[xmlsec] manual decrypt

Balakrishnan Viswanathan bviswana at tibco.com
Thu Jan 24 19:21:58 PST 2008 

Aleksey,

 

I was able to use the templates and encrypt an xml file using xmlsec,
the result is like

 

<?xml version="1.0" encoding="UTF-8"?>

<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#"
MimeType="text/plain">

  <EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>

  <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">

    <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">

      <EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5">

        <DigestMethod xmlns="http://www.w3.org/2000/09/xmldsig#"
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>

      </EncryptionMethod>

      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">

      </KeyInfo>

      <CipherData>

 
<CipherValue>sPReUF+uwZhGoyq1keMI0zS0x5pJfAOv0P4GQpDiq4SkGcKL1VgQLEZb0t7
cWJsF

EVYlhLH/UX1KSR4LsD0rPtYxzyl9u1MwE78AXJmD/WpmhzuYbhGaPS4G8aBLtV4o

EphXZIut0gZUQNM4VcKBV+kKjp+pYvTJQo9ZnROszFk=</CipherValue>

      </CipherData>

    </EncryptedKey>

  </KeyInfo>

  <CipherData>

 
<CipherValue>0WJE6bRu1Bmu6nf7M78ZAZkeZQWSXtuGcf8X3y28ZIWHY6UFv+5HsxRTXKQ
107aD

3Rh1g5FjSZwqhHH1pJWMXKkm8L8cryXRkDbPjhYcufVwgb6m+d2xJn2H3fKdylRy

qLRK+0EPZ2QA2G7auVXKvX6zpemcb9diXSPoy4gFX1DeNReJXqvSHHSxbDBHRA7W

3uFbV7isUrELh0aYnWRIyimTf2RdgqXzFN8maR9x8AI=</CipherValue>

  </CipherData>

</EncryptedData>

 

 

I was able to decrypt the encrypted symmetric key between the first
<CipherData>..</CipherData> node manually using openssl with commands

 

openssl rsautl -inkey leafkey.pem -decrypt -in sessionkeyraw  -raw -out
sessionkey.dec

 

the above steps output binary data into sessionkey.dec, I am able to see
using command below

 

 openssl enc -in sessionkey.dec -p

 

However, when I try to decrypt the payload (second
<CipherData>...</CipherData> node)with the retrieved key using command

 

openssl enc -d -a -in payload.b64.enc -kfile sessionkey.decrypt -out
payload

 

The above returns but payload contains binary data, shouldn't I be
seeing an xml file?.

 

 

-Bala

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.aleksey.com/pipermail/xmlsec/attachments/20080124/69250a7b/attachment-0002.htm

More information about the xmlsec mailing list