ComponentSpace

Forums



SAML Encryption Exception


SAML Encryption Exception

Author
Message
Jorge Garcia Huertos
Jorge Garcia Huertos
New Member
New Member (32 reputation)New Member (32 reputation)New Member (32 reputation)New Member (32 reputation)New Member (32 reputation)New Member (32 reputation)New Member (32 reputation)New Member (32 reputation)New Member (32 reputation)

Group: Forum Members
Posts: 17, Visits: 74
I am trying to encrypt a metadata file (I am using the IdP-Template metadata) to see how it works.

I introduced this command:
.\EncryptAssertion.exe -a SHA256 -c C:\Users\jgarcia\Downloads\SAMLv20-evaluation\test.cer C:\Users\jgarcia\Downloads\SAMLv20-evaluation\IdPmetadata.xml

And the answer I receive is:
Loading certificate C:\Users\jgarcia\Downloads\SAMLv20-evaluation\test.cer
Loading C:\Users\jgarcia\Downloads\SAMLv20-evaluation\IdPmetadata.xml
Encrypting SAML assertion
ComponentSpace.SAML2.Exceptions.SAMLEncryptionException: Unsupported data encryption method SHA256
 at ComponentSpace.SAML2.Utility.XmlEncryption.CreateSymmetricKey(EncryptionMethod encryptionMethod, Byte[] key)
 at ComponentSpace.SAML2.Utility.XmlEncryption.Encrypt(XmlElement plainTextElement, AsymmetricAlgorithm keyEncryptingKey, EncryptionMethod keyEncryptionMethod, EncryptionMethod dataEncryptionMethod, KeyInfo keyInfo)
 at ComponentSpace.SAML2.Utility.XmlEncryption.Encrypt(XmlElement plainTextElement, X509Certificate2 x509Certificate, EncryptionMethod keyEncryptionMethod, EncryptionMethod dataEncryptionMethod)
 at ComponentSpace.SAML2.Assertions.EncryptedAssertion..ctor(XmlElement samlAssertion, X509Certificate2 x509Certificate, EncryptionMethod keyEncryptionMethod, EncryptionMethod dataEncryptionMethod)
 at ComponentSpace.SAML2.Assertions.EncryptedAssertion..ctor(XmlElement samlAssertion, X509Certificate2 x509Certificate, EncryptionMethod dataEncryptionMethod)
 at EncryptAssertion.Program.EncryptAssertion(XmlElement xmlElement) in C:\Users\jgarcia\Downloads\SAMLv20-evaluation\SAML for .NET\Examples\Utility\EncryptAssertion\Program.cs:line 97
 at EncryptAssertion.Program.Main(String[] args) in C:\Users\jgarcia\Downloads\SAMLv20-evaluation\SAML for .NET\Examples\Utility\EncryptAssertion\Program.cs:line 109

I suppose I am writing the encryption method wrong. But, what I have to write there if I want to encrypt the metadata file with the AES-256 algorithm?

Thanks,


JorgeGHS
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
There are two two algorithms involved in XML encryption - one to encrypt the randomly generated symmetric key and one to encrypt the XML using the symmetric key.

The symmetric key encryption algorithm options are:

http://www.w3.org/2001/04/xmlenc#rsa-1_5
http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p

The XML encryption algorithm options are:

http://www.w3.org/2001/04/xmlenc#tripledes-cbc
http://www.w3.org/2001/04/xmlenc#kw-tripledes
http://www.w3.org/2001/04/xmlenc#aes128-cbc
http://www.w3.org/2001/04/xmlenc#kw-aes128
http://www.w3.org/2001/04/xmlenc#aes192-cbc
http://www.w3.org/2001/04/xmlenc#kw-aes192
http://www.w3.org/2001/04/xmlenc#aes256-cbc
http://www.w3.org/2001/04/xmlenc#kw-aes256

We default to http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p and http://www.w3.org/2001/04/xmlenc#aes256-cbc.

To use AES-256 you should specify http://www.w3.org/2001/04/xmlenc#aes256-cbc.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 1 query. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search