CODEWITHSUNDEEP
c#samlxml-encryption
user34314
user34314

Reputation: 153

SamlTool Xml Decryption - Why won't this decrypt?

I have an xml file that I have encrypted with c# and Microsoft's EncryptedXml routines. The source is the SamlTool.com example response. The encrypted version is listed below, as well as the public and private keys. The SamlTool response validator (here) is simply saying "Failure decrypting Data". I can manually pull out the individual pieces of the encrypted xml and properly decrypt it using the c# libraries (but not EncryptedXml, since it requires the certificate to be in a store instead of a file).

What am I doing wrong? I'm assuming it's a syntax issue, but the SamlTool schema validator says it's fine. My next thought is that there's some default that isn't getting set in the xml data that is different between SamlTool and microsoft, but I don't know what it is.

Encrypted XML

<?xml version="1.0" encoding="utf-8"?> 
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
  </samlp:Status>
  <saml:EncryptedAssertion><EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns="http://www.w3.org/2001/04/xmlenc#"><EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" /><KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"><EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#"><EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" /><KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"><X509Data><X509Certificate>MIIDizCCAnOgAwIBAgIJAJd0hkzFSivDMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxFTATBgNVBAMMDGJvYmJ5am9lLmNvbTAeFw0xODAzMDEyMDE2MDdaFw0xOTAzMDEyMDE2MDdaMFwxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxFTATBgNVBAMMDGJvYmJ5am9lLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM1JdaBh5tx/FIfQ6yFj9eDSW9PBYnzATToOgCjPi7eP+LYJCS1okxqgiAfSOl+0+FE7NOfmG4RCRSsEt/wijF+cThqRwa7XiBnQO9Q0eBu/GOqwxNZpMi61Fh6ZHm3R3lPPHhH6oq1/E/jFo5Mn/iaTIUYTDNj5ZJuRO3x3ojHpRt+yWomVWpC7AD80CaP35xSwo6SssVUxHgN929F2pYhVR2Uf4TteLFtxQ3XuhMxU6bl2vEdOowtclS8O8I6ajEFHV8EU844M4Lzdxrqy+rz1ZtrxF4WRRF0EVa3MsmgxZYegqLs1b1hJcRZEie6JfTNDCO64cNhDm