如何从ADFS解密XAML响应

时间:2017-06-29 11:50:53

标签: encryption saml-2.0 spring-saml adfs2.0

我正在使用Spring SAML进行SSO并获得成功的响应, 现在想阅读回复中的声明, 我知道Response是加密的,请你帮我理解我们如何解密它

请找到SAML回复



 
<samlp:Response ID="_17222aef-2970-44d1-aae6-1c25187c4319" Version="2.0" IssueInstant="2017-06-29T10:23:12.036Z" Destination="https://ssotest-1246771484.ap-south-1.elb.amazonaws.com/ssotest/index.html" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified"
  InResponseTo="a351b3fi19a2024838868e374da59j6" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
  <Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">https://yyy.xxx.com/adfs/zzz/trust</Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
  </samlp:Status>
  <EncryptedAssertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
    <xenc:EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
      <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
        <e:EncryptedKey xmlns:e="http://www.w3.org/2001/04/xmlenc#">
          <e:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
            <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
          </e:EncryptionMethod>
          <KeyInfo>
            <ds:X509Data xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
              <ds:X509IssuerSerial>
                <ds:X509IssuerName>CN=apollo, OU=R&amp;D, O=RM5 Software Oy, L=Helsinki, S=Uusimaa, C=FI</ds:X509IssuerName>
                <ds:X509SerialNumber>1357039681</ds:X509SerialNumber>
              </ds:X509IssuerSerial>
            </ds:X509Data>
          </KeyInfo>
          <e:CipherData>
            <e:CipherValue>f6yX7d1FF4eHtj79WRxJ/xga3qhUASk79sTHWDfKW/bHbIGL+UVwBIdQIh21AMbLN/1cgiVCps7UBAoaipew7JQCq1EYQR/ipFO7Wcmoqs5V1h/KwBgNdhT/L/TqAacIz9QoRPkNhxsDAKMvdj9wwPZhYHGvqC1cFgrMZjMS4r1VlF2qh2TgQVgv9PjA234dZfNLTUmu1WNRjs30mtcZAZtnwB8A6sUwQsJCSfKfXoTcEAYrD2Am+9FQdHBnrZ3HwtH1gkbe0pAYtEPqX+yzRm7wtsMLj9F4+PoE1Ax3Ju3kpPiV5u1au1CCJG8CzuxbswFII4npKlwjuKm9y7A8YA==</e:CipherValue>
          </e:CipherData>
        </e:EncryptedKey>
      </KeyInfo>
      <xenc:CipherData>
