I am working in a SSO Project and I am the SP part.
I am receiving an encrypted and signed SAML Response. I would like to decrypt the whole Response and then, do the Signature Verification. I've been reading your examples and I saw that with your library it's possible to decrypt the Saml Assertion, but I do not know If I can decrypt the whole Response. I know that the encrypted part is only the Assertion, but if I extract the assertion from the Response, then I wont pass the Signature Verification (since the signature was made it to the whole Response, not only to the Asserion).
Could you please help me?