This is not a repost. I need help resolving the problem I am having with XML
decryption. The document seems to be encrypting fine, but the decryption
seems to fail, when I try to unwrap the symmetric key using a private key.
Your help is appreciated. See code snippets below-
/**Encryption**/
I am generating a symmetric key using:
String jceAlgorithmName = "AES";
KeyGenerator keyGenerator =
KeyGenerator.getInstance(jceAlgorithmName);
keyGenerator.init(128);
Then I wrap the key using an RSA public key:
String algorithmURI = XMLCipher.RSA_v1dot5;
//Encrypt the symmetric key with the kek (pub key)
XMLCipher keyCipher = XMLCipher.getInstance(algorithmURI);
keyCipher.init(XMLCipher.WRAP_MODE, kek);
System.out.println("Trace: "+document);
EncryptedKey encryptedKey = keyCipher.encryptKey(document,
symmetricKey);
I proceed to use this key to encrypt elements within a document:
if (elementsToEncrypt == null || elementName == null){
algorithmURI = XMLCipher.AES_128;
XMLCipher xmlCipher =
XMLCipher.getInstance(algorithmURI);
xmlCipher.init(XMLCipher.ENCRYPT_MODE, symmetricKey);
//Setting keyinfo inside the encrypted data being
prepared.
EncryptedData encryptedData =
xmlCipher.getEncryptedData();
KeyInfo keyInfo = new KeyInfo(document);
KeyName keyName = new KeyName(document, alias);
keyInfo.add(keyName);
keyInfo.add(encryptedKey);
encryptedData.setKeyInfo(keyInfo);
xmlCipher.doFinal(document, elementToEncrypt, false);
}
else{
for (int i=0;i<elementsToEncrypt.length;i++){
elementToEncrypt = elementsToEncrypt[i];
algorithmURI = XMLCipher.AES_128;
XMLCipher xmlCipher =
XMLCipher.getInstance(algorithmURI);
xmlCipher.init(XMLCipher.ENCRYPT_MODE, symmetricKey);
//Setting keyinfo inside the encrypted data being
prepared.
EncryptedData encryptedData =
xmlCipher.getEncryptedData();
KeyInfo keyInfo = new KeyInfo(document);
KeyName keyName = new KeyName(document, alias);
keyInfo.add(keyName);
keyInfo.add(encryptedKey);
encryptedData.setKeyInfo(keyInfo);
xmlCipher.doFinal(document, elementToEncrypt, false);
}
/**Decryption**/
I try to unwrap the key using the private key:
// initialize cipher for unwrap. (kek is priv key)
XMLCipher keyCipher =
XMLCipher.getInstance(XMLCipher.RSA_v1dot5);//
keyCipher.init(XMLCipher.UNWRAP_MODE, kek);
key = (Key) keyCipher.decryptKey(ek, XMLCipher.RSA_v1dot5);
Then, I try to decrypt:
XMLCipher xmlCipher = XMLCipher.getInstance();
xmlCipher.init(XMLCipher.DECRYPT_MODE, key);
xmlCipher.setKEK(kek);
// * The following replaces the encrypted data with
// * decrypted contents in the document.
for (int i=0;i<elementsToDecrypt.length;i++){
encryptedDataElement = elementsToDecrypt[i];
xmlCipher.doFinal(doc, encryptedDataElement);
}
outputDocToFileThenDeleteFile(doc, decryptedFileName);
/**Errors**/
Exception in thread "main"
org.apache.xml.security.encryption.XMLEncryptionException: Unwrapping failed
Original Exception was java.security.InvalidKeyException: Unwrapping failed
at org.apache.xml.security.encryption.XMLCipher.decryptKey(Unknown
Source)
at nsu_pdp.PDP_Decryptor.decrypt(PDP_Decryptor.java:304)
at nsu_pdp.SimplePDP.<init>(SimplePDP.java:211)
at nsu_pdp.SimplePDP.main(SimplePDP.java:494)
java.security.InvalidKeyException: Unwrapping failed
at com.sun.crypto.provider.RSACipher.engineUnwrap(DashoA13*..)
at javax.crypto.Cipher.unwrap(DashoA13*..)
at org.apache.xml.security.encryption.XMLCipher.decryptKey(Unknown
Source)
at nsu_pdp.PDP_Decryptor.decrypt(PDP_Decryptor.java:304)
at nsu_pdp.SimplePDP.<init>(SimplePDP.java:211)
at nsu_pdp.SimplePDP.main(SimplePDP.java:494)
Caused by: javax.crypto.BadPaddingException: Data must start with zero
at sun.security.rsa.RSAPadding.unpadV15(Unknown Source)
at sun.security.rsa.RSAPadding.unpad(Unknown Source)
at com.sun.crypto.provider.RSACipher.a(DashoA13*..)
... 6 more
--
View this message in context:
http://old.nabble.com/XML-asymmetric-decryption-tp28693634p28693634.html
Sent from the Apache XML - Security - Dev mailing list archive at Nabble.com.
