On 03/14/2012 03:19 PM, Aleksey Sanin wrote:
Do you mind posting the full xml document?
The xml, certificate and private key are attached. Thanks for your
attention.
Claude.
Aleksey
On 3/14/12 6:45 AM, Claude Lecommandeur wrote:
Hi,
I am trying to write a small SAML2 IDP and have a strange problem when
creating encrypted saml2:Assertion.
I create a saml2p:Response which contains an assertion :
<saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
IssueInstant="2012-03-13T12:02:56Z"
Version="2.0">
...
</saml2:Assertion>
I crypted it with an AES key, and ebbed it inside
saml2:EncryptedAssertion and xenc:EncryptedData and everything goes
well. The problem arise wher I try to decrypt it with xmlsec1 --decrypt.
I get this :
------------------------------------
xmlsec1 --decrypt --trusted-pem kissrv64.crt --privkey kissrv64.key resp
Entity: line 80: parser error : chunk is not well balanced
</saml2:Attribute></saml2:AttributeStatement></saml2:Assertion>
^
func=xmlSecReplaceNodeBufferAndReturn:file=xmltree.c:line=573:obj=unknown:subj=xmlParseInNodeContext:error=5:libxml2
library function failed:Failed to parse content
func=xmlSecEncCtxDecrypt:file=xmlenc.c:line=648:obj=unknown:subj=xmlSecReplaceNodeBuffer:error=1:xmlsec
library function failed:node=EncryptedData
Error: failed to decrypt file
Error: failed to decrypt file "resp"
-----------------------------------
This is strange since my assertion is well balanced. If I remove the
closing tag of the assertion, making it invalid XML, the decrypting
works but produce an invalid result : no saml2:Assertion inside.
I then tried to insert a prefix to the assertion :
<saml2:Assertion<saml2:Assertion
xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
IssueInstant="2012-03-13T12:02:56Z"
Version="2.0">
...
</saml2:Assertion>
Yes, perfect non sense but dectypting works and seems correct, but
when feeding it to a Shibboleth SP, it chokes with "Decryption did not
result in a single element."
I am lost, if anyone has a an advice ready for this case, I'll take it.
Claude.
--
Claude Lecommandeur [email protected]
EPFL - PL-DIT - KIS +41 21 6932297
1015 Lausanne (Switzerland) http://slpc1.epfl.ch/public/Claude.html
This signature intentionally left boring.
<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://kissrv64.epfl.ch/Shibboleth.sso/SAML2/POST"; ID="bddbgeeefepdnxtwdajdejyonsmckqdgmbyjgiw1" InResponseTo="bddbgeeefepdnxtwdajdejyonsmckqdgmbyjgiw2" IssueInstant="2012-03-13T12:02:56Z" Version="2.0">
<saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">
http://slpc1.epfl.ch/cgi-bin/IDP
</saml2:Issuer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
<ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";></ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1";></ds:SignatureMethod>
<ds:Reference URI="#bddbgeeefepdnxtwdajdejyonsmckqdgmbyjgiw1">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature";></ds:Transform>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";>
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"; PrefixList="ds saml2 saml2p xenc"></ec:InclusiveNamespaces>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></ds:DigestMethod>
<ds:DigestValue>BHgCWRKNV5BdyOmzB+OD/D174Zc=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
FJtSpzLnGUx1VzTLy/VWWkWPkGjnsYADqYAsPVVrij7YY6sdFR0vuZPcwrTmmdQJVH7qmvb/50d8
9wb+Xi7c4g+W3nZdHrjZej9YDHoAiVoUbUMXPdcNbp41dvuMIE0/m2sFaXwotLEP6I+Vm+dWPAdG
9jpwTsgaWhvmhCM3YaBubS2rFPWhLxNuezgE34wAJttAt0BVvJyDf6ZjLtnRxjJ90O/iwBRDk+H5
P8Ii/nt8I/tf8EbrZQVMDULpIAB3jYtj8/t2H9nSS4Ui0ec4Rw7klQjXaHD9a5MHguzwoNKqnnG1
++x7q+jIIIMacliw9keGDKLNLV0qMSfTQ/VyUA==</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIDEDCCAfigAwIBAgIJAIxpSXVsSDB2MA0GCSqGSIb3DQEBBQUAMBgxFjAUBgNV
BAMTDXNscGMxLmVwZmwuY2gwHhcNMTIwMzAyMTQ1NjQ3WhcNMTUwMzAzMTQ1NjQ3
WjAYMRYwFAYDVQQDEw1zbHBjMS5lcGZsLmNoMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnD+GDX1xmKVGhriWNqcJ/FpNSRI83PVQkwL2b+KRaDslt8af
SqxedGBi9O3jXLt9XqVheC7DbFFADUwqjXOLEZpIFA8kLhIc+1R2sYqWh4zxK1St
Tov7zf22zX3yczAVs0ETqfkkUok/obykVdIpk311RGP6KRQ1+MLxBb3QAnVojHuJ
e+86VrwA4FPaYkD4GvFqb0Khlv8TKkj3B0ahcGYKF3U9CsnwI440IBNQTkiS+a6o
mc9zvL+ZVuaO2armZJ/m1FTc+sDUAofAJ2t9wiA93EtNczOTVUN1Twu0EiVqvEOS
c5wmcpGZ/4jn7eMQwM4qO9Flz72abSH6Dbt6LwIDAQABo10wWzA6BgNVHREEMzAx
gg1zbHBjMS5lcGZsLmNohiBodHRwczovL3NscGMxLmVwZmwuY2gvc2hpYmJvbGV0
aDAdBgNVHQ4EFgQUTlvLvUt5428Un5GwBAzhh+y3L5swDQYJKoZIhvcNAQEFBQAD
ggEBAB33uVw7Bblf5ekwgmXj1/Mcpiz/MP7szTm4Jrwc1S25YE5jF+b27zHeSDSE
g9MDKBAEm16HXIScQcEpIZyvsMz1NafyaSFdgzuc91AVmQWrmqL5stuMz48QQf56
n1glHPAvtHfe1mclF5epWTMSa7d/e0fTUkxmipoZEs6zonSeRnH6RmRjkq8aPxET
N3ad6AC7SEz8dQoYtLmWer2EVaDy4jx3W7V6D2F3TWF5AcFsqzVXwZ++Lb7gOe9W
1XFJW3nUxM41Whz2ypWZAbOZzZAERi0xzg6Xje1CpBqbLbpQPw2TF5tAN8SXxNRI
3zhN2IRQpolO/1Y+Gp+1xUVEhwI=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature><saml2p:Status>
<saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"></saml2p:StatusCode>
</saml2p:Status>
<saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
<xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; Id="bddbgeeefepdnxtwdajdejyonsmckqdgmbyjgiw5" Type="http://www.w3.org/2001/04/xmlenc#Element";>
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc";></xenc:EncryptionMethod>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
