I'm in the process of moving a .NET Framework application using the SAML v2.0 for ASP.NET library to a .NET Core implementation and the licensed .NET Core library. One of the use cases is decrypting an assertion using a provided certificate (and potentially password), which we don't know ahead of time. In the .NET Framework version, I have code similar to this: SAMLResponse samlResponse = new SAMLResponse(responseElement); EncryptedAssertion encryptedAssertion = samlResponse.GetEncryptedAssertion(); System.Security.Crytography.RSA rsa = Utility.ConvertFromPEM(privateCert, password); XmlElement decryptedAssertionElement = encryptedAssertion.DecryptToXml(rsa); I don't see a .NET Core equivalent version for DecryptToXml(). I saw another forum post that indicated that you can configure a certificate in a LocalCertificateFile element in saml.config, which I guess we could dynamically create and modify, but it wouldn't be ideal since we don't know the certificate(s) ahead of time and aren't necessarily guaranteed that we'll have write access to the file/directory. Do you have any suggestions for resolving this issue and/or do you have example code for using EncryptedAssertion? This isn't a ASP.NET application, if that matters.
|