Aleksey, Sorry for being a bit dense. This node is already in the template and yes I am using pub key?.
-Bala -----Original Message----- From: Aleksey Sanin [mailto:[EMAIL PROTECTED] Sent: Friday, January 18, 2008 12:04 PM To: Balakrishnan Viswanathan Cc: xmlsec@aleksey.com Subject: Re: [xmlsec] encryption works but decryption failed <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc" /> and you are using public key... Aleksey Balakrishnan Viswanathan wrote: > Aleksey > > I took the template > > http://svn.gnome.org/viewvc/xmlsec/trunk/tests/aleksey-xmlenc-01/enc-des > 3cbc-aes192-keyname.tmpl?view=markup > > and this time even encrypt failed with "key not found error" > > C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --encrypt > --binary-da > ta test.xml --session-key aes-192 --pubkey-pem:test-aes192 > leafkeypub.pem --outp > ut testenc.xml templatefromaleksey.xml > func=xmlSecEncCtxEncDataNodeRead:file=..\src\xmlenc.c:line=885:obj=unkno > wn:subj= > unknown:error=45:key is not found: > func=xmlSecEncCtxUriEncrypt:file=..\src\xmlenc.c:line=527:obj=unknown:su > bj=xmlSe > cEncCtxEncDataNodeRead:error=1:xmlsec library function failed: > Error: failed to encrypt file "test.xml" > Error: failed to encrypt file with template "templatefromaleksey.xml" > > > -Bala > > -----Original Message----- > From: Aleksey Sanin [mailto:[EMAIL PROTECTED] > Sent: Friday, January 18, 2008 11:38 AM > To: Balakrishnan Viswanathan > Cc: xmlsec@aleksey.com > Subject: Re: [xmlsec] encryption works but decryption failed > > Oh, never mine. I got it. You specify "session key" and > in this case you *must* add <EncryptedKey> to the template > to actually store the session key. Checkout examples > in xmlsec/tests/aleksey-xmlenc-01 > > Aleksey > > Balakrishnan Viswanathan wrote: >> Aleksey, >> >> I tried that already and same result, commands below:- >> >> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --encrypt >> --binary-da >> ta test.xml --session-key des-192 --pubkey-pem leafkeypub.pem --output >> testenc.x >> ml template2withoutKeyName.xml >> >> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>notepad > testenc.xml >> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --decrypt >> --privkey-p >> em leafkey.pem --output testdecrypt.xml testenc.xml >> Enter password for "leafkey.pem" file: >> > func=xmlSecKeysMngrGetKey:file=..\src\keys.c:line=1364:obj=unknown:subj= >> xmlSecKe >> ysMngrFindKey:error=1:xmlsec library function failed: >> > func=xmlSecEncCtxEncDataNodeRead:file=..\src\xmlenc.c:line=885:obj=unkno >> wn:subj= >> unknown:error=45:key is not found: >> > func=xmlSecEncCtxDecryptToBuffer:file=..\src\xmlenc.c:line=643:obj=unkno >> wn:subj= >> xmlSecEncCtxEncDataNodeRead:error=1:xmlsec library function failed: >> > func=xmlSecEncCtxDecrypt:file=..\src\xmlenc.c:line=582:obj=unknown:subj= >> xmlSecEn >> cCtxDecryptToBuffer:error=1:xmlsec library function failed: >> Error: failed to decrypt file >> Error: failed to decrypt file "testenc.xml" >> >> -Bala >> >> -----Original Message----- >> From: Aleksey Sanin [mailto:[EMAIL PROTECTED] >> Sent: Friday, January 18, 2008 11:30 AM >> To: Balakrishnan Viswanathan >> Cc: xmlsec@aleksey.com >> Subject: Re: [xmlsec] encryption works but decryption failed >> >> Could you please to try to remove the KeyName and >> do *not* specify key name in the command line? >> >> Aleksey >> >> Balakrishnan Viswanathan wrote: >>> Aleksey, >>> >>> Thanks for your quick response. I tried removing the <KeyName/> from >> the >>> template and also specified the KeyName for encrypt and decrypt, but >>> decrypt still fails with "key not found" error >>> >>> >>> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --encrypt >>> --binary-da >>> ta test.xml --session-key des-192 --pubkey-pem:leaf-key > leafkeypub.pem >>> --output >>> testenc.xml template2withoutKeyName.xml >>> >>> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>notepad >> testenc.xml >>> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --decrypt >>> --privkey-p >>> em:leaf-key leafkey.pem --output testdecrypt.xml testenc.xml >>> Enter password for "leafkey.pem" file: >>> > func=xmlSecKeysMngrGetKey:file=..