<xenc:EncryptedKey Id="bddbgeeefepdnxtwdajdejyonsmckqdgmbyjgiw6">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5";></xenc:EncryptionMethod>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIDHDCCAgSgAwIBAgIJAM4wLfqVb6w4MA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNVBAMTEGtpc3Ny
djY0LmVwZmwuY2gwHhcNMTIwMjI5MTMyODEwWhcNMTUwMzAxMTMyODEwWjAbMRkwFwYDVQQDExBr
aXNzcnY2NC5lcGZsLmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApA18rrkCp76l
IuyYaY1oALdYbLI0my9XK6iTpOEnLrJ9AibNESUSHvjzWsUAJw/UI7O2ItUVv0WCxmxgyOYflsF7
TEY1bGGtYy0WiPf9WdLOmgt/jctqy4Bq4cYeePuCowjQSOIk2ouGYFyGzFdFbT9vXpMZ3YtQquG/
CgzGtXsLSd+9DHxa8RUF0WWHQfesMhDwjQvLlhutDqiCwSvm1y0ZAixJUK3rTlmSZjr7Xjp+1T+f
iU6pMXwUuZcp4grHDJMH3NpMY15P84SBb4tS0JPJ2jxYsPoIn4doNBhdP9upLOPo4Wu+JsF7Ed15
it78kJnnuHUwsq8n/sI0VaEb7QIDAQABo2MwYTBABgNVHREEOTA3ghBraXNzcnY2NC5lcGZsLmNo
hiNodHRwczovL2tpc3NydjY0LmVwZmwuY2gvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUV4XiuqxOAo2n
TerZOmLl0jRR95kwDQYJKoZIhvcNAQEFBQADggEBACiEvHGi8knWqeNqT4fuvcyZf7N5QQn3q6Cm
AVLPpa/DsD23pSq1Xf1M0WpzWYGJR3ZeD5jIYRI7IdLISsKMmhAhHaviU3RHqBbQzmDcYIQPe3wv
FfBdHAOM2E85s1I+eIPRbq1nalxB6ZFJosvtF02VpEq9BBhB/clznHbkW0wczESb8b/btD85uQ/U
nyc3Pq7JaaWjub6rUjoZYq8lnGexQZRBCGTLZdvpcyC3K5V2xPCqMu/CLlqOqjODuSqjjt/vmMkI
dgworjLS3C+LiO5FZm91ohnlsIlqbRRuhAeZl8S58xFlOwNkm6tjwb3omICK0XbckUO9c39miiUV
QtY=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>
JJ9EaOT2ZgYTiBb2mVMN+oD7EaY9E918E4+/7uCWevzcGGsMpblqFop08ulHBCVzXcQoXOciinXY
UMsbySZ54PxfavVvHTudAP6FsJMeG5lzNAl2WdgBb6uDzohCWYbymOPXfTLexz2dU2n98fT2sxkS
jQOO3mNJ4Gy3Z86KXAagideVXC8PfwzcBUJvmg3K3BmLuZhLDXwzy38HB+ByWaNsHDlTmJhRyojd
KXbIFwnsHKD8L+BmXSekcDyC0bDHY5A8UKi5KmssGGBMTNIB3HyB9OlwwN2iJ2QIJntEzfGNOsx6
T5drMvaPHD8QAh1vC32/SMtoaFOkoMkXN/elHQ==
</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedKey>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>
5bo3NKAXxmzyQMmHP3o2496IAkMI80+RJdUS4AA1H9UTqFST7JqcNZ6D7Pi6Nxb3xW1+CDpP1Fom
4wAeYs6+0YAFbFQJvf4c4LyhskRmI3okWPE0fe1/+w4w1FQaFLtiUxvEtOWiS33PaM0SVgUaPs9i
7RW1phr1jIdy4PNcHrWk+dI9tJShJx3cn9oQbxEPlKsQwekERZTVHGu6z9jgMDlGcZs3n+VNwmfy
d2ttrE76GHaBqvpBkq0CLIZBWIsmwSNGDq/znKk07pR1XEKLFusILUlMm2S5Hxe1U4r/lDxyZU0y
N8TXiNKaV8uXxiC9VyltB+rZms+NiZ03v/osZPV/XpNzNb691IigtzZA4LoYGJ7NKLj+VtqtwWEa
MWTswfKja8oQKtTDDx3N1AHzW9iNMcGglVzz4sjamhVzt72+IJ0R6Qh+8yi8joMFPCgyga9r4lgf
MTvw1CnSqydm5Ma/2ls/u+JtNF0Irs80iueJqxUZPZeIZgnHMbX+sGnYVdTDUM6Gz/HXGDw/ADAM
tmtYImSxPDOdPi+H9MOPyujiNbO0TfcBZ4Uu3e0BNrHLBwHHfWL6Yi8Ayup2NihWR70QqKNtWo/m
sfjA5+zniswmZPzCPU3DsAafZid5jakqa8iSqNSJaYy4egyKsOWRSgegv/SQti9ZHl9W3ZXidXbl
Xc0XPgceDJMWBoS1/2P6lcoQU+2VMJHjhvHnO2z48/1VxKoFA51lmkdk+xdKn61BCvlrAYy2j50w
5w1sLMsYxC+KUEpMxsvPOWSI3iubt/SHvfbuAMIeqRUXm5c26fFXTpcUDxh9q4oEaI4yKNdl/tnr
Ihbu4RqCKOtdKnKL//TdpiDTCUqJBZTwZxWcZjpBYgf4Z1HkxcuekNHk1dc3zzAxKxBz4MuMpM2K
l6MWcYyay9r+XBkTLp18e+32YA4a/mcXOTQq4fsWWq9CwOHnYMowQPfKfMS1b0FH96+8zl6Zsl3Y
J759bgTCiaavFQ0Iye5i33l2kNHkaLaswRAPAYi2sotTUTub7lBdIMdymX0Rhf6TkW+zA/nRtpyU
6ty6ch4fgH+hzWnlyiwaUKGial8tPgYvK1N4nz+yjUq1LbmiC/eKGOChocxU23n1VFtf+mNXW0vb
Fb20L5fGKS68R4cFHqLJNQVPPVG9IkwVz1Dr8g7s3ckRoAwXKakKAgR3SIE5X7AdcXlhPHh/x+mU
1XCDjGP1Qi/bjHCWGxNuI8idDqbxPj9qqMIJbNU6J0HhZeRE50uJFiicYjk4aDaPQAjJzDsVntJ6
bgHKJ5n1nXPT1pZU5Ajuntzjem/NSUCQjiv9FIpZqgPcPmml6nfPsKAvw9GjPu/W6XdDBhCugMCx
XoJ5bk4QPPk0LOXQADbqZyXOxZnqnrHoVfTIAUxqdf2UBF+uypSkswo7LZKTOPdNfff0qcWlril6
UI6ls4kfZ6IQbeh01fzZ+6Bw+vKfGeiT/7tMcJ4tI5Uaf46ZpXCvAYCeHcO/RTWvz79LqOCD7Nsi
5dvphwrq8p4RwFGCrLzdYgkXHCB+8smfugGs4x34lICocxjdcFYEkOG6O+UEi5TW+8Fd8Y2DiyEz
9vLgMceossf4Pum8bkSRiuwgACCffJ6JAfoocVQdpczvswz3D+u5HFx6zanl89qZQ3Y1ZtRZV9c2
XSF0IG1giffeZ8VHccgxbMnbM5Y+kz4WI8bpj62ngwHIqNq8dGx7ZYFGqW3w93oaG8lT3wOeCl6J
vNQrqiVn8HaZIHtIEf0p4ld6Ftl/lHJ7E7ODdcldV+bNi//vMW0gC8OimzehOBx3VXTijjv0q+gN
6y1jU/uCoHOSaZWW9ZE9+H3AsPyzCyZG1awYtqzgEOY+6NAa/0hc6VYwVP4CVAd/ffFfO87LCHwg
BjdHAu2YDIzUueuWnY+s9qlQyCRVSDZODH+cH17WPtgnuJHbw9LXA1Z0KxSE/GZDgMy9/uzeexm7
XoXOF0Vt8vJPAPPM50mnVbHGbqzwogfjU9VnkE+ILRIc89XklJ7fIddUl1iXkpzs1PoCCqO2JzYa
4tddoFJpBlZro3HzqbixfHS6jssx7HUa3papX+jYC77EjexUI8/2JN34Gcjuawhiv5bNQ1M9vLJY
BXfs4QbQGxOAyGsACVckxhLCwSW7GgijZjG21cQ9gwvP7PCCHwDEO9IcZhz54fbD+Xby9uNLsYIX
UMDjRVRUOrJdOG7/MtCTUuThJC2JAeyswmG+OFVmdIch596dhCddAg+O0CoYqeRgDkws8RJIEQOI
je84dOtDThfsPzJT3MaCylVILre4zqk5ypjHj1w2wnCYtjA+7KVj0bvadFd2g4KBqxSkwkZKsLVC
abJ2kYwJi0liIZqXRdwEw+pxJNljXjoLH9+JgVsvWtJxJiOwP/FAGvEoVGmrE5yUyELr2eA2RaUa
zHLMLOn4TTDlACpmTaioIeUdxXwrdlZWXsySVGU8XEbXngQ2RQ6cPohU+6B6OBhgLgHDYRYXz2d6
wqtym3SZBMl7wYcyrbm8X7gVFZPEdjvBPu4QE6ZzTOIbuAtafTsE+i1KHq4DdxBtgqAPNrz72cY6
bHq5rYFZqBas7+XkMGj3BAGd+imoQYP/O2DHhFGqiMkKJMq51StCGPSzK5+ykvZlkFMQi3M1IrUw
8BADdY4AmMUTXNoffz2k6wdZMrbOqyzVLX/mGJ23Nr4kVfQPp+a6bXCe4jCwEOrnC+2TlOT0tS04
Aw0AqGWG1KdnD1Dhp5kDISEjcz2AGxH9loLP76HLM+fNwews8dGbNgop1NyeLqpHud85j0VnuTKi
lZ3QUph7UHrvSJUr4TdWbEetX5Q9mv/PLfZO+lAPfgN9xleAuTB74/gqJ0xlG903SOTW2rUu+zTZ
b0l7Nf1DI8tLnmDlIQ2eGbdlb+/KmK3ZP8urv3HPhdaI7Rw41mTZ00UZmncdabD/2w44QTI2oDhz
iv3td0Qpn+gW8BJS0DchnDfHAD5GwRifrclTsBxLpSgqpQRLkmPdfetmR+dYTstYfUc+NWvZH75D
pQ/87UJvi19ZlelLmaGaU5mFj9qxljsID0CxdnN2/o3D+Jb9J5H86jyKcoQx0nNLcCi635OEsk0e
Y+tWlvVBNhK4lZ+U/hapW6YGn4diqHAaI/fy0GquKFB88GkYL1sM7jcMssKSngOvJCXs+eMJB/Ho
bOK8RpEZJKHSOtNzw9wEi4KZq7SDVYUzLWpE9MXOaaB1lguAfh+dLe7bs8z9wN3HZLJcxEUpvMIw
zB4rMKCzdkOOJPfEH/4/M+NT/rkBAhaK7C8qBB4tPCKCaVBI838+a6W/f5sCvl3UL+EucThbM7tz
Wi8r+Bx1/At4ufB2Jz5qIJ4xFpG+TA0SLzQwYuUALs3CPCCQJ/LGfGDU6xQYjOQcj5vJC6b40pL6
xeD4UVfPC80dptUTmSz3ECgVifxklJb9pmAAXw5jfT/nIfSxoLkKMnx8ndRkFlDENx/PEigVPtBD
HoB7PTgyhMKgCjPz1EDYd6hKBZBM+4AWZC7CMmOSMgxo8tLgbJhy+FEOgX9MvFBxHG/XGe7fwQwE
