You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am using SAML2.Core library for decrypting incoming SAML assertions. It was working fine in my local environment and when I pushed the code to server decryption failed. After looking into the logs we are getting the foolwing Error
System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
Generated: Mon, 22 Oct 2018 07:41:40 GMT
System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
at System.Security.Cryptography.RijndaelManaged..ctor()
at SAML2.Saml20EncryptedAssertion.GetKeyInstance(String algorithm)
at SAML2.Saml20EncryptedAssertion.ToSymmetricKey(XmlElement encryptedKeyElement, String keyAlgorithm)
at SAML2.Saml20EncryptedAssertion.Decrypt()
at WebHost.Utilities.FederationHelper.DecryptAssertion(String responseCipher) in C:\WorkArea\PPSSource\QA\Source\PPSWeb\IdentityServer3\Source\WebHost\Utilities\FederationHelper.cs:line 263
at WebHost.Utilities.FederationHelper.DecodeAssertion(String rawAssertion) in C:\WorkArea\PPSSource\QA\Source\PPSWeb\IdentityServer3\Source\WebHost\Utilities\FederationHelper.cs:line 38
When I gone through the source code, In Saml20Encryptedassertion.cs class GetKeyInstance() method it was using RijndaelManaged class which is not FIPS compliant. Then after some research I replaced the RijndaelManaged with AesCryptoServiceProvider() it works fine.
I have put this here since I didn't find much on the internet about this. Hope some one will benifit out of it.
Can you guys put this into next release?
Thanks
The text was updated successfully, but these errors were encountered:
I am using SAML2.Core library for decrypting incoming SAML assertions. It was working fine in my local environment and when I pushed the code to server decryption failed. After looking into the logs we are getting the foolwing Error
System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
Generated: Mon, 22 Oct 2018 07:41:40 GMT
System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
at System.Security.Cryptography.RijndaelManaged..ctor()
at SAML2.Saml20EncryptedAssertion.GetKeyInstance(String algorithm)
at SAML2.Saml20EncryptedAssertion.ToSymmetricKey(XmlElement encryptedKeyElement, String keyAlgorithm)
at SAML2.Saml20EncryptedAssertion.Decrypt()
at WebHost.Utilities.FederationHelper.DecryptAssertion(String responseCipher) in C:\WorkArea\PPSSource\QA\Source\PPSWeb\IdentityServer3\Source\WebHost\Utilities\FederationHelper.cs:line 263
at WebHost.Utilities.FederationHelper.DecodeAssertion(String rawAssertion) in C:\WorkArea\PPSSource\QA\Source\PPSWeb\IdentityServer3\Source\WebHost\Utilities\FederationHelper.cs:line 38
When I gone through the source code, In Saml20Encryptedassertion.cs class GetKeyInstance() method it was using RijndaelManaged class which is not FIPS compliant. Then after some research I replaced the RijndaelManaged with AesCryptoServiceProvider() it works fine.
I have put this here since I didn't find much on the internet about this. Hope some one will benifit out of it.
Can you guys put this into next release?
Thanks
The text was updated successfully, but these errors were encountered: