问题描述
我希望有人可以帮助我了解如何解密以前使用公钥加密的 xml 文件。该文件分为两部分,AuthenticatedPublic 部分和 AuthenticatedPrivate 部分,在后者内部,有特定的标签,如 CipherValue、X509Certificate,假设用我的私钥。我尝试过的步骤是:
- 使用 XmlToArray 解析整个 xml 文件。
- 获得了我需要解密的标签之一,即密码值。
然后我尝试了很多东西,比如尝试使用以下方法解密:(我使用的是 php,所以这是在一个函数中)
openssl rsautl -decrypt -inkey "'.$privkey.'" -in "'.$tag.'" -out decrypted.xml
但结果是一个空的decrypted.xml 文件。我也尝试过转换为 base64,然后也尝试解密,但后来出现错误:
rsa routines:RSA_padding_check_PKCS1_type_2:pkcs decoding error:.\crypto\rsa\rsa_pk1.c:273:
5612:error:04065072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed:.\crypto\rsa\rsa_eay.c:602:
事实上,我不确定这是否是解密 xml 的方法。有什么想法吗?
感谢您的时间,问候
编辑
Pak Uula 有没有建议,下面是关于我的 xml 文件的更详细信息,请注意我出于明显的原因隐藏了一些数据:
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<DCinemaSecurityMessage xmlns="http://www.smpte-ra.org/schemas/430-3/2006/ETM" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:enc="http://www.w3.org/2001/04/xmlenc#">
<AuthenticatedPublic Id="ID_AuthenticatedPublic">
...(keys hidded for brevity)
<RequiredExtensions>
<KDMRequiredExtensions xmlns="http://www.smpte-ra.org/schemas/430-1/2006/KDM">
...(keys hidded for brevity)
....(below some of the keys that i need to decrypt)
<CompositionPlaylistId>urn:uuid:d932f6a0-094b-etc-etc-etc</CompositionPlaylistId>
<ContentTitleText>...</ContentTitleText>
..
<AuthorizedDeviceInfo>
<DeviceListIdentifier>urn:uuid:31949239-a1f9-etc-etc-etc</DeviceListIdentifier>
<DeviceList>
<CertificateThumbprint>2jmj7l5rSw0yVb/vlW-etc-etc-etc</CertificateThumbprint>
</DeviceList>
</AuthorizedDeviceInfo>
<KeyIdList>
<TypedKeyId>
<KeyType>MDIK</KeyType>
<KeyId>urn:uuid:154727b3-890c-etc-etc-etc</KeyId>
</TypedKeyId>
<TypedKeyId>
<KeyType>MDAK</KeyType>
<KeyId>urn:uuid:682c2ff0-9b1d-etc-etc-etc</KeyId>
</TypedKeyId>
</KeyIdList>
</KDMRequiredExtensions>
</RequiredExtensions>
<NonCriticalExtensions />
</AuthenticatedPublic>
<AuthenticatedPrivate Id="ID_AuthenticatedPrivate">
<enc:EncryptedKey xmlns:enc="http://www.w3.org/2001/04/xmlenc#">
...(keys hidded for brevity)
....(below some of the keys that i need to decrypt)
<enc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" />
<enc:CipherData>
<enc:CipherValue>lwYdkG5Q5wfW/S7UzZDtnJMcAng3w3ketzkh68y1BeX+okNEj48b5rSWUC/4mNhT
