mace-opensaml-users - decrypting EncryptedAssertion in Browser Post profile use case
Subject: OpenSAML user discussion
List archive
- From: "Singh, Manish" <>
- To: <>
- Subject: decrypting EncryptedAssertion in Browser Post profile use case
- Date: Tue, 26 Feb 2008 15:41:17 -0500
Title: decrypting EncryptedAssertion in Browser Post profile use case
Below is the assertion I aim to decrypt.
As you can see symmetric key is encrypted using RSA (and an offline key).
I was hoping to use org.opensaml.saml2.encryption.Decrypter.decrypt(EncryptedAssertion) but not able to figure out rest of the components.
Based on the javadoc I tried constructing Decrypter with StaticKeyInfoCredentialResolver but that did not help.
public Decrypter(KeyInfoCredentialResolver newResolver,
KeyInfoCredentialResolver newKEKResolver,
EncryptedKeyResolver newEncKeyResolver)
Constructor.
Parameters:
newResolver - resolver for data encryption keys.
newKEKResolver - resolver for key encryption keys.
newEncKeyResolver - resolver for EncryptedKey elements
Any help is appreciated.
org.opensaml.xml.encryption.DecryptionException: Valid decryption key for EncryptedData could not be resolved
org.opensaml.xml.encryption.Decrypter.decryptDataToDOM(Decrypter.java:460)
org.opensaml.xml.encryption.Decrypter.decryptDataToList(Decrypter.java:378)
org.opensaml.xml.encryption.Decrypter.decryptData(Decrypter.java:337)
org.opensaml.saml2.encryption.Decrypter.decryptData(Decrypter.java:166)
<saml:EncryptedAssertion>
<xenc:EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>
<xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:CipherValue xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">ciphervalue</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedKey>
</ds:KeyInfo>
<xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:CipherValue xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">ciphervalue</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
</saml:EncryptedAssertion>
- decrypting EncryptedAssertion in Browser Post profile use case, Singh, Manish, 02/26/2008
- Re: decrypting EncryptedAssertion in Browser Post profile use case, Brent Putman, 02/26/2008
- RE: decrypting EncryptedAssertion in Browser Post profile use case, Singh, Manish, 02/26/2008
- Re: decrypting EncryptedAssertion in Browser Post profile use case, Brent Putman, 02/26/2008
- works - RE: decrypting EncryptedAssertion in Browser Post profile use case, Singh, Manish, 02/29/2008
- Re: works - RE: decrypting EncryptedAssertion in Browser Post profile use case, Brent Putman, 02/29/2008
- works - RE: decrypting EncryptedAssertion in Browser Post profile use case, Singh, Manish, 02/29/2008
- Re: decrypting EncryptedAssertion in Browser Post profile use case, Brent Putman, 02/26/2008
- RE: decrypting EncryptedAssertion in Browser Post profile use case, Singh, Manish, 02/26/2008
- Re: decrypting EncryptedAssertion in Browser Post profile use case, Brent Putman, 02/26/2008
Archive powered by MHonArc 2.6.16.