Hello,
Received the following error while trying to receive an assertion from an IdP:
Unsupported key encryption method http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 Stack: at ComponentSpace.SAML2.InternalSAMLServiceProvider.DecryptSAMLAssertion(Object samlAssertion) in C:\Sandboxes\ComponentSpace\SAMLv20\Library\InternalSAMLServiceProvider.cs:line 411
at ComponentSpace.SAML2.InternalSAMLServiceProvider.GetSAMLAssertion(SAMLResponse samlResponse, XmlElement samlResponseElement) in C:\Sandboxes\ComponentSpace\SAMLv20\Library\InternalSAMLServiceProvider.cs:line 474
at ComponentSpace.SAML2.InternalSAMLServiceProvider.ProcessSAMLResponse(XmlElement samlResponseElement, Boolean& isInResponseTo, String& authnContext, String& userName, SAMLAttribute[]& attributes) in C:\Sandboxes\ComponentSpace\SAMLv20\Library\InternalSAMLServiceProvider.cs:line 806
at ComponentSpace.SAML2.InternalSAMLServiceProvider.ReceiveSSO(HttpRequest httpRequest, Boolean& isInResponseTo, String& partnerIdP, String& authnContext, String& userName, SAMLAttribute[]& attributes, String& relayState) in C:\Sandboxes\ComponentSpace\SAMLv20\Library\InternalSAMLServiceProvider.cs:line 1267
Is this encryption not supported by this version of the library? Do we need to upgrade? The IdP has no way to change the encryption method being used.
Hi Matt,
http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 is an XML signature method rather than an XML encryption method.
The supported key encryption methods are:
http://www.w3.org/2001/04/xmlenc#rsa-1_5
http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p
Please enable SAML trace and send the generated log file as an email attachment to support@componentspace.com.
https://www.componentspace.com/Forums/17/Enabing-SAML-Trace
I’d like to see exactly what the IdP is sending.
Also, please confirm the version you’re using. Did you mean v2.2.0.8?
Version 2.2.* is over 12 years old.
You’ll find the release notes at:
https://www.componentspace.com/documentation/saml-for-asp-net/ComponentSpace%20SAML%20for%20ASP.NET%20Release%20Notes.pdf
http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 is an XML signature method rather than an XML encryption method.
The supported key encryption methods are:
http://www.w3.org/2001/04/xmlenc#rsa-1_5
http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p
Please enable SAML trace and send the generated log file as an email attachment to support@componentspace.com.
https://www.componentspace.com/Forums/17/Enabing-SAML-Trace
I'd like to see exactly what the IdP is sending.
Also, please confirm the version you're using. Did you mean v2.2.0.8?
Version 2.2.* is over 12 years old.
You'll find the release notes at:
https://www.componentspace.com/documentation/saml-for-asp-net/ComponentSpace%20SAML%20for%20ASP.NET%20Release%20Notes.pdf
It must be 2.8.8. The sample project says 2.2.8.8 in it, though. From 2018. I will try getting the log tomorrow.
Thanks!
What I thought you meant was the version number of the SAML DLL rather than a sample project.
Anyway, the log will have the details.