Matej/Milan,
There appears to be two separate problems. The first (cpp encrypt->java decrypt) is the one Matej indicated - the RSA encryption within the windows crypto API stores the bytes in reverse order. I have pasted a diff against WinCapiCryptoKeyRSA.cpp that will fix that problem.
The second problem (java->cpp) is proving harder to find. I find that I cannot decrypt your Java using OpenSSL as the provider either - which is strange. So I'm going to have a play with the Java library and see if I can work out what it is.
Can you verify whether the patch below fixes the cpp->java problem?
Cheers,
Berincvs -z3 diff WinCAPICryptoKeyRSA.cpp (in directory C:\prog\SRC\xml-security\c\src\enc\WinCAPI\)
Index: WinCAPICryptoKeyRSA.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/enc/WinCAPI/WinCAPICryptoKeyRSA.cpp,v
retrieving revision 1.7
diff -r1.7 WinCAPICryptoKeyRSA.cpp
507a508
> // Have to reverse ordering of input :
509c510,512
< memcpy(plainBuf, inBuf, inLength);
---
> // memcpy(plainBuf, inBuf, inLength);
> for (unsigned int i = 0; i < inLength; ++i)
> plainBuf[i] = inBuf[inLength - 1 - i];
633a637,644
> // Reverse the output
> unsigned char *tbuf;
> XSECnew(tbuf, unsigned char[encryptSize]);
> ArrayJanitor<unsigned char> j_tbuf(tbuf);
> memcpy(tbuf, cipherBuf, encryptSize);
>
> for (unsigned int i = 0; i < encryptSize; ++i)
> cipherBuf[i] = tbuf[encryptSize - 1 - i];
Matej Kafadar wrote:
I tried these two examples, and the problem is that C++ differently stores encrypted symetric key. It is byte rotated (first byte is last byte, last byte is first byte, etc).
In file toenc-cpp-enc.xml I changed
<xenc:CipherValue>
8oxqYvaRsO9lM0pvbxAZ522imGXETq/bRP2uts5SHCm1tNwl+6LKgUcIAtDQT2yNykCdJEWoTrHx jo5IxE6W1dRW6fFRJ9n66lRxAYO3pdXhsGQbrEbbaJmwqKB/qVi0FsVO+kAkOSlRMuN02BERr6sG RQZCzlmFgX1hBEcdOUQ=
</xenc:CipherValue>
with
<xenc:CipherValue>
RDkdRwRhfYGFWc5CBkUGq68REdh04zJRKTkkQPpOxRa0WKl/oKiwmWjbRqwbZLDh1aW3gwFxVOr6
2SdR8elW1NWWTsRIjo7xsU6oRSSdQMqNbE/Q0AIIR4HKovsl3LS1KRxSzrau/UTbr07EZZiibecZ
EG9vSjNl77CR9mJqjPI= </xenc:CipherValue>
and than this can be decrypted with Java libraries. See attached file.
When I have tried the same process with rotation in file toenc-java-enc.xml, C++ library stil doesn't work. It's strange.
What's wrong?
best regards
Milan Tomic wrote:
I'm attaching both XML files: one created with Java libraries and one created with C++ libraries. Also, certificate that was used to encrypt and decrypt both files is attached in both JKS and .pfx formats. Password is "test".
Best regards,
Milan
-----Original Message----- *From:* Milan Tomic [mailto:[EMAIL PROTECTED] *Sent:* Friday, October 01, 2004 11:22 AM *To:* [EMAIL PROTECTED] *Subject:* [java & c++] interoperability & encryption
Hi,
I'm having problems with Apache XSEC Java & C++ interoperability when using encryption. When I encrypt some XML node in Java I can't decrypt it using C++ libraries, and the same happen when I encrypt using C++ and try to decrypt in Java. The only thing that is different in encrypted XML is random 3DES kek key that was generated. Have anyone else had this problem?
Thank you, milan
------------------------------------------------------------------------
<apache:RootElement xmlns:apache="http://www.apache.org/ns/#app1";> <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; Type="http://www.w3.org/2001/04/xmlenc#Element";> <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";> <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/> <xenc:CipherData> <xenc:CipherValue>RDkdRwRhfYGFWc5CBkUGq68REdh04zJRKTkkQPpOxRa0WKl/oKiwmWjbRqwbZLDh1aW3gwFxVOr62SdR8elW1NWWTsRIjo7xsU6oRSSdQMqNbE/Q0AIIR4HKovsl3LS1KRxSzrau/UTbr07EZZiibecZEG9vSjNl77CR9mJqjPI=</xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedKey> </ds:KeyInfo> <xenc:CipherData> <xenc:CipherValue>Pv+/jKtIPDWFnAGPxfVTLmaPK3jGuThpH5kWmhptg8gGfzk1MKae8zzENMlyJH4w0a5hsev/GaH4 kQwJHCa89eU9P687QRBNCzg5OMp+ScKXqO4eKVHTXE4WRjx0ACdo</xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedData> </apache:RootElement>
