This is not a repost. I need help resolving the problem I am having with XML decryption. The document seems to be encrypting fine, but the decryption seems to fail, when I try to unwrap the symmetric key using a private key. Your help is appreciated. See code snippets below- /**Encryption**/ I am generating a symmetric key using: String jceAlgorithmName = "AES"; KeyGenerator keyGenerator = KeyGenerator.getInstance(jceAlgorithmName); keyGenerator.init(128);
Then I wrap the key using an RSA public key: String algorithmURI = XMLCipher.RSA_v1dot5; //Encrypt the symmetric key with the kek (pub key) XMLCipher keyCipher = XMLCipher.getInstance(algorithmURI); keyCipher.init(XMLCipher.WRAP_MODE, kek); System.out.println("Trace: "+document); EncryptedKey encryptedKey = keyCipher.encryptKey(document, symmetricKey); I proceed to use this key to encrypt elements within a document: if (elementsToEncrypt == null || elementName == null){ algorithmURI = XMLCipher.AES_128; XMLCipher xmlCipher = XMLCipher.getInstance(algorithmURI); xmlCipher.init(XMLCipher.ENCRYPT_MODE, symmetricKey); //Setting keyinfo inside the encrypted data being prepared. EncryptedData encryptedData = xmlCipher.getEncryptedData(); KeyInfo keyInfo = new KeyInfo(document); KeyName keyName = new KeyName(document, alias); keyInfo.add(keyName); keyInfo.add(encryptedKey); encryptedData.setKeyInfo(keyInfo); xmlCipher.doFinal(document, elementToEncrypt, false); } else{ for (int i=0;i<elementsToEncrypt.length;i++){ elementToEncrypt = elementsToEncrypt[i]; algorithmURI = XMLCipher.AES_128; XMLCipher xmlCipher = XMLCipher.getInstance(algorithmURI); xmlCipher.init(XMLCipher.ENCRYPT_MODE, symmetricKey); //Setting keyinfo inside the encrypted data being prepared. EncryptedData encryptedData = xmlCipher.getEncryptedData(); KeyInfo keyInfo = new KeyInfo(document); KeyName keyName = new KeyName(document, alias); keyInfo.add(keyName); keyInfo.add(encryptedKey); encryptedData.setKeyInfo(keyInfo); xmlCipher.doFinal(document, elementToEncrypt, false); } /**Decryption**/ I try to unwrap the key using the private key: // initialize cipher for unwrap. (kek is priv key) XMLCipher keyCipher = XMLCipher.getInstance(XMLCipher.RSA_v1dot5);// keyCipher.init(XMLCipher.UNWRAP_MODE, kek); key = (Key) keyCipher.decryptKey(ek, XMLCipher.RSA_v1dot5); Then, I try to decrypt: XMLCipher xmlCipher = XMLCipher.getInstance(); xmlCipher.init(XMLCipher.DECRYPT_MODE, key); xmlCipher.setKEK(kek); // * The following replaces the encrypted data with // * decrypted contents in the document. for (int i=0;i<elementsToDecrypt.length;i++){ encryptedDataElement = elementsToDecrypt[i]; xmlCipher.doFinal(doc, encryptedDataElement); } outputDocToFileThenDeleteFile(doc, decryptedFileName); /**Errors**/ Exception in thread "main" org.apache.xml.security.encryption.XMLEncryptionException: Unwrapping failed Original Exception was java.security.InvalidKeyException: Unwrapping failed at org.apache.xml.security.encryption.XMLCipher.decryptKey(Unknown Source) at nsu_pdp.PDP_Decryptor.decrypt(PDP_Decryptor.java:304) at nsu_pdp.SimplePDP.<init>(SimplePDP.java:211) at nsu_pdp.SimplePDP.main(SimplePDP.java:494) java.security.InvalidKeyException: Unwrapping failed at com.sun.crypto.provider.RSACipher.engineUnwrap(DashoA13*..) at javax.crypto.Cipher.unwrap(DashoA13*..) at org.apache.xml.security.encryption.XMLCipher.decryptKey(Unknown Source) at nsu_pdp.PDP_Decryptor.decrypt(PDP_Decryptor.java:304) at nsu_pdp.SimplePDP.<init>(SimplePDP.java:211) at nsu_pdp.SimplePDP.main(SimplePDP.java:494) Caused by: javax.crypto.BadPaddingException: Data must start with zero at sun.security.rsa.RSAPadding.unpadV15(Unknown Source) at sun.security.rsa.RSAPadding.unpad(Unknown Source) at com.sun.crypto.provider.RSACipher.a(DashoA13*..) ... 6 more -- View this message in context: http://old.nabble.com/XML-asymmetric-decryption-tp28693634p28693634.html Sent from the Apache XML - Security - Dev mailing list archive at Nabble.com.