You have it backwards. You should encrypt/wrap the AES data encryption
key with the recipient's *public* key. The recipient then decrypts with
their *private* key.
If you think about the use cases, you'll quickly realize why that is.
--Brent
sermagico wrote:
Hi all,
I try to develop an application for xml encryption/decryption, but I have
some issue. I encrypt a file with a AES key, then I wrap this key with a
RSAprivateKey and I store it (wrapped AES) in the same xml file.
Unfortunately when I try to unwrap the AES key with the PublicKey associated
with the previous PrivateKey the below exception is raised up:
Exception in thread "main"
org.apache.xml.security.encryption.XMLEncryptionException: unknown key type
passed to RSA
Original Exception was java.security.InvalidKeyException: unknown key type
passed to RSA
PublicKey and PrivateKey are stored on a smartcard.
This is my code:
XMLCipher CKey= XMLCipher.getInstance();
XMLCipher CMsg= XMLCipher.getInstance();
CKey.init(XMLCipher.UNWRAP_MODE, this.pkey);
CMsg.init(XMLCipher.DECRYPT_MODE, null);
Element encryptedDataElement = (Element) document
.getElementsByTagNameNS(EncryptionConstants.EncryptionSpecNS,
EncryptionConstants._TAG_ENCRYPTEDDATA).item(0);
EncryptedData encryptedData =
xmlCipherMsg.loadEncryptedData(document,
encryptedDataElement);
EncryptedKey encryptedKey = encryptedData.getKeyInfo()
.itemEncryptedKey(0);
String algorithm =
encryptedKey.getEncryptionMethod().getAlgorithm();
CipherValue Value = encryptedKey.getCipherData().getCipherValue();
//Exception here
Key secretKey = xmlCipherKey.decryptKey(encryptedKey,algorithm );
I hope you can help me.
Thank you in advance.
Best regards.
Sergio.