2pTcSOzCosCAwEAAaNQME4wHQYDVR0OBBYEFK7MXZSuhAUj4MwJ6GfvsfRhYGkqMB8GA1UdIwQYMBaAFK7MXZSuhAUj4MwJ6GfvsfRhYGkqMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJTYUh50ZKEgCE55R3RBQNeGofDmY2rOO7LV7KbtfoekBs7UgmBhk4GBxw71FoIp5dHJRs2S6KQ21UfbFfQrmdnorlzIFH5A3yzojZs3IdHDJfebxlWR0+g8lc4aIjBevmzZ1RMGeyifDqubMVHlLdiptjJCxMKfwEzfav+zJx1zrWwloikeeuAiJLwpqmcS3wBYJApt1dCqpgiJo5/jm6XBi57dtu90LkKPE/4G5qBov3iI1qL+aPtP7GwzDvCE18NDRLnS9Q8TJTHA6fVhsqBd7FUZcfVsmJvicTjmwHytyCJ0f+VzoKpe+LsvhlTYldnG4C43tKmjXDhhnIqE1V8=</X509Certificate></X509Data></KeyInfo><CipherData><CipherValue>msGiar1oSAV8ucR7bRr0LxQXoURpYD10M/NW4Uo0WHqXaSCCwqgnnifUXPzB17VW8UtaCCSsUQss9TZVEIor+U1PLEEqfV7/b2TBvcsumyXk/W888KxB6U8LVxfJ2S31oal2ErJgmzbBNm9fBfAgzkZRUS2OHq0ak/fPkcdkV75+hmzizmpkYByZo15AF+wMFNMxXBHH5EspvX8CMFCbw9MgEreqFl3BsvzFzPQeaMQYjl63HceZTIjueYjkaJBHfTaYO63Bjgql1q8wSMnoH8ls/cr+o0U3EYVI3ErabhMjVmDMOIuF5Gq/uBezEXhJyzWFU2Hr948ucrhCTwn0YQ==</CipherValue></CipherData></EncryptedKey></KeyInfo><CipherData><CipherValue>jW2lTGMOYys/maTp7+XNNKmaCLd7vLY+L1UlhdayaerIHbsN+WgfR1yMikRVu8zUuqmP65c1y/sQfm3Xj/Nep3KG246W4bC2WwM4MwTOTZHr09cCHyxGg7rhGmi7nDmP5XSMt3RDH9fB9qlc7wIzagUUzOkefBWZsqT0nEZgxLj5SfLIUgzuk4yzrtIIo3C2353KKT0wOvQXwOzZLqc909ahBhk6aluHg4DQ7kbxJUvrw3WHsPfgayknzc5JbNFHi1iUeyG4WviwrM1/k9DFMOYIAbfbh/QKei8impQBku025m3PUxmIsgv2ahslqnKAaGz57hsqxck2wfUX56/lI/8HzwcDb7MnB+eXQhrwY1RRNmcsd5EQUpI8ACu+YD3PkV+dHHsRoW8pLEHYpqE3jZsgqIfHiNWlE9AtQhNhzxUOCVrm7gCPLbcqI3CRSaiXfwyMQcvArsQKl2keMNltIbHjJi3efpeQqCyto8drQCFDQl9dID08qtoJVeh3eT/+JSINk11lv3fOFd1a7zZaljGwmSAnvIqdk/ep7dE8mCZOcfsfKZAxCBO5abfrarV5IUgHxdRaD6DrkonCwRPpJOj8OMZcOtVIs15DXNhXapEME34oYOvZSEIVlZbPblcvK84DsYd0XZVTW49Ek6gRSaJp2jNTZ2MKgioNuYnOPCfyJVqr/TB6DzQzRRY1iykYLSTVR0OExcYyqEv7kUqAJVz1UbYt6xGyUnnc7P55CEtv9p88+GM0NVmffoUN44BB1wDzE0EuJVvSP0j6+tVzXNQQuNj09NZmdzjPr22aOQ7MG8ByY4Yk5uyC8PGXtqRZP+UkTbsYTEic9AHKowYbOpxclQtQOTFsl0jKUTI07qJz23JqDyRbT3RHlLbsKkHYPbIjsHtbFwtzZYzP7oyfjkxSVXgx+hUpycLZIJCLe9U2lIqa1D5s9uEWUxeeR5NkORKOMch7yMVkfrkc+ryKTte3iDvtQQAmIOUSW189Gxo+OFuoAEMy+DKki4s388fW9iNZviMIGRXYRF1IrmohkjGjTLYvyO1/A/mQVzGGMwju5KOun/kSBfcBYf0TRe9nozA7OCXU3bWN5tCZDrqfsPoXSIlAmq6Bl8Kab19BYiuzgKrgOZnCFrEGOgK2z2s2LNuxD6BzTO4bZtR2N7nYUYRAItAq330YKhalZE3sWBhXxsInIkXYjVzfDewi1ApWERU0Fck4sW5iYAk4UlsCgZDJ3XSEK6trst1AFtsnq+HiT8Ric7RVqKKxfiTQcSJPevLr3SfCSmxcTRLqNSFFKrzrwJV90lXHP1BbeYf0cMW7SYvwE2Fx6SfKRCtW7st97u8Nl/6ATFC2G1sQpaUov4nImopuMr1umDxxeg+ssmzepHxPVZCeVaHLS04ZkXdOKX5g9tTDO48aORrhM4wdfb40JXjXpOlHHCj09C1NBO+SJxKGHAVanuJPQ+GUyxfczCJaiWDtEK6zY9JOvMZ3hBwNxB6ToICvp6mloBuZSTG9V7b6aKwdkJWQVzbXmnAx4wIYy6/zCBhtZlVR9TP+g+Wrv8Dq7roURJ97sBUejqmjvCs3A9H07jW0lGw2jIy1vWgjYlsJvqgK7WNxAc4MzK8V77rIr9wCOl1pTSlbgt4j/3L/5uJCL1wMHARaDLGZkpoUIaN8b2oEst7f3lqg7ScWokGnfoSAVbhfbbXfwqqSOkAFSdWXjtMERmkBep4Ac+mV9PO/UcWTfC6GRUferTcurzf5IdMY3x28EJqFpljlOa6yBMLK0hKfUkfJdx36QLup6FUTdfkPnle6Rip5ATkecoUc8WxpWQqDB6dhoMVdHp4rSCCGa7IbNSRAuBTnpIvWF5TLr++udJUEmqyQ6SXqe9n/D5HwQ0YAa0djboXjVIC/BSJ+TluTmgog++ueCg221JBgwW2w+VxbtTYFK1MVxdeTpR4DIG5u+IhMCYxHVPCTg3JirLItEXL9GVnLrTCIaxUYL0O8Yb/cA32AFt5PSwCAihiGtgKL+TfM5JhSiaLE5Pm/ho4TD3cfMOR8TgB0y3ONFpPdcBBTeNbHYHbXqMKU2azgm5U+lFlngbSrgu7jamA2HmD5AzJkkBXIyDRBWkPZEb4QIs8sTxvo2L2sMBgoPF8IoLKV34FfVnC7UQaQNqWYAC4L/xj9fnBtgR+/FSWvOLgzfKxAo8FwirkITRTU009oQwW59a6bvvznJ3Wgee16zTxWcKvLTSL42YQZp0dBt0FdkNp0z1nZP29DdMsln9jzgXHHc93Z8YmQ17NTrU+JPYP1PPj7dcBWdhJ2xO1BSb6zRD0AmR/U0LnqpqSh10resQb44oWZTjHYMOgPSBkLVnabGOsADOVJuxzIqSTn024VrPBLiLv0Xys4zyso2TFy/zBjnrJz+cxAxXkdD8d9F763QV7p/8mceu/pGsbUvm+GM6EOeIpmiK2qlFaCEtgqhV7Us33SevY8tehggPw3GNOmVJQr34bsKzLo2DHGRnmscGrSzrxCUZlZWJTW45npoYbAJbW2Duhy34BrSBaj2dPiGOMoO/qL/X/t8JhdGgH3ovsZQYqDJZECucBTsk2FO/12xa+4bNtxtX3TICb17SxvlsVOrACCh/M2bZHLvR4IsuyrVF+i3HoWg8xkzwFLhR6bqaKgOZNzReBB0S5INMkCDQvKs4xwt9zOXFsXXgXKL8+2hL5R/lXX6CSc9QxQ6FD7wqy7FM0ievtSKILlugCXZ2hw2xGxsgB1mFFbZKp9zJ0h+QvlzTsGPc8FsbebJUidkctdLD65H85kChvm4oMHEkKdKi4rOdV6eNBeY5YiBWm2PxdLI3s1G6esfZFgdgl3Qd4wZycKJtnu+DcSUE0CaGKN+Z1kuyKVdmUhNT5yNp/YwEDRqnZHfVoNwuf047xnFAXditnY/GuUi2QIkg3x/BOVPjAjZPGIQxhwC5F6OQ922KqluN0ewyjd4gBeCS4h2Qptev0TqOwl02F+EUkrUHN4rt1OyVblL1g4ZjrqNpHZdt40QjzlI/vQ6KBydAwz/VHllXWd7braqU5uZX3rNdyRrJim2AjG/wV+HYMAcnkFGKSD/o9eiA/rdt+hWuLp8AkpmrE=</CipherValue></CipherData></EncryptedData></saml:EncryptedAssertion>
</samlp:Response>

