cant find encryption algorithm

[willfarrell]

I was getting the cant find encryption algorithm error (after removing the try/catch) while trying to decrypt a response from a service.

I found changing var keyEncryptionMethod = xpath.select("//*[local-name(.)='KeyInfo']/*[local-name(.)='EncryptedKey']/*[local-name(.)='EncryptionMethod']", doc)[0]; for var keyEncryptionMethod = xpath.select("//*[local-name(.)='EncryptedKey']/*[local-name(.)='EncryptionMethod']", doc)[0]; in xmlenc.js-> decryptKeyInfo() solved my issue perfectly. Is there a reasoning for having EncryptedKey as a child of KeyInfo? Just want to check before I submit a PR. Sample xml in question below.

<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
    <soapenv:Header>
        <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
            <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                <xenc:EncryptionMethod xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
                <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
                    <wsse:SecurityTokenReference>
                        <wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">tyOZ9U6iyFdA0PwC6qgRfePd57s=</wsse:KeyIdentifier>
                    </wsse:SecurityTokenReference>
                </dsig:KeyInfo>
                <xenc:CipherData xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
                    <xenc:CipherValue>h2Or2.....Gd8nmQvI=</xenc:CipherValue>
                </xenc:CipherData>
                <xenc:ReferenceList>
                    <xenc:DataReference URI="#G0x7f983042a338-46D" />
                </xenc:ReferenceList>
            </xenc:EncryptedKey>
            <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-38a4d644-12ee-435f-9ada-b612e18430d9">
                <wsu:Created>2016-09-11T22:30:38Z</wsu:Created>
                <wsu:Expires>2016-09-11T22:35:38Z</wsu:Expires>
            </wsu:Timestamp>
            <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-af48d2ff-ffb1-46de-aa5d-dfd036a69477" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">MIIFcDCCBFig...DHLW7q1g==</wsse:BinarySecurityToken>
            <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
                <SignedInfo>
                    <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
                    <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
                    <Reference URI="#Timestamp-38a4d644-12ee-435f-9ada-b612e18430d9">
                        <Transforms>
                            <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
                        </Transforms>
                        <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
                        <DigestValue>qYbXIKE01SOZWwHbJvKNLqhsknQ=</DigestValue>
                    </Reference>
                    <Reference URI="#Body-8b38f43f-27ed-4c7c-bf98-5c0a91482237">
                        <Transforms>
                            <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
                        </Transforms>
                        <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
                        <DigestValue>t8TF5SDrO7GOqvJF3SLBE6S0tXA=</DigestValue>
                    </Reference>
                </SignedInfo>
                <SignatureValue>SMWtj7...H3H0vPcqQ==</SignatureValue>
                <KeyInfo>
                    <wsse:SecurityTokenReference xmlns="">
                        <wsse:Reference URI="#SecurityToken-af48d2ff-ffb1-46de-aa5d-dfd036a69477" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" />
                    </wsse:SecurityTokenReference>
                </KeyInfo>
            </Signature>
        </wsse:Security>
    </soapenv:Header>
    <soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Body-8b38f43f-27ed-4c7c-bf98-5c0a91482237">
        <c:validateResponse xmlns:c="http://hcv.health.ontario.ca/" xmlns:a="http://ebs.health.ontario.ca/" xmlns:b="http://idp.ebs.health.ontario.ca/">
            <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="G0x7f983042a338-46D" Type="http://www.w3.org/2001/04/xmlenc#Element">
                <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
                <xenc:CipherData>
                    <xenc:CipherValue>6HhaOkT5...dN+MY3KOQ=</xenc:CipherValue>
                </xenc:CipherData>
            </xenc:EncryptedData>
        </c:validateResponse>
    </soapenv:Body>
</soapenv:Envelope>

[peretch]

Thanks!!!, that fix worked perfectly!!

[Arjunkalidas]

This fixes the problem actually, great find. Did you end up submitting a pull request? @willfarrell

[willfarrell]

I don't even remember what I was working on that needed this. It doesn't look like I did make a PR. If someone would like to, please go ahead.