[OpenSAML] [OpenSAML java] encrypted assertion

1,829 views
Skip to first unread message

jixi...@webodcmail.com

unread,
Apr 18, 2011, 1:56:17 AM4/18/11
to mace-open...@internet2.edu

Hi,

who can give me an example how to encrypt assertion? thanks.

Thanks&Best Regards
Li Ji Xian

Brent Putman

unread,
Apr 18, 2011, 2:20:39 AM4/18/11
to mace-open...@internet2.edu
This is documented pretty extensively in the wiki:

https://wiki.shibboleth.net/confluence/display/OpenSAML/OSTwoUserManJavaXMLEncryption

jixi...@webodcmail.com

unread,
Apr 18, 2011, 6:43:45 AM4/18/11
to put...@georgetown.edu, mace-open...@internet2.edu

Hi Putmanb,

Thanks for your response.

I can run it, but I have another question, if I use RSA algorithm to encrypt, how do I set block size of RSA algorithm? Below is exception:

 

org.opensaml.xml.encryption.EncryptionException: Error encrypting XMLObject
 at org.opensaml.xml.encryption.Encrypter.encryptElement(Encrypter.java:453)
 at org.opensaml.saml2.encryption.Encrypter.encrypt(Encrypter.java:343)
 at org.opensaml.saml2.encryption.Encrypter.encrypt(Encrypter.java:257)
 at SamlTest.main(SamlTest.java:208)
Caused by: java.lang.ArrayIndexOutOfBoundsException: too much data for RSA block
 at org.bouncycastle.jce.provider.JCERSACipher.engineDoFinal(Unknown Source)
 at javax.crypto.Cipher.doFinal(Unknown Source)
 at org.apache.xml.security.encryption.XMLCipher.encryptData(Unknown Source)
 at org.apache.xml.security.encryption.XMLCipher.encryptData(Unknown Source)
 at org.opensaml.xml.encryption.Encrypter.encryptElement(Encrypter.java:450)
 ... 3 more



Thanks&Best Regards
Li Ji Xian


Brent Putman

unread,
Apr 18, 2011, 10:33:18 AM4/18/11
to mace-open...@internet2.edu
Well, you can't use RSA to encrypt the actual data, you have to use a symmetric block algorithm for the data encryption, and then encrypt the data encryption key as an EncryptedKey and send it along with the EncryptedAssertion.   The examples in the wiki illustrate this.

The technical reason is that that RSA can only encrypt a block that is slightly smaller than it's modulus size, not nearly enough for a SAML assertion.  And there are no cipher modes defined for RSA for multi-block encryption (or at least if there are, XML Encryption doesn't support them).  For more info, you can google.  Using an ephemeral symmetric data encryption key is is the standard approach to using RSA encryption for pretty much anything out there, not just SAML.

jixi...@webodcmail.com

unread,
Apr 20, 2011, 4:02:45 AM4/20/11
to put...@georgetown.edu, mace-open...@internet2.edu

Many thanks, Putmanb.

By the way, if I need digest assertion, should I digest signature info or digest only other assertion info except signature info?

Brent Putman

unread,
Apr 20, 2011, 8:52:21 AM4/20/11
to mace-open...@internet2.edu
You'll have to elaborate on what you mean by needing to digest the assertion.  If you are talking about XML Signature, the requirements there are a lot more complicated than just digesting some element(s).

jixi...@webodcmail.com

unread,
Apr 21, 2011, 5:27:47 AM4/21/11
to put...@georgetown.edu, mace-open...@internet2.edu

Hi Putman,

I need digest whole aeestion with Enveloped method, here is few lines of code:

Assertion assertion = getAssertion2();

Signature signature = create(Signature.class, Signature.DEFAULT_ELEMENT_NAME);
         org.opensaml.xml.signature.KeyInfo openKeyInfo = create(org.opensaml.xml.signature.KeyInfo.class,org.opensaml.xml.signature.KeyInfo.DEFAULT_ELEMENT_NAME);
         signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
         X509Certificate cert = (X509Certificate)publickeyStore.getCertificate("serverkey");
         KeyInfoHelper.addCertificate(openKeyInfo, cert);
         signature.setKeyInfo(openKeyInfo);
         signature.setSigningCredential(privatecredential);
         SAMLObjectContentReference contentReference = new SAMLObjectContentReference(assertion);
         signature.getContentReferences().add(contentReference);
         

Below is assertion output, I can't find anything in <ds:DigestValue/>,why?