Z0TsSe76+TJgl4aFwfPoOw6purlOQ7goWTLPMt793g8BnsCEsFxVRVsj8ZbHNUugq1JVMK0oDaM5
J85sZe/l/TCoQDfgJqYOyQW/VNtBlSXnOWZq+TBcwI8HFdoxW/XJkalVVZDrD4B+AyVNRbHMT36F
jparQo83FR2/I8w6rFqukmL4bGxo8exVBzZiNelJ6nuaiBZ14naTXLb4v39iGp/RcEz9CEEowUPW
Iribkdr82iVhvrWLWoJU7V62lRzlv7GsoSFDSkOXYslvBBxlB+v7zkd2E59ZpRMvulerF4zMMb96
nYa6xmKgfYCec4yxKwHDgkaFeY5ssLLU93Pcwq9UDYCCkEyKq+hiru6nPBsChYX/DjhqHJH7AlW2
bTOW0grQMh6xFMHWApnTYaHr2lXrPEaDsSRG7/AdVSAl8fC5hmp259h3DV4+f/YQ2pSEZDKRcfcj
ZGwSu70JkVmhfiY6bmZcx8L533Glg/de25yeUNHhjQQknpLWuj/A8KiEJS8OPzrR47fSlSIb5X9c
SxQJc9yjfEtSsdNZxGqB0FSSJw0pa0PLEbd/6D+0E1cl1xFjSEHTr+BUCRXgWd+Qs9P3ZOTO16q7
bNoBzaise6AVKaL9SL+F478pLPk4Du7spF5xB5xYgGWXs6vESxwUaTbH2aqWt3bymPjtntD+7zCf
F5IicJ7xanQzHdBdLGetDVoZP7IYB0sAUR/Om/5IBUehC8NCEondy5vtE2E+Y6CDVRF+KymyRZC0
f7Eldyyj4LOZQRTu8Rdxfw8DOlQBiNRrQbGQ75jJ9cCpp1U9TI2suWYxBW32cJuby7TYUrQomXC9
CinaqzBNyBo7ZNhjOaA2sYVZyo3MvYOYGmO6b1fPQ6NiRKirkhaHJfJj2gTw5cw2w6mk93YJibGL
aFNtTKKLxzxsxVVUAzwlD3aEeHowSGrufMwwnscizHOEtMV/DqwW32b31EThxJ+ZkB5CdpRYJcP7
8Y2jz4w/Tdihd0a1tIkKVjb+QnAVKTyw1MQHW0sWoL0livvqKXRBgg3IaS+d0QCcHBC1Kl29B3ka
M2Q30Af6iJAfd1Lw5HzWog00XlxVihjARNupvSxKOaLumfiDFFwF4UIjix7Utsedj1eCggW+lZvH
b3qom8Q8EdaMUpXZJO5Bf+gg7UDUWz1wZkgjJfeOVclFwrjNcYJhKZ9W/ZbceAj3O2fjP5gWC8LH
TF8ynTPyNwNe55MLgZAeNEkXrcz/JLoO99rvMA84R7Wlhj2w3Ygxaj8pm7FRDztJSg+8lwI6wW6r
b3aOgZB6AHmDkAZPMICeo0z2vQFcPYy/HNZd2U41LcKyGa4MiS0hzGNTgZ4utiEq599csoWzkpJf
BwLx2h2yD2jtKTSjCt0a5/gT8bmt5eWPW4ASWHvdzg7Cs1skozD1K8eYQWr8oNWoIRqMb1pi6+Uj
80ioQtd/sbvOnlQCQM8iF6elrBtMPguxArFrwdvqVQS5mSZfQJo1KMyULuImEJVWLC+TvlECP9ph
nbxZwHNEqs5lvj7YwgNVqj9IaKa5TJQ8/Q8fV/lPUf45Zmz6TMRpzJRczp42nz1bEHx9yo6R73qa
HcfXE+DnWrCmiy0qX1z3wnEAk2ZU7j9kGXXb3PYLAP5azcp32ReeK8LdxPkPIUywvNk8Z5sctp9x
7ramA/eXykGVjzM+Evn57Csw6AFZSBHSE55vU0GnfqfAvI2bC7rrUlwvLwUOcw1axtlfGDrSBJeT
IzmenjF0i87RIzUdQnv0T5KpGmNeMAOnZfKXUKVwB0Jq8DhbiDFOYfACr9Fj91k7UC2ff/3GGVsX
5IJ84yGgzfGjzI+STqc5VXGleOh8dmBHJ7jCrIn+sY02KvncUu9Cksjzcs8PmEPS27xDIHGdSZ3T
mB3Ylz683m3VsVy1xlAT4mV9vKdGpJRzQrBn5vspUsjcRmEmTCxUy4IQ8awcs93fCzrBNzC5O6JN
8uXT902L4jsdSJF4X6qpTCI4bUA9Q6KRB7IfBosNsOFTkPrF1cveLrkM6nGTnQKSWsntjTHQfRNL
YlnBm9P76OrBSO7eTp6+PHd0g3zfp0ccNWoCyT/Zm7WvFhef++dQdGnEdj3qNopXmE9jUpkhK0z4
22aydJSOSrCQvdEeICHwBFjMv8MPnSDkvHHpnVedVBL2jQ0R5nzXDu+jZ4QytRsdTMvB4ABvqe7Q
HnveScttnOM8NN2HH9+d2pKRmECyeDtoRquNSqzEFJNGlZYxfbqoiFOH4zk9XItZQRGuYzVX6AYF
naPSLawcNDiXnaJp3Z7LxZwL6la0nJUpdu0KcFdMd2xN/6NCeFCX5HDdflt/2ogDs4BaS6UoIbZQ
t39qCzye5WlAFS+Cnn38DbecCgiWUoFizXdpAOJnfTG45biEiEHSKAHvtognlAXDAKZBb5s48Lsi
tlAYaw4tu2VJg92d68XPmuo8b+ELypYax59qXmY1wUZ+pmXke0Z68HvKtByqctFVAqXytXFW+XUh
XEGeijyxT0wo3XHIr3WqQm2Q3scYJt1QzNB/Krgn3erRfARWRp+SOgWqyyWuG9+wu/doE7cN3rhi
GVJTcK+d796PrwdA2okJ4/x6VRDm7ybcMX+/y2lNsJoG/PQQtzTns36A3Fq2xwzWuz50k9zLle2v
