如何使用System.Cryptography解密EncryptedAssertion
身份提供程序使用component pro的function加密Saml Assertion
Dim encryptedSamlAssertion As New EncryptedAssertion(samlAssertion, encryptingCert, New System.Security.Cryptography.Xml.EncryptionMethod(SamlKeyAlgorithm.Aes256Cbc)) 在服务提供商处,我试图解密断言。 但我不能使用组件专业版。 我必须使用System.Security.Cryptography
- X509Certificate用于加密和解密
- Aes256Cbc是加密算法
请帮助我提供一些有关如何使用X509Certificate和Aes256Cbc算法实现SamlAssertions解密的更多信息
private class Saml2SSOSecurityTokenResolver : SecurityTokenResolver { List _tokens; public Saml2SSOSecurityTokenResolver(List tokens) { _tokens = tokens; } protected override bool TryResolveSecurityKeyCore(System.IdentityModel.Tokens.SecurityKeyIdentifierClause keyIdentifierClause, out System.IdentityModel.Tokens.SecurityKey key) { var token = _tokens[0] as X509SecurityToken; var myCert = token.Certificate; key = null; var ekec = keyIdentifierClause as EncryptedKeyIdentifierClause; if (ekec != null) { if (ekec.EncryptionMethod == "http://www.w3.org/2001/04/xmlenc#rsa-1_5") { var encKey = ekec.GetEncryptedKey(); var rsa = myCert.PrivateKey as RSACryptoServiceProvider; var decKey = rsa.Decrypt(encKey, false); key = new InMemorySymmetricSecurityKey(decKey); return true; } var data = ekec.GetEncryptedKey(); var id = ekec.EncryptingKeyIdentifier; } return true; } protected override bool TryResolveTokenCore(System.IdentityModel.Tokens.SecurityKeyIdentifierClause keyIdentifierClause, out System.IdentityModel.Tokens.SecurityToken token) { throw new NotImplementedException(); } protected override bool TryResolveTokenCore(System.IdentityModel.Tokens.SecurityKeyIdentifier keyIdentifier, out System.IdentityModel.Tokens.SecurityToken token) { throw new NotImplementedException(); } }