<ds:Signature
    xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
  >
    <ds:SignedInfo>
      <ds:CanonicalizationMethod
        Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
      />
      <ds:SignatureMethod/>
      <ds:Reference
        URI="#_01f817fbb3f0714ec25bf19a509cc6ab"
      >
        <ds:Transforms>
          <ds:Transform
            Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"
          />
          <ds:Transform
            Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
          >
            <ec:InclusiveNamespaces
              xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
              PrefixList="ds saml2"
            />
          </ds:Transform>
        </ds:Transforms>
        <ds:DigestMethod
          Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
        />
        <ds:DigestValue/>
      </ds:Reference>
      <ds:Reference
        URI="#_01f817fbb3f0714ec25bf19a509cc6ab"
      >
        <ds:Transforms>
          <ds:Transform
            Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"
          />
          <ds:Transform
            Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
          >
            <ec:InclusiveNamespaces
              xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
              PrefixList="ds saml2"
            />
          </ds:Transform>
        </ds:Transforms>
        <ds:DigestMethod
          Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
        />
        <ds:DigestValue/>
      </ds:Reference>
    </ds:SignedInfo>
    <ds:SignatureValue/>
    <ds:KeyInfo>
      <ds:X509Data>
        <ds:X509Certificate>MIICHzCCAYigAwIBAgIETawCXzANBgkqhkiG9w0BAQUFADBUMQwwCgYDVQQGEwNtY2IxDDAKBgNV
BAgTA21jYjEMMAoGA1UEBxMDbWNiMQwwCgYDVQQKEwNtY2IxDDAKBgNVBAsTA21jYjEMMAoGA1UE
AxMDbWNiMB4XDTExMDQxODA5MjAzMVoXDTExMDcxNzA5MjAzMVowVDEMMAoGA1UEBhMDbWNiMQww
CgYDVQQIEwNtY2IxDDAKBgNVBAcTA21jYjEMMAoGA1UEChMDbWNiMQwwCgYDVQQLEwNtY2IxDDAK
BgNVBAMTA21jYjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAo3nuqqSaZ+5/vFub9vWoUM26
9klTmshTMXskPcs+UzQG0/S8O/cbi/uZpSK/z3ZYtD2P/E6PofdwgREXl1tYydgRn6iG48i7IIRX
QmoLk++GEWu1RLe0M5R9kyno5E0qMehtfoO37vLo9S09j+mperRYJDspi+1KmiiOb9zA5H8CAwEA
ATANBgkqhkiG9w0BAQUFAAOBgQCJr4T7o+4SSVFhJhW3e0bxxYNu0Qy0M0sw0bjDJKzuOOoq6RqG
nbXNlYfW+FINhrgSxQByyNER4yGC39nRjAECUkZcBMzZvQ2R9CCduTxxx67lNmtDm1VuW9GfwVKU
A+G3INKFxQ1L6wdrc7tpe5tUvR+NK2uVxVOczvgabkkPyA==</ds:X509Certificate>
      </ds:X509Data>
    </ds:KeyInfo>
  </ds:Signature>

Brent Putman

unread,
Apr 21, 2011, 12:44:10 PM4/21/11
to mace-open...@internet2.edu
Similar to your encryption question, there is an entire wiki page devoted to using XML Signature in OpenSAML, including examples:

https://wiki.shibboleth.net/confluence/display/OpenSAML/OSTwoUserManJavaDSIG

Off-hand, you aren't calling the Signer to actually sign the data, and you are also needlessly adding a SAMLObjectContentReference, which is resulting in a duplicate Reference in the SignedInfo.  There are also nicer API's for generating the KeyInfo rather than what you are doing.

--Brent
Reply all
Reply to author
Forward
0 new messages