mace-opensaml-users - RE: decrypting EncryptedAssertion in Browser Post profile use case
Subject: OpenSAML user discussion
List archive
- From: "Singh, Manish" <>
- To: <>
- Subject: RE: decrypting EncryptedAssertion in Browser Post profile use case
- Date: Tue, 26 Feb 2008 18:03:54 -0500
Title: decrypting EncryptedAssertion in Browser Post profile use case
So in short try passing to the Decrypter
constructor:
1st arg - null 2nd arg - a StaticKeyInfoCredentialResolver (with a Credential containing your decryption key pair) 3rd arg - an InlineEncryptedKeyResolver (takes no constructor arguments) Brent,
I modified [Old Code] code below to [New
Code] section after that but still the same error (pl. find at the end of
email)
[Old Code]
PrivateKey privateKey = (PrivateKey)ks.getKey( "cssso",
keystorePassword);
credential = new BasicCredential(); credential.setPrivateKey(privateKey); Decrypter decrypter = new Decrypter(null, new StaticKeyInfoCredentialResolver(credential), new EncryptedElementTypeEncryptedKeyResolver()); [NEW Code]
PrivateKey privateKey = (PrivateKey)ks.getKey( "cssso",
keystorePassword);
credential = new BasicCredential(); credential.setPrivateKey(privateKey); Decrypter decrypter = new Decrypter(null, new StaticKeyInfoCredentialResolver(credential), new InlineEncryptedKeyResolver()); I also tried setting both public and private key in BasicCredential but no use. Is BasicCredential right class for this. I am
generating the SAML response from Ping Identity so I am sure about having the
right keys to decrypt.
btw I
am able to verify the signature.
Thanks,
Manish
org.opensaml.xml.encryption.DecryptionException: Valid decryption key for EncryptedData could not be resolved org.opensaml.xml.encryption.Decrypter.decryptDataToDOM(Decrypter.java:460) org.opensaml.xml.encryption.Decrypter.decryptDataToList(Decrypter.java:378) org.opensaml.xml.encryption.Decrypter.decryptData(Decrypter.java:337) org.opensaml.saml2.encryption.Decrypter.decryptData(Decrypter.java:166) org.opensaml.saml2.encryption.Decrypter.decrypt(Decrypter.java:96) org.apache.jsp.saml3_jsp._jspService(saml3_jsp.java:115) org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) javax.servlet.http.HttpServlet.service(HttpServlet.java:803) org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:384) org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:320) org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266) javax.servlet.http.HttpServlet.service(HttpServlet.java:803) org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) |
- decrypting EncryptedAssertion in Browser Post profile use case, Singh, Manish, 02/26/2008
- Re: decrypting EncryptedAssertion in Browser Post profile use case, Brent Putman, 02/26/2008
- RE: decrypting EncryptedAssertion in Browser Post profile use case, Singh, Manish, 02/26/2008
- Re: decrypting EncryptedAssertion in Browser Post profile use case, Brent Putman, 02/26/2008
- works - RE: decrypting EncryptedAssertion in Browser Post profile use case, Singh, Manish, 02/29/2008
- Re: works - RE: decrypting EncryptedAssertion in Browser Post profile use case, Brent Putman, 02/29/2008
- works - RE: decrypting EncryptedAssertion in Browser Post profile use case, Singh, Manish, 02/29/2008
- Re: decrypting EncryptedAssertion in Browser Post profile use case, Brent Putman, 02/26/2008
- RE: decrypting EncryptedAssertion in Browser Post profile use case, Singh, Manish, 02/26/2008
- Re: decrypting EncryptedAssertion in Browser Post profile use case, Brent Putman, 02/26/2008
Archive powered by MHonArc 2.6.16.