Public Key

-----BEGIN CERTIFICATE-----
MIIDizCCAnOgAwIBAgIJAJd0hkzFSivDMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNV
BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
aWRnaXRzIFB0eSBMdGQxFTATBgNVBAMMDGJvYmJ5am9lLmNvbTAeFw0xODAzMDEy
MDE2MDdaFw0xOTAzMDEyMDE2MDdaMFwxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApT
b21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxFTAT
BgNVBAMMDGJvYmJ5am9lLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1JdaBh5tx/FIfQ6yFj9eDSW9PBYnzATToOgCjPi7eP+LYJCS1okxqgiAfS
Ol+0+FE7NOfmG4RCRSsEt/wijF+cThqRwa7XiBnQO9Q0eBu/GOqwxNZpMi61Fh6Z
Hm3R3lPPHhH6oq1/E/jFo5Mn/iaTIUYTDNj5ZJuRO3x3ojHpRt+yWomVWpC7AD80
CaP35xSwo6SssVUxHgN929F2pYhVR2Uf4TteLFtxQ3XuhMxU6bl2vEdOowtclS8O
8I6ajEFHV8EU844M4Lzdxrqy+rz1ZtrxF4WRRF0EVa3MsmgxZYegqLs1b1hJcRZE
ie6JfTNDCO64cNhDm2pTcSOzCosCAwEAAaNQME4wHQYDVR0OBBYEFK7MXZSuhAUj
4MwJ6GfvsfRhYGkqMB8GA1UdIwQYMBaAFK7MXZSuhAUj4MwJ6GfvsfRhYGkqMAwG
A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJTYUh50ZKEgCE55R3RBQNeG
ofDmY2rOO7LV7KbtfoekBs7UgmBhk4GBxw71FoIp5dHJRs2S6KQ21UfbFfQrmdno
rlzIFH5A3yzojZs3IdHDJfebxlWR0+g8lc4aIjBevmzZ1RMGeyifDqubMVHlLdip
tjJCxMKfwEzfav+zJx1zrWwloikeeuAiJLwpqmcS3wBYJApt1dCqpgiJo5/jm6XB
i57dtu90LkKPE/4G5qBov3iI1qL+aPtP7GwzDvCE18NDRLnS9Q8TJTHA6fVhsqBd
7FUZcfVsmJvicTjmwHytyCJ0f+VzoKpe+LsvhlTYldnG4C43tKmjXDhhnIqE1V8=
-----END CERTIFICATE-----

Private Key

-----BEGIN PRIVATE KEY-----
MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMzg2A9FnJ2Mh6Wp
VJOhZY9Mh7Q64PAKRc0kneDnKmk7VX5D70IYcwofsHb/KnXhAlwTuTjcbuocfdaN
0fs1rAKx/zs4nLpOXHvYunM8N2ImQ9mCtoREf/bHBRXD+DrzmiC4sOeaU/34eCCr
epn1oqtTxJ7rKfRtVm2ZCA20X8EVAgMBAAECgYBvdng1vtKZKGZ4K2q3Mty1HJbL
6CiOj5gwJpa6UCnTvJMjscQOeozD2j/ATcyE+1i0TYq8s7ioJ74Sp2+xMx8UEv6M
1nQCOBUXk2j4oIiZFAd6nAPTVCGZ01JGQtBA1eMVmxL99K+/tVq0zBc4G26f5W2u
rFyXPdMDYkoLSj9BoQJBAOxy10PepTSs1hF8coB3Q5t1iPHiGPvsAMLg+f0o8+i+
pgAPCCepx5jSR6oEyqEFpcdlPQNUi2GkAsB3nihvFq0CQQDd0biQbQCAIIEFS1fH
c737buzGk1SlQcIn+4QoWjRLbUr1kjhsfC+wOZ+pQTkFfEO4B46UKC7r2FGT4MZd
N2kJAkEAjiZclEj+OTTPXaPbkrAgzQ1UT1cGfi3cJ0zp/fDo8jvrwI1I8c94V7/T
pbtLtpKWn9GVZLMnOIRJwzwmsVhX4QJAJl1qhZhEuORmTEsesIGFP2KNEz9SKY75
DL9EuVH4r38EsvqKRcEo4lrlEXoVaax3bfHoqBlXHDV6zo/W3zKBOQJBAJOvMeyQ
z4TymQq+97fXrD1DfyVg70v9DlG3Vn94S7RlMuP/7PrjNwJF8LmzAO0yO6Olcksd
D8Zn+OuaQTD13A0=
-----END PRIVATE KEY-----

Upvotes: 1

Views: 778

Answers (0)

Related Questions