decrypt handling entire EncryptedAssertion

[mitakuye]

Documentation says to pass "EncryptedData" to decrypt. However, you actually need the entire "EncryptedAssertion" , so that "EncryptedKey" can be referenced from "EncryptedData". Existing code, actually, handles this right now (sort of). I passed in "EncryptedAssertion", and decrypt function (via decryptKeyInfo) did successfully handle finding the "keyEncryptionAlgorighm"; but failed in decryptKeyInfoWithScheme with "Error: Encrypted message length is invalid" from rsa libs. So, I think the documentation needs to be updated to denote entire "EncryptedAssertion" and possibly run through to make sure it's still working as expected when entire "EncryptedAssertion" is passed in.

Attachment in the ref below has sample EncryptedAssertion with ref to "EncryptedKey" from "EncryptedData".
#Ref tngan/samlify#85

[mitakuye]

To continue from above wrt to the ""Error: Encrypted message length is invalid" error....I think "decryptKeyInfo" logic needs to be tweaked, in order to handle an Encrypted Assertion when URI used to EncryptionKey. Currently, it is trying to decrypt the "EncryptedData" (aes) with the "EncryptedKey" cipher (rsa). I think rough logic should be:
If EncryptedData RetrievalMethod is URI to the EncryptedKey -> then decrypt the EncryptedKey (to get Cipher Value) to use to Decrypt the EncryptedData.
Else -> use existing logic

Attaching sample Assertion with test cert/key

auth0.zip