Sachin,
How are you loading the private key? The InvalidKeyException might
indicate that the wrong key is being used - which would explain the
"unknown block type", as it would do the decrypt and go to strip the
PKCS1.5 padding and find it didn't match expectations.
Cheers,
Berin
> Hi,
>
> I am trying to decrypt a document that is encrypted
> using AES192 and in which the symmetric key is
> encrypted using an RSA key.
>
> But decryption fails with the following exception. I
> get the same errors even if the document is encrypted
> using DESede.
>
> XMLCipher - Constructing XMLCipher...
> XMLCipher - Initializing XMLCipher...
> XMLCipher - opmode = UNWRAP_MODE
> XMLCipher - Decrypting key from previously
> loaded EncryptedKey...
> JCEMapper - Request for URI
> http://www.w3.org/2001/04/xmlenc#rsa-1_5
> JCEMapper - Found RSA/ECB/PKCS1PADDING from
> provider BC
> JCEMapper - Request for URI
> http://www.w3.org/2001/04/xmlenc#rsa-1_5
> JCEMapper - Found RSA/ECB/PKCS1PADDING from
> provider BC
> XMLCipher - JCE Provider = BC
> XMLCipher - JCE Algorithm =
> RSA/ECB/PKCS1PADDING
> org.apache.xml.security.encryption.XMLEncryptionException:
> unknown block type
> Original Exception was
> java.security.InvalidKeyException: unknown block type
> at
> org.apache.xml.security.encryption.XMLCipher.decryptKey(XMLCipher.java:1265)>
> ... 9 more
>
>
> The code that it fails in is given below.
>
> cipher = XMLCipher.getInstance();
> cipher.init(XMLCipher.DECRYPT_MODE, null);
> EncryptedData encryptedData =
> cipher.loadEncryptedData(doc, element);
> EncryptedKey ek =
> encryptedData.getKeyInfo().itemEncryptedKey(0);
>
> CipherValue encryptionKeyCipherValue =
> ek.getCipherData().getCipherValue();
> XMLCipher keyCipher = XMLCipher.getInstance();
> keyCipher.init(XMLCipher.UNWRAP_MODE, rsaprivatekey);
> String algo =
> encryptedData.getEncryptionMethod().getAlgorithm();
> key = keyCipher.decryptKey(ek, algo); // fails here
>
>
> The encrypted document is as follows:
> <xenc:EncryptedData
> Type="http://www.w3.org/2001/04/xmlenc#Element";
> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";>
> <xenc:EncryptionMethod
> Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc";
> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; />
> - <ds:KeyInfo
> xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
> - <xenc:EncryptedKey
> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";>
> <xenc:EncryptionMethod
> Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5";
> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; />
>
>
> Could anybody point me to what could be going wrong? I
> am using BouncyCastle JCE and Xalan 2.5.
>
> Thanks much for any help,
> Sachin.
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Mail SpamGuard - Read only the mail you want.
> http://antispam.yahoo.com/tools
