Aleksey, Thanks again. I fear that I am taking too much of your time just trying to understand the basics of this tool.
Basically, what I am trying to accomplish as part of learning this tool is to encrypt and decrypt a simple xml file and running into problems with templates, switches etc. Is there a place or document where I can find a template, a set of keys, syntax for encrypt/decrypt that work out-of-the-box, the reason being such canned examples will help novices like me. -Bala -----Original Message----- From: Aleksey Sanin [mailto:[EMAIL PROTECTED] Sent: Friday, January 18, 2008 1:23 PM To: Balakrishnan Viswanathan Cc: [email protected] Subject: Re: [xmlsec] encryption works but decryption failed Well, your public key can not be used for AES192 encryption requested by the template. Aleksey Balakrishnan Viswanathan wrote: > Aleksey, > > Sorry for being a bit dense. This node is already in the template and > yes I am using pub key?. > > -Bala > > -----Original Message----- > From: Aleksey Sanin [mailto:[EMAIL PROTECTED] > Sent: Friday, January 18, 2008 12:04 PM > To: Balakrishnan Viswanathan > Cc: [email protected] > Subject: Re: [xmlsec] encryption works but decryption failed > > <EncryptionMethod > Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"; /> > > and you are using public key... > > Aleksey > > Balakrishnan Viswanathan wrote: >> Aleksey >> >> I took the template >> >> > http://svn.gnome.org/viewvc/xmlsec/trunk/tests/aleksey-xmlenc-01/enc-des >> 3cbc-aes192-keyname.tmpl?view=markup >> >> and this time even encrypt failed with "key not found error" >> >> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --encrypt >> --binary-da >> ta test.xml --session-key aes-192 --pubkey-pem:test-aes192 >> leafkeypub.pem --outp >> ut testenc.xml templatefromaleksey.xml >> > func=xmlSecEncCtxEncDataNodeRead:file=..\src\xmlenc.c:line=885:obj=unkno >> wn:subj= >> unknown:error=45:key is not found: >> > func=xmlSecEncCtxUriEncrypt:file=..\src\xmlenc.c:line=527:obj=unknown:su >> bj=xmlSe >> cEncCtxEncDataNodeRead:error=1:xmlsec library function failed: >> Error: failed to encrypt file "test.xml" >> Error: failed to encrypt file with template "templatefromaleksey.xml" >> >> >> -Bala >> >> -----Original Message----- >> From: Aleksey Sanin [mailto:[EMAIL PROTECTED] >> Sent: Friday, January 18, 2008 11:38 AM >> To: Balakrishnan Viswanathan >> Cc: [email protected] >> Subject: Re: [xmlsec] encryption works but decryption failed >> >> Oh, never mine. I got it. You specify "session key" and >> in this case you *must* add <EncryptedKey> to the template >> to actually store the session key. Checkout examples >> in xmlsec/tests/aleksey-xmlenc-01 >> >> Aleksey >> >> Balakrishnan Viswanathan wrote: >>> Aleksey, >>> >>> I tried that already and same result, commands below:- >>> >>> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --encrypt >>> --binary-da >>> ta test.xml --session-key des-192 --pubkey-pem leafkeypub.pem > --output >>> testenc.x >>> ml template2withoutKeyName.xml >>> >>> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>notepad >> testenc.xml >>> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --decrypt >>> --privkey-p >>> em leafkey.pem --output testdecrypt.xml testenc.xml >>> Enter password for "leafkey.pem" file: >>> > func=xmlSecKeysMngrGetKey:file=..\src\keys.c:line=1364:obj=unknown:subj= >>> xmlSecKe >>> ysMngrFindKey:error=1:xmlsec library function failed: >>> > func=xmlSecEncCtxEncDataNodeRead:file=..\src\xmlenc.c:line=885:obj=unkno >>> wn:subj= >>> unknown:error=45:key is not found: >>> > func=xmlSecEncCtxDecryptToBuffer:file=..\src\xmlenc.c:line=643:obj=unkno >>> wn:subj= >>> xmlSecEncCtxEncDataNodeRead:error=1:xmlsec library function failed: >>> > func=xmlSecEncCtxDecrypt:file=..\src\xmlenc.c:line=582:obj=unknown:subj= >>> xmlSecEn >>> cCtxDecryptToBuffer:error=1:xmlsec library function failed: >>> Error: failed to decrypt file >>> Error: failed to decrypt file "testenc.xml" >>> >>> -Bala >>> >>> -----Original Message----- >>> From: Aleksey Sanin [mailto:[EMAIL PROTECTED] >>> Sent: Friday, January 18, 2008 11:30 AM >>> To: Balakrishnan Viswanathan >>> Cc: [email protected] >>> Subject: Re: [xmlsec] encryption works but decryption failed >>> >>> Could you please to try to remove the KeyName and >>> do *not* specify key name in the command line? >>> >>> Aleksey >>> >>> Balakrishnan Viswanathan wrote: >>>> Aleksey, >>>> >>>> Thanks for your quick response. I tried removing the <KeyName/> from >>> the >>>> template and also specified the KeyName for encrypt and decrypt, but >>>> decrypt still fails with "key not found" error >>>> >>>> >>>> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --encrypt >>>> --binary-da >>>> ta test.xml --session-key des-192 --pubkey-pem:leaf-key >> leafkeypub.pem >>>> --output >>>> testenc.xml template2withoutKeyName.xml >>>> >>>> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>notepad >>> testenc.xml >>>> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec --decrypt >>>> --privkey-p >>>> em:leaf-key leafkey.pem --output testdecrypt.xml testenc.xml >>>> Enter password for "leafkey.pem" file: >>>> > func=xmlSecKeysMngrGetKey:file=..