"Illegal key size" Error while Decrypting SAML Messages
(Doc ID 1527128.1)
Last updated on MARCH 08, 2017
Applies to:Oracle Identity Federation - Version 18.104.22.168.0 and later
Information in this document applies to any platform.
Client IdP is sending encrypted SAML assertion using AES-256 encryption. When OIF (as SP) is decrypting the SAML, user receives a 500 error. Logs are reporting that the key size is illegal. Log snippet below.
[2013-02-05T10:33:23.918-06:00] [wls_oif1] [TRACE]  [oracle.security.fed.sec.crypto.enc.DomXmlDecrypter] [tid: [ACTIVE].ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: ] [ecid: 004pFn4gYgpEWN7hVHU^Kc0003Ll003bdJ,0:1] [SRC_CLASS: oracle.security.fed.sec.crypto.enc.DomXmlDecrypter] [APP: OIF#22.214.171.124.0] [SRC_METHOD: decryptElement] [URI: /fed/sp/authnResponse20] oracle.security.xmlsec.enc.XECipherException: Illegal key size
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document
|This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process and therefore has not been subject to an independent technical review.|