[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Net::SAML Problem with encrypted assertions



Sorry for much delayed response.

Christian Borup wrote:
> Hi all
>
> I'm not having any luck authenticating via a IdP that returns encrypted
> assertions.
>
> Calling Net::SAML::simple_cf with the querry string the following is
> printed to stderr and exit seems to be called.
>
> t    zxsig.c:318 zx_report_openssl_error 	zx E EVP_CipherFinal_ex():
> OpenSSL error(101077092) error:06065064:digital envelope
> routines:EVP_DecryptFinal:bad decrypt (evp_enc.c:445): ? 0

I need to see more log. My theory would be that there is
some confusion and it is using the wrong private key.

BTW, what is the Net::SAML version you are running?

Also, what IdP product and version?

--Sampo

> If I save the SAMLResponse the file xmlsec1 will decrypt it just fine
> (after base64 decode, obviously). Using the command line:
>   xmlsec1 --decrypt --privkey-pem /var/zxid/pem/enc-nopw-cert.pem
> SAMLResponse.xml
>
> xmlsec1 and zxid are both compiled with the same OpenSSL.
>
> Clues anyone?