>
    </EncryptedKey>
  </ds:KeyInfo>
  <CipherData>
    <CipherValue>kx/z6q2++EHmmHrvn2K29mbSzmA7sU6Im/W96svXDuSQj6tazsRnU6MMWsWqpEHFDf3bwY6CEeoXDy+3w1BqUbem34FDimXb3+uNehib6q9jse03h3hbpplF1mLyeBfmEPqPEc8khuZGQp6exaYGt6EIhh6D6gLJGnutsrKg0w3btLQOTHBRG2o+xM8x6BR+53Abfb/0PBlagAyad0+gstFMYy3fDDkwnuosTyvOYj8Pkk8MEw1N9GHfj3dc0DD/CaUDmGZ9FgIclApw2GyqmszZRyLS5+lBP3MqNLELVALpslQyLskaeWAadgSf2aCI9GEM6VjzKvl7vNZadqhuF33OnAFvO2Lm0xlS6/Tbso+6R6TpwHpXlFN4RO5K+y2bNq/bJnZuBVtsYHsNV88STwkth+KplTdtOU90jVjQLuhdD7mx+dKA43htOr+D8zuXDJK/2DONeUhdX5V8bGmH4SWYIyExvvhlzgT9HWGsyJRbXdnNNQK+Re6bPO14ZTbcsC6fVyT38R8yCvvCQi0omkU1NKH3ejaaMtGurJ+t7bGU253Fts8JeKdSQfXG8Ne94w3x9gwuErz+v9/zdadTJUMY86nZeNlEfjwJGbJgHg8LM0oKK/YvnxGMj06F434iNWiGo7p92IvrcVQRK68hDhRTo0x3/4R6DELr1Il8f9A=</CipherValue>
  </CipherData>
</EncryptedData>

--------------040801030302020300090706--