4kJbUkm54pFJ3Q6J11xPR524/tvrIA24NIVAOCN0IhKqUGtVsYmhQ4uMEtcUBR7cRWipZXzwe5lE
XPddgAgJUzzbGxXGUfIecIZgIsILHPZLA2RbZvp+vHMjUPL/IrS2WYpMgJ63jC1VQDIeOz+qKQJx
TbeDAEnZsbQKF/Jqh271DZCejjMnq1jVwCcK5Okx90ChS6sUa5rX/dgIazgaTB11WggfSNGDwvYz
DLg7KwQWexxDy0jiay3Hgy1lavvD6DESh7bh60H24iBqwxl8c/auEdv1bnD6JLYFOIaTmfyvRkv/
sEwVOs0AbJ7GSclPmPXcevGdg9kKCxP4VTYHnbxZm2WSaL1O/qf24QbJHjAemR0m0adlA/NrXuBu
zwzetiJuhImQtg8mq7/8lFnedzfYEkFUrDEIcXVTwm5tzDeLq2HonNwwPcsfpckjjwArbLDz7PGX
KfB58TKp0ZczmE8qG462tch6/vHXnIQjFg7SyTeZNgwCFEbbZDVBjue4XOpi3+ns5RY2p6GeA47Q
BizdkR0T+74JLLBfseDAN377XMng95Bk1lsK9FrGOHqJBIZ6+DrL1ydw2W/rtkbNu2epY9/B4rlI
cmTdNxrYvvGpecpBzvcoVjOKo774zTMKcF+pOetciU3l2gBZMvIjsjhDkJSQ/xL7D1S0XytAd425
lD9PImBPO+e0lOuCfSL7cQswWU77aEKPUYe9K7UEvhvc/oKSY8eAMuWGlmen8molgwm7W3KMagrx
pbpH0mXe5WgMmpuiTJ9jODgx6NHS08Puy+R2M/XJIN0IE6KBrUJFpZVvyBWcqHjMs6b6nIjiShhQ
31B0FosQ+0pWc+v4i5B5B1urKdmjZ7J6BIcYFgGv0VvSUyxjWcZfyqWt2HsKdTQkXXSy3asqrtJI
zBMnZE/caFvnph2U8iCb/I6uWcgGb1qPBcYwK2CrZA/rNSyn8atFksa3OwaSl1uJHOIzUA1VeeEo
wKRX2i9yZUI79UqqoLH5cbmW+r4anzTOdOIlzViJq3EvyCpDh01voRTwItqnLAgLdtzi9wonzx93
zS2dBzatOi+0sGu+CrN+V7kKVEBpOqyK0DexXO8adtw5bzusdKe1t3Z3JsrcEhNT2QVkCVC8PyK5
gNix392qp5KrfoxcUH8C30xyqG4dhD1gdQyD06rZpx3cJfg8BiMtzjdQ2fyIho9JBEAlT2RzaE/V
sPRiN4rPQ4d0jg+h8caYOpCYRgzGq2ZRjcRKQ1VW0+3h98tSTZM8V7AmhVWpOLn81mVCivuliuha
yZOw2ACDZb82Wyg0HsQRcj3Yq7bnhZp2F6pDNMZuxHp0OFWQeOMW+NCRkSzpg37ZgWeN+vrkFDUP
sE2hVwlF2BKq0OxP09oi0oD0fY/QB6GUiliNSo5QIGtyvdlEanSfOTLkPKpn7Y7oalu2Oxpknww8
ra7Q9C3W6nDCKJ4H6sRMeDeWkzpnmVLwSRLIigYu6aG+TxDpYF7Myi5ojFvjNPw527jCZoC5g2sN
Vfp6FctMUZ7lWAZYlZZShjqeIOu9woojf7XvB08zJvtiMVM5s/t9V/IAeYPJfYiWf5VaAT6Ki0MQ
cXeNt9kUtnZH8Yto9saKuG5jl1JN5gMrTDpJOl8o4XN7rgVD+oFufU0dwgvNorumZsKDuE9DH2P3
2htNUrEd5Ffvh4r61qt6vT/sSfFIgrFQrS40evC7akKNsMnu59XgukjsDcTl1esy7hPEkRYQ/5+i
Mhzd8R+jPPivMdVRhUB3E+EZir6eyqwbguf7TbQr9SrC2CkXhCvYc0SVfo2p/9/WBY8XuRupYMz8
IZqzEHbPiowyTip7IYHmxP0/MvKBg7229aPEGnIvT4ONTTtHXX79n74r+WxpW1A2pyYMkfwMzG8n
2oRGpPA+TIA9BD988BwmfDvbVKcY3skZ73X5tdikOGR+uvYMnQvo1ntqNhCIreMtKixavGNuU96m
Qepe3pZM6VEcrscCufNHGP/o2ecqp+fbsVf4Absxn4/PdDlmSmPThEglgktAJNvNqn2gIds35f8M
vcI/6vle5tZxAjhOr6Y/JbvfenqtH2MvUw+egWCsnFIaxHahnphQTjZmDvrV+9UhtAA89T2FVDjz
peVD5dAUpcrgZfb09ky4rWnHkgzAiAVhuuJi0Ob3+iIoEBAtmzprXHoSdOe7YXq6DwpweEv4YYck
BmrIhiYj+8iwuwAtKUkwjsHg1ryOGHwUIkrcF1LFXJ0P2Bcpu5he349fZWZLqGcnUOZCKntZpVIX
inVbMx0zBliePt7nNiz5SybMpP2c87HckExJpFjKGzRum9ERcXtrdxenLcfxhkPEdeMbE6V3djKn
Sc4E06yJ0HU/4TOzGuq6WH6I5K2iUYNtG1v4iCCuK202LgP4SxTz1hJSA8jg0ebQyaXDTsqx9kkw
JJ9ufC5G5nVXreXDqX13JDeTTO6r4RkgACDA+MIfOeB/S0Iy4rMyLRPACNhjt4svM8/PpyQAmqKz
+7VicjavJKSszmvUsSdMv7vqsbEaMoagwlCyjnTwAS7mkSpDGm1814BcuorA63s5spftymwcEN14
1+xYFHhbjkurLhYArb7Nij3mhWfRDhw3Q3c/vrpfCpdsV8p7QpAmfUsKG++LZSjrHfjr6uG6rZjK
