You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@santuario.apache.org by Hess Yvan <Yv...@imtf.ch> on 2006/03/30 10:13:13 UTC

Problem with rsa-1_5 padding mechanism

I encrypted a XML document containing a <xenc:EncryptedKey> element and
a <xenc:EncryptedData> element using XML Apache XML security. I tried to
decrypt it using XSS4J library and I didn't succeed!!! The problem seems
to occur when the secret key encapsulated into the <xenc:EncryptedKey>
element is decrypted by XSS4J library.

 

Doing some investigation, I found that XML Apache security library
encrypts the secret key using the algorithm
http://www.w3.org/2001/04/xmlenc#rsa-1_5 with a cipher
'RSA/ECB/PKCS1Padding' and that IBM XSS4J uses 'RSA/ECB/NoPadding'. 

 

The "XML Encryption Syntax and Processing" specifications of the W3C is
not clear for me concernig the rsa-1_5 encryption algorithm. Is a
padding associated to rsa-1_5 encryption or not ? 

 

Who has right ? IBM XSS4J library or XML Apache Security library ?

 

I think it is a critical bug either into XSS4J or into Apache XML
security ... or am I wrong ?

 

Thanks for your answer. 

 

Regards. Yvan Hess

 

Here is the XML encrypted (partial).

 

<edoc:data xmlns:edoc="http://www.imtf.com/hypersuite/edoc/2.0/"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">

  <xenc:EncryptedKey Id="Revision-1-Encryption-1-EncryptedKey-1">

     <xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>

     <ds:KeyInfo>

        <ds:KeyName>SphinxTest</ds:KeyName>

     </ds:KeyInfo>

     <xenc:CipherData>

 
<xenc:CipherValue>PMblWX1U9dQhiMTSMXsX9kO8Udg8Pii8XhrRmOKJ+HiuSZUEvsfBtD
wFzoXjwnCdYb+LkqPxYZ8EzgQxbxObI1RrUdg6iy4R3T0d+/H/tK34cjm8itoqDDSkyod9/b
OtqnEnv3AzAgkBFNCbR7NZ3N7i7gonjMAzes6wuNRCYsg=</xenc:CipherValue>

     </xenc:CipherData>

     <xenc:CarriedKeyName>secretKey</xenc:CarriedKeyName>

  </xenc:EncryptedKey>

  <xenc:EncryptedData Id="Revision-1-Encryption-1-EncryptedData-1">

     <xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>

     <ds:KeyInfo>

        <ds:KeyName>secretKey</ds:KeyName>

     </ds:KeyInfo>

     <xenc:CipherData>

        <xenc:CipherReference
URI="urn:hypersuite:534177D3-C0A8027601B4E829-57982AC1.txt"/>

     </xenc:CipherData>

  </xenc:EncryptedData>

</edoc:data>

Re: Problem with rsa-1_5 padding mechanism

Posted by Milan Tomic <to...@yahoo.com>.

Hi,

W3C is being very clear about padding while encrypting using RSA 1.5 alg:

http://www.w3.org/TR/xmlenc-core/#sec-Alg-KeyTransport

In other words: you have to use padding. Btw, padding is not something complex and can be easily
implemented.

Hope it helps,
Milan


--- Hess Yvan <Yv...@imtf.ch> wrote:

> I encrypted a XML document containing a <xenc:EncryptedKey> element and
> a <xenc:EncryptedData> element using XML Apache XML security. I tried to
> decrypt it using XSS4J library and I didn't succeed!!! The problem seems
> to occur when the secret key encapsulated into the <xenc:EncryptedKey>
> element is decrypted by XSS4J library.
> 
>  
> 
> Doing some investigation, I found that XML Apache security library
> encrypts the secret key using the algorithm
> http://www.w3.org/2001/04/xmlenc#rsa-1_5 with a cipher
> 'RSA/ECB/PKCS1Padding' and that IBM XSS4J uses 'RSA/ECB/NoPadding'. 
> 
>  
> 
> The "XML Encryption Syntax and Processing" specifications of the W3C is
> not clear for me concernig the rsa-1_5 encryption algorithm. Is a
> padding associated to rsa-1_5 encryption or not ? 
> 
>  
> 
> Who has right ? IBM XSS4J library or XML Apache Security library ?
> 
>  
> 
> I think it is a critical bug either into XSS4J or into Apache XML
> security ... or am I wrong ?
> 
>  
> 
> Thanks for your answer. 
> 
>  
> 
> Regards. Yvan Hess
> 
>  
> 
> Here is the XML encrypted (partial).
> 
>  
> 
> <edoc:data xmlns:edoc="http://www.imtf.com/hypersuite/edoc/2.0/"
> xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
> 
>   <xenc:EncryptedKey Id="Revision-1-Encryption-1-EncryptedKey-1">
> 
>      <xenc:EncryptionMethod
> Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
> 
>      <ds:KeyInfo>
> 
>         <ds:KeyName>SphinxTest</ds:KeyName>
> 
>      </ds:KeyInfo>
> 
>      <xenc:CipherData>
> 
>  
> <xenc:CipherValue>PMblWX1U9dQhiMTSMXsX9kO8Udg8Pii8XhrRmOKJ+HiuSZUEvsfBtD
> wFzoXjwnCdYb+LkqPxYZ8EzgQxbxObI1RrUdg6iy4R3T0d+/H/tK34cjm8itoqDDSkyod9/b
> OtqnEnv3AzAgkBFNCbR7NZ3N7i7gonjMAzes6wuNRCYsg=</xenc:CipherValue>
> 
>      </xenc:CipherData>
> 
>      <xenc:CarriedKeyName>secretKey</xenc:CarriedKeyName>
> 
>   </xenc:EncryptedKey>
> 
>   <xenc:EncryptedData Id="Revision-1-Encryption-1-EncryptedData-1">
> 
>      <xenc:EncryptionMethod
> Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
> 
>      <ds:KeyInfo>
> 
>         <ds:KeyName>secretKey</ds:KeyName>
> 
>      </ds:KeyInfo>
> 
>      <xenc:CipherData>
> 
>         <xenc:CipherReference
> URI="urn:hypersuite:534177D3-C0A8027601B4E829-57982AC1.txt"/>
> 
>      </xenc:CipherData>
> 
>   </xenc:EncryptedData>
> 
> </edoc:data>
> 
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com