I am trying to encrypt a Saml assertion with the public certificate provided by the vendor can someone provide the correct way of encryption. What encryption method is used for encrypting XML. Any suggestion will be really helpful.
Asked
Active
Viewed 1,494 times
0
-
Doesn't the SAML specification (http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf) define this? – Bernhard Thalmayr Sep 16 '14 at 19:23
1 Answers
0
Encryption of SAML Assertions is specified in the SAML specification as mentioned by Bernhard.
The Assertion is then instead represented by an EncryptedAssertion element. To encrypt the assertion you will need some software. From the sounds of your post it sound like you are doing it manually. In this case the OpenSAML library can be of use.
My blog offers a lot of information on how to use OpenSAML. I do not have a post on encryption. Encryption with OpenSAML is shown in my book though, A Guide to OpenSAML .
Stefan Rasmusson
- 5,445
- 3
- 21
- 48
-
hi Stefan Do you know how to retrieve assertion from SAML response after authenticating from idp – moh Sep 12 '17 at 17:28
-
Yes i do, here i have a short writeup http://blog.samlsecurity.com/2017/05/decrypting-saml-assertion-in-opensaml-v3.html and in my book i discuss it further. – Stefan Rasmusson Sep 13 '17 at 09:48