Re: [xmlsec] Encrypt/decrypt works in one environment, but not another (parser error : internal error: detected an error in element content)

Sun, 23 Jun 2019 12:03:59 -0700 

Looks like libxml2 can't parse the file. What version of libxml2
do you have installed? I would suggest to try to upgrade to
the latest version and see if this fixes the problem.

Aleksey

On 6/23/19 8:58 AM, Matthias Hjalmarsson wrote:

Hi!
I'm trying to use xmlsec to implement encrypt/decrypt functionality, with help from https://users.dcc.uchile.cl/~pcamacho/tutorial/web/xmlsec/xmlsec.html for providing basic examples.
I have a problem where a test case works in one environment, but not in another and I'm not sure how to proceed. 

I'm attaching 4 files
* certificate.p12 - private key given in PKCS #12 for decrypting (password: hello) 
* public.pem - public file for encrypting
* doc.xml - document to encrypt
* template.xml - template used for encrypting

Encrypt:
xmlsec1 encrypt --pubkey-pem public.pem --session-key des-192 --xml-data doc.xml --output encrypted.xml template.xml 

Decrypt
xmlsec1 decrypt --output result.xml --pkcs12 certificate.p12 --pwd hello encrypted.xml
When run with latest version available via cygwin (xmlsec1 1.2.24 (openssl)) on Windows, this produces the desired result that result.xml is equivalent to doc.xml. However, when run on CentOS 7 with the latest available version (xmlsec1 1.2.20 (openssl)) decryption fails with:
Entity: line 2: parser error : internal error: detected an error in element content 

<PayInfo>
          ^
func=xmlSecReplaceNodeBufferAndReturn:file=xmltree.c:line=573:obj=unknown:subj=xmlParseInNodeContext:error=5:libxml2 library function failed:Failed to parse content func=xmlSecEncCtxDecrypt:file=xmlenc.c:line=648:obj=unknown:subj=xmlSecReplaceNodeBuffer:error=1:xmlsec library function failed:node=EncryptedData 
Error: failed to decrypt file
Error: failed to decrypt file "encrypted.xml"
Obviously, I see that I'm running different versions, but does anyone know what might be wrong regardless? Is the test case flawed but 1.2.24 accepts it anyway, or did I run into a bug? 

Regards,
Matthias Hjalmarsson



_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec


_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec

Reply via email to