Hi! I'm trying to use xmlsec to implement encrypt/decrypt functionality, with help from https://users.dcc.uchile.cl/~pcamacho/tutorial/web/xmlsec/xmlsec.html for providing basic examples.
I have a problem where a test case works in one environment, but not in
another and I'm not sure how to proceed.
I'm attaching 4 files
* certificate.p12 - private key given in PKCS #12 for decrypting (password:
hello)
* public.pem - public file for encrypting
* doc.xml - document to encrypt
* template.xml - template used for encrypting
Encrypt:
xmlsec1 encrypt --pubkey-pem public.pem --session-key des-192 --xml-data
doc.xml --output encrypted.xml template.xml
Decrypt
xmlsec1 decrypt --output result.xml --pkcs12 certificate.p12 --pwd hello
encrypted.xml
When run with latest version available via cygwin (xmlsec1 1.2.24
(openssl)) on Windows, this produces the desired result that result.xml is
equivalent to doc.xml. However, when run on CentOS 7 with the latest
available version (xmlsec1 1.2.20 (openssl)) decryption fails with:
Entity: line 2: parser error : internal error: detected an error in element
content
<PayInfo>
^
func=xmlSecReplaceNodeBufferAndReturn:file=xmltree.c:line=573:obj=unknown:subj=xmlParseInNodeContext:error=5:libxml2
library function failed:Failed to parse content
func=xmlSecEncCtxDecrypt:file=xmlenc.c:line=648:obj=unknown:subj=xmlSecReplaceNodeBuffer:error=1:xmlsec
library function failed:node=EncryptedData
Error: failed to decrypt file
Error: failed to decrypt file "encrypted.xml"
Obviously, I see that I'm running different versions, but does anyone know
what might be wrong regardless? Is the test case flawed but 1.2.24 accepts
it anyway, or did I run into a bug?
Regards,
Matthias Hjalmarsson
certificate.p12
Description: application/pkcs12
public.pem
Description: Binary data
<?xml version="1.0" encoding="utf-8"?> <PayInfo> <Name>John Smith</Name> <CreditCard Limit="2,000" Currency="USD"> <Number>1076 2478 0678 5589</Number> <Issuer>CitiBank</Issuer> <Expiration>06/10</Expiration> </CreditCard> </PayInfo>
<?xml version="1.0" encoding="UTF-8"?> <!-- XML Security Library example: Original XML doc file before encryption (encrypt3 example). --> <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#"; Type="http://www.w3.org/2001/04/xmlenc#Element";> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";> <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#";> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/> <CipherData> <CipherValue/> </CipherData> </EncryptedKey> </KeyInfo> <CipherData> <CipherValue/> </CipherData> </EncryptedData>
_______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
