Skip to Content.
Sympa Menu

mace-opensaml-users - decrypting EncryptedAssertion in Browser Post profile use case

Subject: OpenSAML user discussion

List archive

decrypting EncryptedAssertion in Browser Post profile use case


Chronological Thread 
  • From: "Singh, Manish" <>
  • To: <>
  • Subject: decrypting EncryptedAssertion in Browser Post profile use case
  • Date: Tue, 26 Feb 2008 15:41:17 -0500

Title: decrypting EncryptedAssertion in Browser Post profile use case

Below is the assertion I aim to decrypt.
As you can see symmetric key is encrypted using RSA (and an offline key).

I was hoping to use org.opensaml.saml2.encryption.Decrypter.decrypt(EncryptedAssertion) but not able to figure out rest of the components.

Based on the javadoc I tried constructing Decrypter with StaticKeyInfoCredentialResolver but that did not help.
public Decrypter(KeyInfoCredentialResolver newResolver,
                 KeyInfoCredentialResolver newKEKResolver,
                 EncryptedKeyResolver newEncKeyResolver)

    Constructor.

Parameters:

    newResolver - resolver for data encryption keys.
    newKEKResolver - resolver for key encryption keys.
    newEncKeyResolver - resolver for EncryptedKey elements

Any help is appreciated.

org.opensaml.xml.encryption.DecryptionException: Valid decryption key for EncryptedData could not be resolved
        org.opensaml.xml.encryption.Decrypter.decryptDataToDOM(Decrypter.java:460)
        org.opensaml.xml.encryption.Decrypter.decryptDataToList(Decrypter.java:378)
        org.opensaml.xml.encryption.Decrypter.decryptData(Decrypter.java:337)
        org.opensaml.saml2.encryption.Decrypter.decryptData(Decrypter.java:166)


<saml:EncryptedAssertion>
    <xenc:EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
      <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>

      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
          <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/>

          <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:CipherValue xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">ciphervalue</xenc:CipherValue>
          </xenc:CipherData>
        </xenc:EncryptedKey>
      </ds:KeyInfo>
      <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
        <xenc:CipherValue xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">ciphervalue</xenc:CipherValue>
      </xenc:CipherData>
    </xenc:EncryptedData>
  </saml:EncryptedAssertion>




Archive powered by MHonArc 2.6.16.

Top of Page