NIhKWDqE6KDeUmeufw9srZ63SW1nyunYn2GM5TmizYdJYso5mEKY2JOGzYFi+gPyIaZBchtq4rjf
W7Qbhk105y5/Up0rFZRPai0wqTYIMOg4c4WE36HRxhOqZV5WZs9ZipJhLV3IFXPqkfSey0nqr22B
8ZYtecRlBy3sbwkD3JY/6Ba9zACKmnC5MP8AucWdbP7X90A1ctgCLMSVum0ENnI5186A1gyogEk9
/PSfdMsWII6/ePqD1rSWUsV7Rn7JcWI9/Li2TpH2bbmq6G9uFj/k7mjNVJSL1c/4M5CeqB9fpviB
fomN9Dabmxmm2xw/iI9LmfU1Of4RBudEzmRm3g3w7KH4FNle9H+hpK7blOSqcmNJwwjk0w5zNWoA
EcvQi9MINJSx7b3feOc6tpactiUGYmWqGjdxUEAMgDL9TMnA0H8X93At5yaCrhmwwmaLIpYvnR2H
6lgJ+nIFRZRBCkk0W3M/vHLtwchh8Ih2f0oT9R2mLFkhbs56Rh87J6S2qa8JfdBY26Stl8tlUOMR
XRMoeZjne0moNiHByMAEJ0uEkqg7WBzPTbt5zdqH5fg5iSLe1CDpElvUY2kk0LQZN6S0x35If+/k
w/+0VplEqMT6gqJpva5JZNzBhYzbNcT6YeKLkzJiutiicd0mrthU9f5ysWL/V1j57syLg5tJV0nX
mpwEEPBXpSoEDOqugXwHGRKl+BTtOo8ZA6H9WoPCoTYxglzd00KpxOrBh5Gz53Yuv/ROEXWaADWa
88tTrcd3k+JrhBPw/svuJZZxfbO/cd3mf3cIsw+9537IMadCGWT9+8ZFvO6tw7HECgdIp+ryk9lb
L7eNR8CaoLbmR5rZoXOazcDYmrmczZgHOMzbzuXkB70fi7QISQUvpoS2MgvnziQvvkn+qq3ZqYry
dSkmpZu5DLa7mK6mSTzeDghdEtxbHl1Jz8w4BXfk0FqpCcQkxNcAhvS5vjuGABfiquWaR9+nbvsD
bBE8+GrJfjn5S6xTGIzipSXtt+/nH8kHOVUXbyb4rXadcoaxm/6S79VEXcavX/5DLGxcyyMbjYBC
4IzojbFGc2mtjtSUk3FuLG4Ys+b1mVkBauTIuH6/BKWdQ8SSmhAP9fsqPjWUegdWcE5rB7T+qA4A
DvAknFUyJ7tgYdcY+XMV9LL7B3JHD+Mab9++Zf+0cYkxpuw8qMPgE3lFyaigu3SnrlPW2X1BWk/y
Ui9Dtj4hRmggzzV4TevLOmcEzRyjL1bUbJ8szen6kVTJmaPkwi6/ZBfONBvifUKTSHEjenSkqDA2
ca2ryMHAuX/KNbcUjalTq4HBOA+ZK8ucPgco6kkFJlGqRRd80sZjJaD/acKuCc6Xt0KXcgYLEvzD
/sD+f1s5eWHbRST2WgsY7Ei7x602XrrKkkUoih+u1KhSAbIqZpTR8Pyq8EDsVLJ0x1Q5c2JrwBCb
C+KB9CmA/7oyjHB2dxy9oSb5xjRatkSSWEm4gH2oJdkIA0VCAPVqkp+4LNc7JzlgUTbouiggMLLt
iPay4rGE5jSLltbHl6GzZq3ZJmnRUOUGGf6Tnl+hRkp1xLdyVoqHsgDPjPTTZPTB6f3tEfMPh5KK
Zk3Qs4hnNMKLhQnHOaiVdobpl2ACBqmtW2yRspPF0xjrsg7tbh5lcDOKd+Dv+seSIjPjUAgxiIHz
SJUFsC0X6BV8ocabAoAG+ISbrjgUpdIW0+RGTUDaCeGXDLc2bwltcIbZMzAqv1YDU4DvKPqe9zPw
HVfJ71tVmYtGUbuEgo5154I04+UW1KdaW2lyaJfmzHFtWhkA77RR3HBdwr5Ai1JfZEI72rc4DjXn
q79ddUZ6HLVSyz9TW7GBPLL/J4WCRKC1kkiv5o5UaM89EHsh2+Ru5v3X8RQkLa/R0DAI/tcp3wiK
kguhtRVDd/z966JIYnbIMFxXWOLoVlnE6QgyIbhbFqh3wIARE4uG3WOP7zyaEOf82wx0AJIaTL2Z
sCBmAHTZIe/qrwLkBpNnsnufMSW4b+/AzTJNrroQtdV2k4xgsy306d+8gdsz0WVTh1Nm6KpSwoW1
xN+50IgrFbjhDbtJ7i9bQMoK1rikR6s5FOa9BdW5+DYJi5Q/Oa7Vn+B9SXB6YeoTBrvyw69wdH7X
5IkR5i4f+E9YD7rQPqFfRzw+jtmDdfFEq8SAMDkCt1wAnYh5Q5I0YFsHsevySgarCTYQrOm8QMrY
UXD2QvynYfF3wt9nMEKvruFvzo/DST96/RrRKT+TE6cVn/KwkOe/z2y51OdSCGP8unk0ERer0j8x
e0hDk8Mkft0xgYt3re7LI8csZl6d
</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
</saml2:EncryptedAssertion>
</saml2p:Response>
-----BEGIN CERTIFICATE-----
MIIDHDCCAgSgAwIBAgIJAM4wLfqVb6w4MA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNVBAMTEGtpc3Ny
djY0LmVwZmwuY2gwHhcNMTIwMjI5MTMyODEwWhcNMTUwMzAxMTMyODEwWjAbMRkwFwYDVQQDExBr