\src\keys.c:line=1364:obj=unknown:subj= >>>> xmlSecKe >>>> ysMngrFindKey:error=1:xmlsec library function failed: >>>> > func=xmlSecEncCtxEncDataNodeRead:file=..\src\xmlenc.c:line=885:obj=unkno >>>> wn:subj= >>>> unknown:error=45:key is not found: >>>> > func=xmlSecEncCtxDecryptToBuffer:file=..\src\xmlenc.c:line=643:obj=unkno >>>> wn:subj= >>>> xmlSecEncCtxEncDataNodeRead:error=1:xmlsec library function failed: >>>> > func=xmlSecEncCtxDecrypt:file=..\src\xmlenc.c:line=582:obj=unknown:subj= >>>> xmlSecEn >>>> cCtxDecryptToBuffer:error=1:xmlsec library function failed: >>>> Error: failed to decrypt file >>>> Error: failed to decrypt file "testenc.xml" >>>> >>>> >>>> I am attaching the template and encrypted document. Thanks. >>>> >>>> -Bala >>>> >>>> -----Original Message----- >>>> From: Aleksey Sanin [mailto:[EMAIL PROTECTED] >>>> Sent: Friday, January 18, 2008 10:37 AM >>>> To: Balakrishnan Viswanathan >>>> Cc: [email protected] >>>> Subject: Re: [xmlsec] encryption works but decryption failed >>>> >>>> Most likely the cause of the problem is "empty" >>>> KeyName node. Try to remove it from the template >>>> or specify key name in the command line options >>>> for both encryption and decryption. >>>> >>>> Aleksey >>>> >>>> Balakrishnan Viswanathan wrote: >>>>> Hi All, >>>>> >>>>> >>>>> >>>>> I am a newbie to xmlsec and also to security in general. I am > trying >>>> to >>>>> use xmlsec utility to encrypt and decrypt using the windows binary >>>>> provided by Igor. I am able to successfully encrypt a xml file > using >>>> syntax >>>>> >>>>> >>>>> Encryption:- >>>>> >>>>> >>>>> >>>>> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec > --encrypt >>>>> --binary-da >>>>> >>>>> ta test.xml --session-key des-192 --pubkey-pem leafkeypub.pem >>> --output >>>>> testenc.x >>>>> >>>>> ml template2.xml >>>>> >>>>> >>>>> >>>>> the above works and I can see the encrypted data in <ciphervalue> >>> node >>>>> of the output document testenc.xml (also attached). >>>>> >>>>> >>>>> >>>>> However, when I try the reverse, i.e, decrypting the document from >>>> above >>>>> step I get error below >>>>> >>>>> >>>>> >>>>> Decryption fails:- >>>>> >>>>> >>>>> >>>>> C:\xmlsecutility\libxmlsec-1.2.10.win32\bin\example>xmlsec > --decrypt >>>>> --privkey-p >>>>> >>>>> em leafkey.pem --output testdecrypt.xml testenc.xml >>>>> >>>>> Enter password for "leafkey.pem" file: >>>>> >>>>> > func=xmlSecKeysMngrGetKey:file=..\src\keys.c:line=1364:obj=unknown:subj= >>>> xmlSecKe >>>>> ysMngrFindKey:error=1:xmlsec library function failed: >>>>> >>>>> > func=xmlSecEncCtxEncDataNodeRead:file=..\src\xmlenc.c:line=885:obj=unkno >>>> wn:subj= >>>>> unknown:error=45:key is not found: >>>>> >>>>> > func=xmlSecEncCtxDecryptToBuffer:file=..\src\xmlenc.c:line=643:obj=unkno >>>> wn:subj= >>>>> xmlSecEncCtxEncDataNodeRead:error=1:xmlsec library function failed: >>>>> >>>>> > func=xmlSecEncCtxDecrypt:file=..\src\xmlenc.c:line=582:obj=unknown:subj= >>>> xmlSecEn >>>>> cCtxDecryptToBuffer:error=1:xmlsec library function failed: >>>>> >>>>> Error: failed to decrypt file >>>>> >>>>> Error: failed to decrypt file "testenc.xml" >>>>> >>>>> >>>>> >>>>> The error says "key not found", but key is in the same folder where >> I >>>> am >>>>> running it from. I am also attaching the private key (password - >>> leaf) >>>>> and public key that corresponds to it >>>>> >>>>> >>>>> >>>>> I am attaching all the relevant files. Any pointers are > appreciated. >>>> Thanks. >>>>> >>>>> >>>>> -Bala >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> > ------------------------------------------------------------------------ >>>>> _______________________________________________ >>>>> xmlsec mailing list >>>>> [email protected] >>>>> http://www.aleksey.com/mailman/listinfo/xmlsec >>>>> >>>>> > ------------------------------------------------------------------------ >>>>> _______________________________________________ >>>>> xmlsec mailing list >>>>> [email protected] >>>>> http://www.aleksey.com/mailman/listinfo/xmlsec >>> _______________________________________________ >>> xmlsec mailing list >>> [email protected] >>> http://www.aleksey.com/mailman/listinfo/xmlsec >> _______________________________________________ >> xmlsec mailing list >> [email protected] >> http://www.aleksey.com/mailman/listinfo/xmlsec > _______________________________________________ > xmlsec mailing list > [email protected] > http://www.aleksey.com/mailman/listinfo/xmlsec _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
