发表新帖
发表新帖

How to decrypt EncryptedAssertion manually

前端 未结
关注
2 931
再見小時候
再見小時候 2021-01-26 00:07

I want to decrypt the EncryptedAssertion. I tried with OpenSaml Decrypter but its not working for me.I am getting Failed to decrypt EncryptedData I have already ask that questio

2条回答
  • 清酒与你
    清酒与你 (楼主)
    2021-01-26 00:33

    I won't provide you a complete answer but I hope to get you on the right track

    You should not just simply decrypt the calue with the private key.

    First decrypt the KeyInfo value (unwrap the aes key) using RSA/ECB/PKCS1Padding (according to the provided saml snippet)

    It should give you a 256 bit (32 bytes) random key used to encrypt data itself

    then use the AES key to decrypt the data . Please note that first bytes (128 bit / 16 bytes, aes block size) is used as IV.

    further reading

    • https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.html#sec-Processing-Encryption
    • https://gusto77.wordpress.com/2017/10/30/encryption-reference-project/

    0 讨论(0)
 看不清?
提交回复
热议问题