N2QsHxOCkvKDavIGGSAP23tdp0VtdeHTNAszcgK4Xzc8VHGUEiswONCOxTzNWuwj
...etc etc
zfHceeHN50b8vzM/Rt/jTUq54eC3nE+lP3eTXbLj/YvpPo8H45Sti9YP9WZixGHz
Uvf6Go31+3JwsXXIUl3O+w==</enc:CipherValue>
</enc:CipherData>
</enc:EncryptedKey>
<enc:EncryptedKey xmlns:enc="http://www.w3.org/2001/04/xmlenc#">
<enc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" />
<enc:CipherData>
<enc:CipherValue>TvC1LCspgTsXqM1b8ClPCtAkAdXXzxe+Av7LMxYtUaqUbd8HeBuaS1cx3WwoVRDr
TWcrBEnv24GbIB5ygcMFW3DlGsXfmWJGnRNx/6xT/U15RQPgoD9AP4WFEHxthzP0
...etc etc
1ajG5lDjEu4TqjdL7DPGNu9HfI9boerJ5FUFQ/fMdD4xbDHdc4DgIQdTUgLFGHJz
RwOyfOAcSNoO/fpAkMXoEw==</enc:CipherValue>
</enc:CipherData>
</enc:EncryptedKey>
</AuthenticatedPrivate>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
<ds:Reference URI="#ID_AuthenticatedPublic">
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>KJ37JaHCdMo5dq3TmIaxF+A+lpuoVG-etc-etc-etc</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#ID_AuthenticatedPrivate">
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>rcIAaHZoc80XqB70S2oZEp6IziDrVgwt-etc-etc-etc</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>hcOaWg8mzwc61XkyqXxy6+cuuGtrsDjTVzFeSv4ZAs6INQBTYChGiHD00lE8ud02
uG/bbjcqHiMVAFdhZIjw1xIs0FrAh3EdO7eJtiyGl1CpK9z5X9VXizkkhf4wWAZS
....etc etc
0i9iV4sMJlZn4j9glWiTgA==</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509IssuerSerial>
<ds:X509IssuerName>dnQualifier=4py0tKtJ07bHLNbK-etc-etc-etc,OU=...,O=...,CN=...</ds:X509IssuerName>
<ds:X509SerialNumber>167201700</ds:X509SerialNumber>
</ds:X509IssuerSerial>
<ds:X509Certificate>MIIEZDCCA0ygAwIBAgIECfdLpDANBgkqhkiG9w0BAQsFADBzMRIwEAYDVQQDEwku
VmltcDE2MDQxEzARBgNVBAoTCi5EQy5DQS5SdVMxITAfBgNVBAsTGC5DbGlwc3Rl
ci5GQk1TLkRDLkNBLlJ1UzElMCMGA1UELhMcNHB5MHRLdEowN2JITE5iS2VwdTRG
-etc-etc-etc
/g07WLzKPQmLxR8I/8GhdyI3Nez+16rJPKMJ3eUV7qLuvA1B2VQ93jBzC4fVvzfI
xFYzYV2RO+VquC/dcgPHKLZPhR1Rp4zP74lGAPIloQa1kpVzjoGypK7QDWLFg+IG
XBtw1dtscIywnqTxYXaxXwic9OlQ2mcmMS7sh2ke2xB9CLYD9JmjPaV71A4J2Y2Y
eF6WeFKIzkKp0fJffqDbFFvKfap3K9e000K/Yno5fFurWW/fagdGEHAXB0zHCj7k
d14u2vegqToKdMsybcA5RngZ7YWYQZKJ
</ds:X509Certificate>
</ds:X509Data>
<ds:X509Data>
<ds:X509IssuerSerial>
<ds:X509IssuerName>dnQualifier=wiwAlHjwPoipV-etc-etc-etc,OU=....,O=....,CN=...</ds:X509IssuerName>
