I'm attempting to create a functionality that reads certificates from the Windows store. My setup involves an SSO-SAML enabled environment with ADFS as the identity provider (IdP). I've enabled encryption for the assertion. However, I'm encountering a problem during the assertion decryption process. To decrypt the assertion, I've extracted the private key from the MMC. But on attempting to decrypt the assertion using this key, I get the
javax.crypto.NoSuchPaddingException: Padding not supported: OAEPPadding exception.
I am using OpenSaml-2 with xmlsec-2.1.7.
Could anyone please guide to resolve this issue.
Please find the code below.
public static Assertion getDecryptedAssertion(EncryptedAssertion encryptedAssertion,
KeyStoreWrapper ksWrapper) throws Exception {
ChainingEncryptedKeyResolver keyResolver = new ChainingEncryptedKeyResolver();
keyResolver.getResolverChain().add(new InlineEncryptedKeyResolver());
keyResolver.getResolverChain().add(new EncryptedElementTypeEncryptedKeyResolver());
keyResolver.getResolverChain().add(new SimpleRetrievalMethodEncryptedKeyResolver());
// Create the credentials.
BasicX509Credential decryptionCredential = new BasicX509Credential();
decryptionCredential.setPrivateKey(ksWrapper.getPrivateKeyNew());
StaticKeyInfoCredentialResolver resolver = new StaticKeyInfoCredentialResolver(decryptionCredential);
// Create a decrypter.
Decrypter decrypter = new Decrypter(null, resolver, keyResolver);
decrypter.setRootInNewDocument(true);
decrypter.setJCAProviderName("SunMSCAPI");
// Decrypt the assertion.
Assertion decryptedAssertion = null;
try {
decryptedAssertion = decrypter.decrypt(encryptedAssertion);
} catch (Exception e) {
throw new Exception("Error while decrypting the saml response ASSERTION.", e);
}
return decryptedAssertion;
}