[xmlsec] command-line question

Aleksey Sanin aleksey@aleksey.com
Tue, 27 May 2003 09:40:24 -0700 

This is a multi-part message in MIME format.
--------------090604090102060608090401
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

Seems like you have a problem in the file:

 <EncryptedKey>
    <ds:KeyInfo>
       ...
    </ds:KeyInfo>
    <EncryptionMethod />
    ...
 </EncryptedKey>
 
when it should be ([1])

 <EncryptedKey>
    <EncryptionMethod />
    <ds:KeyInfo>
       ...
    </ds:KeyInfo>
    ...
 </EncryptedKey>

I have attached a correct file with <EncryptionMethod/> moved two lines 
up :) Works for me now :)

> [aleksey@lsh rich]$ xmlsec1 decrypt --privkey:Alice alice.pem 
> --privkey:name:Alice alice.pem sample-128.out
> <?xml version="1.0" encoding="UTF-8"?>
> <xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" 
> version="1.0">
>   <xsl:output encoding="utf-8"/>
>   .....
>    


With best regards,

Aleksey

[1] http://www.w3.org/TR/xmlenc-core/#sec-Overview  





Rich Salz wrote:

> What would be the right command-line to decrypt the attached file?
> The following doesn't work -- xmlsec
> xmlsec1 decrypt \
>      --privkey:Alice alice.pem \
>      --privkey:name:Alice alice.pem \
>      /tmp/sample-128.out
> We get the following traceback:
>

--------------090604090102060608090401
Content-Type: text/xml;
 name="sample-128.out"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="sample-128.out"

<?xml version="1.0" encoding="UTF-8"?>
<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element" xml:space="preserve">
  
  <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
  <ds:KeyInfo>
    <EncryptedKey Recipient="name:Alice">
      <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
      <ds:KeyInfo>
        <ds:KeyName>Alice</ds:KeyName>
      </ds:KeyInfo>
      <CipherData>
        <CipherValue>btBa+BvpJVNIpsVeQdQmm9fmambNozkFn+Gu/h1Iex8NLUOH0prkpILhlRmHz97vwygEVzw3pGvwq7FryhV3O+D38JexZ1LJb+u1qqxVHisjpA1D9rc93S9F4XFw/ZBi+BVxXwG2dXu5mKaDq/rJpx5oMoXPeABHoKYaWIiRIV4=</CipherValue>
      </CipherData>
    </EncryptedKey>
  </ds:KeyInfo>
  <CipherData>
    <CipherValue>kx/z6q2++EHmmHrvn2K29mbSzmA7sU6Im/W96svXDuSQj6tazsRnU6MMWsWqpEHFDf3bwY6CEeoXDy+3w1BqUbem34FDimXb3+uNehib6q9jse03h3hbpplF1mLyeBfmEPqPEc8khuZGQp6exaYGt6EIhh6D6gLJGnutsrKg0w3btLQOTHBRG2o+xM8x6BR+53Abfb/0PBlagAyad0+gstFMYy3fDDkwnuosTyvOYj8Pkk8MEw1N9GHfj3dc0DD/CaUDmGZ9FgIclApw2GyqmszZRyLS5+lBP3MqNLELVALpslQyLskaeWAadgSf2aCI9GEM6VjzKvl7vNZadqhuF33OnAFvO2Lm0xlS6/Tbso+6R6TpwHpXlFN4RO5K+y2bNq/bJnZuBVtsYHsNV88STwkth+KplTdtOU90jVjQLuhdD7mx+dKA43htOr+D8zuXDJK/2DONeUhdX5V8bGmH4SWYIyExvvhlzgT9HWGsyJRbXdnNNQK+Re6bPO14ZTbcsC6fVyT38R8yCvvCQi0omkU1NKH3ejaaMtGurJ+t7bGU253Fts8JeKdSQfXG8Ne94w3x9gwuErz+v9/zdadTJUMY86nZeNlEfjwJGbJgHg8LM0oKK/YvnxGMj06F434iNWiGo7p92IvrcVQRK68hDhRTo0x3/4R6DELr1Il8f9A=</CipherValue>
  </CipherData>
</EncryptedData>

--------------090604090102060608090401--