        <xenc:CipherValue>ACrn2shusd+psIv2ITQHz8rsc1JVUk0pCspUt1r4vJVdgP3M9+5Lm8b5lBlY3WeDti3LhCGaHAK+VKkugls5HpHppwZ+WQF5NKJIEpxGw0N8RDdzD5tZp+iF2v+1oCsuX6r72r9sXSaL3hoZ7xpoNnspUvhIj5A2bxUt1/l5I+i1CQYbeoX9ATbOCGJ3mEuHotEy6ZAOlrLUISUGLUFWY6MnrYuArYPuMndcZF7a3OwsRA6H2Y4Rgx7gKqmGJz7hUD0tL7VTyn5p6WVaSaNudfjjDadF3VI2DJDPShLUDXhejFEcKN6twaSK4uUltpxmWqGb9mb/RB4+aCbN22tqwQptJOpqE72e7Bm+EbdSMoR0y9fwoAzuKq3X4JSJhN4oBH7FQIimmHxgd/+6m7bRJbbrEnRqu4ndEZJ9f17dKg23ToVB5fERjzvtQh2nOP9laPTGQJCYu5eJ322DXs6Cj1cf7D9s6sqPam5emyFMHnEb61O3PiT4RZ5j5t9VQe8xs9IFiL0LcAr+a0e2mN7Wa3w/9O1PLmiub752757P2JmQm+Gkx/XQqe4GknxEiOC/cHV4C5fTW5e8tGns3dgpvkS9/Pxk8EdYWTfK87ZRrslG5ZkBQSNA3+fpw1yMdYF9HQFpfWLgFpbhLi1Srn+f86dM+pRuXG6kKwnuzzkB6Kq6Rokc3eHs2h1c9YGFfQLhD8BPsjnUM3Hd4t/8kVOP4Oybd1pN/50HoMdv4QD52a8UaWs9h31tH7ikdbBf2gRnOJ5a/hKddVBX+J54xlT1fx8XcTLJUHGh8E5YdrgsN1iQEEvXkp4B/jwiw9qd78+SIZx+8I2Yty9Ng2LnyAdskHg3jZfXGZD3UjYjsLjE6zSXr4Bq6s2qURUBBIAqBmTsWmA4kok6KkTrPwaTba4Ynuu1AZPZRPtSYfde9u8WH4RFBSXYOps/2x9opHrxyH3L45p1g3RjMsJyEbbO4oS4XwjSHeTZLN329jFHNuqLxCmbfA9CdTUjFsUi9bMPC0Cu0L7SmTiu/PJLaBTeKv60v1xYwcKAjTOwj0fNeIs3edH9adBco5C5Nv9OTds1IOK7udw7p50ZZ7jupk0KdWCTopxrKLU4Y3SFFA5gxMu4L0tLLzSjDVDqHUl3SlQe9MLmOB0grAZZcNbDLFJH8JPPrDkw8uOvjVSJSOwgxpJL6+UqvPHm/sHGsqhUbVUd/mkxBVcvI/hbHq1Mbnxf98/2rdPvKzJBDlwqOH+o2HTujc0cl+xhTuI9tiKgtzGSSKsNQR3fJi1nIdJdViYEeDgtCJAjhTCBiToLQYijxgzoFxdgAeP8artw3Jw8qCgeFgeq9q5p3i/Xq3tlgWltMkVKdpnc/LyIlvdOjpKs4STkcoqXa02Tm9EkJwLNvyzcvBJ0LUY93vi+Wqdy/BlCFsJpma8wbvqsXGnSrdgAYVlsB8vKJTxgnyxGY1aEP2zGqH7pCmYgVKm1tjG6DGVjGaO5rKdjYmCH35gZ3LCgkJ7BvOpv+SrEBpBIMjYl9d4Gda1jMD+YL4bH9loGb8v2MKGXK9eK1qCPlKIZ2JW1QSQ7J0pJF4M0pK1pkm1FoElZICmVDlHWK1BHoyHKvC8kGwWMntGYwOCLWpXEoRx2e+T7WIZ/+OJ7fAVfMG7fv+i1JiwXILylLO2FjE4YVrtPx4npiUlSEgxky0NvRlqiLn5j+0fnK19qZE07B3Anq7oVY7181sDEhHz7gZJRcgpGtrWg1Ai311ITiMbnbolXN0zg2svH1u7dtB1+X71sX5icKL/lQHSuyxa6JxP4iWYXu2/9jgpEmiLCadMCRq53eshwIjcbY1+kCpS1+ODCCsAnkFhi9dCoAaRHR3JQYdt21mfOomhbPrCaUpWgW2UnzUYiiNP0+EiyORgpru8jLGLQgG1h9+AMWzIu5cyuA3Q8uR084WnDidpOSKMV1I/s83n641/uSDyCJ+v5M2tjr4BJyrO0Fx4ulgeu0VPrdvPhMzzq6l/KV1LXZI995KMjY4mEFOtHxwXZO+YxIKAxdeSWUaBFPG32dInwyHzODml9K6m79pCYDtQpO3x/Jt7XqeAD92deY9qFA0Gz3uQizQas7S+qLdsMd6qea0a9vkkJnOtZd0P848+LCi7LdL9VkEEZp44txpq19AUlqf8Ocmn99PqFeZ7RV4nKaTMh21uD0kb8TmlFotIMO/K5bPiNA0mQ7+60EBLe9soXijqg50/qPVdoP1xiQq4nD1KYX5Ks7qQw2ukcATvYiQX8WRP25IQyMAdc6zkqxB7eqMIYIX6phElb+0uwfpGTzyZ4PRozR4ns3q2Y99MSDdDgauJ3duantpFIW72o4UpiAwuxR4Fzc86OwKAIK6WjfJNytBmHSMvFax3dV6QJZhUvLOd+Sn0iT6dH8rgERQ9ek4+4hZkHvsraOTxh7/Bi16++aJZrsEf1YyKx+M9NjJNW6mtKRIKkoQCPDgjuk3GE6h/KjUhaR/Vf5QYyYXyZDnqu9S72elP4yPyrYwVQsMkCH7s4ld+xTpuevN90AjxkP8JjNlU8dzOTWsmRuCdT+IpuUB2KWxG8POWTXKfpnn7D512br8Fw2Dmi8nUuQb5Qlug20vDYKuCJuX2mVJhtYFEoHoZjeDmPKznL6hzpdVbU93K8BNog1ssJFYrYdKsbclzuHJN/x4IPb7PSNM9rsa2VOcCHeWz0KcCmhXG4Dd5cqYo7QBORytG2lFvimudlgEGKRWMU7F7cb7StQsQHIiPuM4Zoai7szWuWPauZ0xRcyO2IHvjrWn0RnQE53pXwb3BodUfNdWsSYnCxXmu7SXT7VZeeWQoIWRCzqKJ8eAQ7w/lrHw8iGgUEBgZjKFma3POCQEEdIA8ZNytX+/uP1L1PYHsmgi5yOwgcrNgth2ok84Yl0DESSvJYCfRwZiqNY/N2VIMO/lmWqRQvep05h/iNbEnXbPcE5O+fObFKgltfS/6ob8rMxt0so/Uwq90wTCR/4VUii+CcFvgkZSrsemlB6kSrIxAYrSptz4hsgKwrcMV2tQX4i5VRsmMTxPgD8WgfaHcbqpEJR/L0MW+/8E1QuUtKmmktUWeY3HgHyjoi4yylPNBUmf1w5qeGzwduluWrOLeYjiFRVyTMdEWe2k+2OIuoLsKG9zj+cZYybC9vBM90T1SBJrPPyIpYpUxJHQ2WScaSr1NkfwZwYeTQhUO1tCHPeVMOMEatXLUneeTa5IgWWZL5V1eCCqrr1Plqbbpoy9mUUjHAtorNNPVQfstK16GPesq2irRnZTtgmUyBFvl9TQ6fZnFT3RwglM/Z/KZHrNaloc525lDnHWlrK9ZDB5q72krF3oD1xsaN/14dLsCnNABgbQcT53x519zBHDe0fb25aUoanKyEd1Kj8iAnb0QQQJzRWK9XPr6fuU8x19Dmqr+4Z89b9YDJJJf0OyZJ49ETGXGrV6PEGvrilAmRQo2KWIdxxWxASpzBYUYtrKqSwsvUsGX48HwIwaZbqYp7QNknHRGXBgK+arP3B4NRqloqgjsmwyQDyzkV9OShYbJdGc4vR0RDMwGR2MIkhTi/Tr8QV42lsIPxhOuizJhyKOeabsdIzhLjcQ0YHVg+KawrdbDV7Cag5cdwDM00ez2Ej/JLUHWJ6/Dp1r6LpGSdUWlz/goChgUC//WXrqV7VKyfqDn4HOXx4B7MExYQ6wjgcfxHLF1eQWItE2ggtM5IvlgcgA6hir2IY0ENOK0KcISd3mBkInamA85ehRK+SZaMFvwsQCfMrI5iEfpiMGYvINHtXbFKlwYLf0V0wQynVqksCs9T+667US+8I2+NcHSPeBJpaWY5gAsPlpN8L9LeO8g0pKPEfalayK+FTSaGCxRvMQOhIabXxiF3M9eNTXM41K0IEdIqUDc9WLTbEdIXxvzCCnvJmgKRQr1qkFlSVpP7SgM+tR5+x+6keFp3GHYAYbvGZipkYdAvIHnYIG7rL8Pux+fKWZ0yF5ScGJBGq+uCM91IgWNCnWA1ukp+vO4A2RW5Kjbpei611sjgZ7CJKjj2Wbz6cRj8D4ahlpLAm6ybhxNTxipLNSBOU7SMl9MltDPZ3lzQHssW2vThYLeKXezJ7JSwlAKC1u4x9GwpoQiZsqoQoMqHqzcgGYKNfyktp8sRrtsIBXhnq7hX2eiwDXTFCjQGqvdC8topw1vGrtGU9HsYgdyZR0iVo2lJ+Cifp7JtaDE6mYYkqMUtn2REubl6hpaLnfRzlRv2GTCBGXz04Z/TbY9llhHVpOMsdbD6WpIBH4euFA3No5EplHlaG54bjrpOYWr6A5xx5GU26wvlu7JlAV+YrXfmAFmsocbjTiiM45ah</xenc:CipherValue>
      </xenc:CipherData>
    </xenc:EncryptedData>
  </EncryptedAssertion>
</samlp:Response>
&#13;
&#13;
&#13;

1 个答案:

答案 0 :(得分:0)

配置ADFS后,您将导入客户端证书。你可以在向导中看到哪一个。

这是您需要解密的证书。

我原以为Spring有能力做到这一点?

相关问题
最新问题