aXNzcnY2NC5lcGZsLmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApA18rrkCp76l
IuyYaY1oALdYbLI0my9XK6iTpOEnLrJ9AibNESUSHvjzWsUAJw/UI7O2ItUVv0WCxmxgyOYflsF7
TEY1bGGtYy0WiPf9WdLOmgt/jctqy4Bq4cYeePuCowjQSOIk2ouGYFyGzFdFbT9vXpMZ3YtQquG/
CgzGtXsLSd+9DHxa8RUF0WWHQfesMhDwjQvLlhutDqiCwSvm1y0ZAixJUK3rTlmSZjr7Xjp+1T+f
iU6pMXwUuZcp4grHDJMH3NpMY15P84SBb4tS0JPJ2jxYsPoIn4doNBhdP9upLOPo4Wu+JsF7Ed15
it78kJnnuHUwsq8n/sI0VaEb7QIDAQABo2MwYTBABgNVHREEOTA3ghBraXNzcnY2NC5lcGZsLmNo
hiNodHRwczovL2tpc3NydjY0LmVwZmwuY2gvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUV4XiuqxOAo2n
TerZOmLl0jRR95kwDQYJKoZIhvcNAQEFBQADggEBACiEvHGi8knWqeNqT4fuvcyZf7N5QQn3q6Cm
AVLPpa/DsD23pSq1Xf1M0WpzWYGJR3ZeD5jIYRI7IdLISsKMmhAhHaviU3RHqBbQzmDcYIQPe3wv
FfBdHAOM2E85s1I+eIPRbq1nalxB6ZFJosvtF02VpEq9BBhB/clznHbkW0wczESb8b/btD85uQ/U
nyc3Pq7JaaWjub6rUjoZYq8lnGexQZRBCGTLZdvpcyC3K5V2xPCqMu/CLlqOqjODuSqjjt/vmMkI
dgworjLS3C+LiO5FZm91ohnlsIlqbRRuhAeZl8S58xFlOwNkm6tjwb3omICK0XbckUO9c39miiUV
QtY=
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEApA18rrkCp76lIuyYaY1oALdYbLI0my9XK6iTpOEnLrJ9AibN
ESUSHvjzWsUAJw/UI7O2ItUVv0WCxmxgyOYflsF7TEY1bGGtYy0WiPf9WdLOmgt/
jctqy4Bq4cYeePuCowjQSOIk2ouGYFyGzFdFbT9vXpMZ3YtQquG/CgzGtXsLSd+9
DHxa8RUF0WWHQfesMhDwjQvLlhutDqiCwSvm1y0ZAixJUK3rTlmSZjr7Xjp+1T+f
iU6pMXwUuZcp4grHDJMH3NpMY15P84SBb4tS0JPJ2jxYsPoIn4doNBhdP9upLOPo
4Wu+JsF7Ed15it78kJnnuHUwsq8n/sI0VaEb7QIDAQABAoIBACYshUDbCEUkVaTk
zSpynyrbfxX7+cXKpEwidAi/47A4FGK1yK4epDLU1zvd74UnZ8PPA6jjUKYrdJzb
h0H4Wo1oBFrhU3ke2YvkaAQDQM7wAOdTmaDTHsyv2y8iPOEGFYX+fQkYpl68bM5r
eWp/PEaJpk6piDFHQ8Qft6aNBogf9DfG7AO5s44waVmB8Sx3ayvC7lNCl6Z79w/U
LK7ofGAPGJ212kEYLwn/TL8SNWa1XH+ZaKy34LuNBe3sdVm5N7no0V3ATTGnpCZF
aIHTJK+PMtImD4KFeJZbIVhvlfub0AqqfRJRzU82Zx4941pQ9dy42Fvi/puFcy3f
s1adjTkCgYEA1Df/fzBpdVw5aD0QH5om/uND31FVNcgX2uafgkVxrSih/u56fgKI
ArDQHF+E0lLkgznQ3qpezwIvIQ6TnQRVRfRkyd3Uo3sBTkh64nooQcj7mLTvfTCI
tQzbR/D9poVkjzCNuwWYy4eE5VM5/8OLfT7qHR+dW81Sfx4P22nK4ncCgYEAxeWs
eXE2mQj9dzS6NysLibMmvcyaKp6DtgZoNWCdIP72H6uTCorXlCyfZ+Krvpmb1GB6
iH+UAPBAzo2Yw6fHrUrM/bn3aJ1YcZrDAJIDtVyJv7X9BlUD7KwXqvZwlqU3av28
4r2XzAdaj45o5XI+tlF5LqsNCapOAn9Z/pGkibsCgYAfplJWd7PiquRs5V54OBdE
wEQpFAovQS49mVOErDKt7ndqe8qM7He4XwJKmPxIGdC2uXKrIqGNIfhBZ9kf+7tz
+WTmrky+LOQe9rRM/obueLj9J07oTsq0pbw2WHybzx0WNdmNYOJOyGFLikQGHvW4
sh9cRJDFVjPNfYBD6t01NQKBgFQaQ65o2tc25uFeWzVO6dxfcrt+1JYAP+F/35Gv
uZdoQ5k6BYeZcfza6fPwdSTPi1Y6mligP3oWoLQnoSClkUqoW24JNogTNp8xMmZv
p3vQFAqRgTLLtptCl9xkV3zuQhsKMtf50yU2itovn4zDfLtm7KVUtHnDEtwk205A
/zg5AoGAOz6tQWpD7w0jVN93a1YysluIIuO83CtaO5CAp5dqY/jqW6uzNkIQ8egq
eeQXovvpRw1J16/TVNi0nxBIopt92Nj1OeE/D2i8+fHZHD5IB+nedUoR7AcMPA9G
wsOYK7a4ULYdKdKM9okcWuS4zuYvw4KidSBu+4aJbTUrNLD+en8=
-----END RSA PRIVATE KEY-----
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