\src\keys.c:line=1364:obj=unknown:subj= >>> xmlSecKe >>> ysMngrFindKey:error=1:xmlsec library function failed: >>> > func=xmlSecEncCtxEncDataNodeRead:file=..\src\xmlenc.c:line=885:obj=unkno >>> wn:subj= >>> unknown:error=45:key is not found: >>> > func=xmlSecEncCtxDecryptToBuffer:file=..\src\xmlenc.c:line=643:obj=unkno >>> wn:subj= >>> xmlSecEncCtxEncDataNodeRead:error=1:xmlsec library function failed: >>> > func=xmlSecEncCtxDecrypt:file=..\src\xmlenc.c:line=582:obj=unknown:subj= >>> xmlSecEn >>> cCtxDecryptToBuffer:error=1:xmlsec library function failed: >>> Error: failed to decrypt file >>> Error: failed to decrypt file "testenc.xml" >>> >>> >>> I am attaching the template and encrypted document. Thanks. >>> >>> -Bala >>> >>> -----Original Message----- >>> From: Aleksey Sanin [mailto:[EMAIL PROTECTED] >>> Sent: Friday, January 18, 2008 10:37 AM >>> To: Balakrishnan Viswanathan >>> Cc: xmlsec@aleksey.com >>> Subject: Re: [xmlsec] encryption works but decryption failed >>> >>> Most likely the cause of the problem is "empty" >>> KeyName node. Try to remove it from the template >>> or specify key name in the command line options >>> for both encryption and decryption. >>> >>> Aleksey >>> >>> Balakrishnan Viswanathan wrote: >>>> Hi All, >>>> >>>> >>>> >>>> I am a newbie to xmlsec and also to security in general. I am trying >>> to >>>> use xmlsec utility to encrypt and decrypt using the windows binary >>>> provided by Igor. I am able to successfully encrypt a xml file using >>> syntax >>>> >>>> >>>> Encryption:- >>>> >>>> >>>> >>>> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --encrypt > >>>> --binary-da >>>> >>>> ta test.xml --session-key des-192 --pubkey-pem leafkeypub.pem >> --output >>>> testenc.x >>>> >>>> ml template2.xml >>>> >>>> >>>> >>>> the above works and I can see the encrypted data in <ciphervalue> >> node >>>> of the output document testenc.xml (also attached). >>>> >>>> >>>> >>>> However, when I try the reverse, i.e, decrypting the document from >>> above >>>> step I get error below >>>> >>>> >>>> >>>> Decryption fails:- >>>> >>>> >>>> >>>> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --decrypt > >>>> --privkey-p >>>> >>>> em leafkey.pem --output testdecrypt.xml testenc.xml >>>> >>>> Enter password for "leafkey.pem" file: >>>> >>>> > func=xmlSecKeysMngrGetKey:file=..\src\keys.c:line=1364:obj=unknown:subj= >>> xmlSecKe >>>> ysMngrFindKey:error=1:xmlsec library function failed: >>>> >>>> > func=xmlSecEncCtxEncDataNodeRead:file=..\src\xmlenc.c:line=885:obj=unkno >>> wn:subj= >>>> unknown:error=45:key is not found: >>>> >>>> > func=xmlSecEncCtxDecryptToBuffer:file=..\src\xmlenc.c:line=643:obj=unkno >>> wn:subj= >>>> xmlSecEncCtxEncDataNodeRead:error=1:xmlsec library function failed: >>>> >>>> > func=xmlSecEncCtxDecrypt:file=..\src\xmlenc.c:line=582:obj=unknown:subj= >>> xmlSecEn >>>> cCtxDecryptToBuffer:error=1:xmlsec library function failed: >>>> >>>> Error: failed to decrypt file >>>> >>>> Error: failed to decrypt file "testenc.xml" >>>> >>>> >>>> >>>> The error says "key not found", but key is in the same folder where > I >>> am >>>> running it from. I am also attaching the private key (password - >> leaf) >>>> and public key that corresponds to it >>>> >>>> >>>> >>>> I am attaching all the relevant files. Any pointers are appreciated. >>> Thanks. >>>> >>>> >>>> -Bala >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> > ------------------------------------------------------------------------ >>>> _______________________________________________ >>>> xmlsec mailing list >>>> xmlsec@aleksey.com >>>> http://www.aleksey.com/mailman/listinfo/xmlsec >>>> >>>> > ------------------------------------------------------------------------ >>>> _______________________________________________ >>>> xmlsec mailing list >>>> xmlsec@aleksey.com >>>> http://www.aleksey.com/mailman/listinfo/xmlsec >> _______________________________________________ >> xmlsec mailing list >> xmlsec@aleksey.com >> http://www.aleksey.com/mailman/listinfo/xmlsec > _______________________________________________ > xmlsec mailing list > xmlsec@aleksey.com > http://www.aleksey.com/mailman/listinfo/xmlsec _______________________________________________ xmlsec mailing list xmlsec@aleksey.com http://www.aleksey.com/mailman/listinfo/xmlsec