Hi!
I'm trying to encrypt part of a XML message.
So I'm using the command:
xmlsec1 encrypt --pubkey-cert-pem mycert.pem \
--session-key des-192 --xml-data pre_saml2_response.xml \
--node-xpath
'/*[local-name()="Response"]/*[local-name()="Assertion"]/*[local-name()="Subject"]/*[local-name()="EncryptedID"]/text()'
\
encryption_template.xml
The encryption template looks like this:
<?xml version="1.0" encoding="UTF-8"?>
<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#";
Type="http://www.w3.org/2001/04/xmlenc#Element";>
<EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";>
<EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#";>
<EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
<CipherData>
<CipherValue></CipherValue>
</CipherData>
</EncryptedKey>
</KeyInfo>
<CipherData>
<CipherValue></CipherValue>
</CipherData>
</EncryptedData>
The encryption works OK (no error message) and this is what is added to the
original XML file:
<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#";
Type="http://www.w3.org/2001/04/xmlenc#Element";>
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<CipherData>
<CipherValue>ZBx6+ENTu+nktBVSGunBlnBPGc4MXxNJg9vLd1Z/MBJKx2QU/W9kD7OJRQ+Op6ct+865Cgf/9AM=</CipherValue>
</CipherData>
</EncryptedData>
I expected some information about the encrypted session key but nothing.
What did I do wrong ?
Now, trying to decrypt the encrypted file I get "error=45:key is not found"
which I interpret to mean that the session key is missing. Right/wrong ?
-- Roland
------------------------------------------------------
Roland Hedberg
IT Architect/Senior Researcher
ICT Services and System Development (ITS)
Umeå University
SE-901 87 Umeå, Sweden
Phone +46 90 786 68 44
Mobile +46 70 696 68 44
www.its.umu.se
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
