I am trying to decrypt the encrypted assertion sent by IDP within artifact resolve. But I get an error as :
17:01:55.734 [http-8443-2] ERROR o.o.x.e.Decrypter - Error decrypting the encrypted data element
org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size
at org.apache.xml.security.encryption.XMLCipher.decryptToByteArray(XMLCipher.java:1756) ~[xmlsec-1.5.4.jar:1.5.4]
at org.opensaml.xml.encryption.Decrypter.decryptDataToDOM(Decrypter.java:585) [xmltooling-1.4.0.jar:na]
at org.opensaml.xml.encryption.Decrypter.decryptUsingResolvedEncryptedKey(Decrypter.java:774) [xmltooling-1.4.0.jar:na]
at org.opensaml.xml.encryption.Decrypter.decryptDataToDOM(Decrypter.java:524) [xmltooling-1.4.0.jar:na]
at org.opensaml.xml.encryption.Decrypter.decryptDataToList(Decrypter.java:442) [xmltooling-1.4.0.jar:na]
at org.opensaml.xml.encryption.Decrypter.decryptData(Decrypter.java:403) [xmltooling-1.4.0.jar:na]
at org.opensaml.saml2.encryption.Decrypter.decryptData(Decrypter.java:141) [opensaml-2.6.0.jar:na]
at org.opensaml.saml2.encryption.Decrypter.decrypt(Decrypter.java:69) [opensaml-2.6.0.jar:na]
at opensamlbook.sp.ConsumerServlet.decryptAssertion(ConsumerServlet.java:119) [ConsumerServlet.class:na]
at opensamlbook.sp.ConsumerServlet.doGet(ConsumerServlet.java:85) [ConsumerServlet.class:na]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:617) [servlet-api.jar:na]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:723) [servlet-api.jar:na]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) [catalina.jar:6.0.44]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:6.0.44]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) [catalina.jar:6.0.44]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) [catalina.jar:6.0.44]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:563) [catalina.jar:6.0.44]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) [catalina.jar:6.0.44]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) [catalina.jar:6.0.44]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [catalina.jar:6.0.44]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) [catalina.jar:6.0.44]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:861) [tomcat-coyote.jar:6.0.44]
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:620) [tomcat-coyote.jar:6.0.44]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) [tomcat-coyote.jar:6.0.44]
at java.lang.Thread.run(Thread.java:745) [na:1.7.0_55]
Caused by: java.security.InvalidKeyException: Illegal key size
at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1024) ~[na:1.7.0_51]
at javax.crypto.Cipher.init(Cipher.java:1345) ~[na:1.7.0_51]
at javax.crypto.Cipher.init(Cipher.java:1282) ~[na:1.7.0_51]
at org.apache.xml.security.encryption.XMLCipher.decryptToByteArray(XMLCipher.java:1754) ~[xmlsec-1.5.4.jar:1.5.4]
... 24 common frames omitted
17:01:55.734 [http-8443-2] ERROR o.o.x.e.Decrypter - Failed to decrypt EncryptedData using either EncryptedData KeyInfoCredentialResolver or EncryptedKeyResolver + EncryptedKey KeyInfoCredentialResolver
17:01:55.734 [http-8443-2] ERROR o.o.s.e.Decrypter - SAML Decrypter encountered an error decrypting element content
org.opensaml.xml.encryption.DecryptionException: Failed to decrypt EncryptedData
at org.opensaml.xml.encryption.Decrypter.decryptDataToDOM(Decrypter.java:535) ~[xmltooling-1.4.0.jar:na]
at org.opensaml.xml.encryption.Decrypter.decryptDataToList(Decrypter.java:442) ~[xmltooling-1.4.0.jar:na]
at org.opensaml.xml.encryption.Decrypter.decryptData(Decrypter.java:403) ~[xmltooling-1.4.0.jar:na]
at org.opensaml.saml2.encryption.Decrypter.decryptData(Decrypter.java:141) [opensaml-2.6.0.jar:na]
at org.opensaml.saml2.encryption.Decrypter.decrypt(Decrypter.java:69) [opensaml-2.6.0.jar:na]
at opensamlbook.sp.ConsumerServlet.decryptAssertion(ConsumerServlet.java:119) [ConsumerServlet.class:na]
at opensamlbook.sp.ConsumerServlet.doGet(ConsumerServlet.java:85) [ConsumerServlet.class:na]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:617) [servlet-api.jar:na]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:723) [servlet-api.jar:na]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) [catalina.jar:6.0.44]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:6.0.44]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) [catalina.jar:6.0.44]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) [catalina.jar:6.0.44]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:563) [catalina.jar:6.0.44]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) [catalina.jar:6.0.44]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) [catalina.jar:6.0.44]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [catalina.jar:6.0.44]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) [catalina.jar:6.0.44]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:861) [tomcat-coyote.jar:6.0.44]
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:620) [tomcat-coyote.jar:6.0.44]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) [tomcat-coyote.jar:6.0.44]
at java.lang.Thread.run(Thread.java:745) [na:1.7.0_55]
Code for Decrypting assertion:
private Assertion decryptAssertion(EncryptedAssertion encryptedAssertion) {
StaticKeyInfoCredentialResolver keyInfoCredentialResolver = new StaticKeyInfoCredentialResolver(SPCredentials.getCredential());
Decrypter decrypter = new Decrypter(null, keyInfoCredentialResolver, new InlineEncryptedKeyResolver());
decrypter.setRootInNewDocument(true);
try {
return decrypter.decrypt(encryptedAssertion);
} catch (DecryptionException e) {
throw new RuntimeException(e);
}
}
I am getting error at line:
return decrypter.decrypt(encryptedAssertion);
Guys please help me to resolve this issue. I have been stuck from past 3 days on this error.