<ds:X509SerialNumber>9714</ds:X509SerialNumber>
</ds:X509IssuerSerial>
<ds:X509Certificate>MIIELDCCAxSgAwIBAgICJfIwDQYJKoZIhvcNAQELBQAwajESMBAGA1UEAxMJLkNs
aXBzdGVyMRMwEQYDVQQKEwouREMuQ0EuUnVTMRgwFgYDVQQLEw8uRkJNUy5EQy5D
QS5SdVMxJTAjBgNVBC4THHdpd0FsSGp3UG9pcFY1d3ZEd1pZMFhUYWlNTT0wHhcN
-etc-etc-etc
fiZ3Ljj0uayRAaJtOpflj8RYgWgf2oQvA3vIdc35J2WCea9xm+MLBjycJeaHqgcb
h1hh4qWtaINElm2sdf1p8/feBU0vBV/4ey0TR86tF0FhuVBCg4v9HqrFMY+m4/xJ
wyMCysIxr7ZgszAMOgarYD6JfhNGWm+1VAyI7lR/VspPj6FV0hVOwCb9QZHA/c1Z
5vMeW+Wx3C+1q4HBYHm+ryc7lTt045w7HilTig07g0K6DMaf8G3V5kxZpOQcVWn3
iNFT6Fzg+bE9YD2FdhnVOQ==
</ds:X509Certificate>
</ds:X509Data>
<ds:X509Data>
<ds:X509IssuerSerial>
<ds:X509IssuerName>dnQualifier=JknMF1MuF3k1Jg-etc-etc-etc=,CN=...</ds:X509IssuerName>
<ds:X509SerialNumber>9712</ds:X509SerialNumber>
</ds:X509IssuerSerial>
<ds:X509Certificate>MIIEGjCCAwKgAwIBAgICJfAwDQYJKoZIhvcNAQELBQAwYTEOMAwGA1UEAxMFLkZC
TVMxEzARBgNVBAoTCi5EQy5DQS5SdVMxEzARBgNVBAsTCi5EQy5DQS5SdVMxJTAj
BgNVBC4THEprbk1GMU11RjNrMUpnL2JFZm1uWjVpNnlmcz0wHhcNMTUxMDAxMDAw
-etc-etc-etc
+mMkPdu2GuXJj4BBQY0ayoixrSyHg3stATcdeEbU1WESEsmztT8coXMLrd3/W0I6
ahe/dQyOSnZtv8RBL/Zb3Mnih+BQGSbiKlpWNoev71/r5JxA4/grffAfeFjnWy8E
zhAKe9wGx+wR+yQhSBUTHtGE/cA9NfOvOnRvO3BEXsfcJASFXITayaZ7MxP3Mgl/
4RnNxmgKFVY62LLZRo+DmXHhnilVBxrk1YEtBq/mb9R7SYtI5AmfL+B0TUJWGQ==
</ds:X509Certificate>
</ds:X509Data>
<ds:X509Data>
<ds:X509IssuerSerial>
<ds:X509IssuerName>dnQualifier=JknMF1MuF3k1Jg-etc-etc-etc,CN=....</ds:X509IssuerName>
<ds:X509SerialNumber>9711</ds:X509SerialNumber>
</ds:X509IssuerSerial>
<ds:X509Certificate>MIIEETCCAvmgAwIBAgICJe8wDQYJKoZIhvcNAQELBQAwYTEOMAwGA1UEAxMFLkZC
TVMxEzARBgNVBAoTCi5EQy5DQS5SdVMxEzARBgNVBAsTCi5EQy5DQS5SdVMxJTAj
BgNVBC4THEprbk1GMU11RjNrMUpnL2JFZm1uWjVpNnlmcz0wHhcNMTUxMDAxMDAw
-etc-etc-etc
iFwmmsU6j0BosEVv/NcdmyoZ68rY0xrjSiCLY7lreHec58ZFXOxNKQsfNJGriyrg
30nMPjp/tgaHK6RZ+XL8sRX9NY+ySBeS/uQtCeH5CtCavIwPrurv5BUbzNmIB5FK
m4wvtXmfVcxTnL4lYHvyhqieDsm+Uwv7Fwt03ygqXeW5IPCs7nqcLwYzhm/7Mn5d
3YBiLH4B0+W2Mq5px0Hrm/2pOVEXv67mbSgdGsHnAYu/f0xN2A==
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
</DCinemaSecurityMessage>
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)
设置时间 控制面板
错误1:Request method ‘DELETE‘ not supported 错误还原:...