SigningMethod sha256-rsa-mgf1

56 views
Skip to first unread message

Ahrens, Helge

unread,
Jan 15, 2025, 3:47:24 AMJan 15
to simple...@googlegroups.com

Dear all,

 

I didn’t find any information about this:

Does simplasaml (I’m currently using v2.0.15) support SigningMethod sha256-rsa-mgf1 (RSASSA-PSS) and if so, where can I change the default? The national (German) IdP is switching from rsa-sha256 and when testing the new setting in our Dev-Environment I encountered this error:

 

***

simplesamlphp DEBUG […] Received SAML2 Response from 'https://int.id.bund.de/idp'.

simplesamlphp DEBUG […] Has 1 candidate keys for validation.

simplesamlphp DEBUG […] Validation with key #0 failed with exception: Unsupported signing algorithm.

 

SimpleSAML\Error\Error: UNHANDLEDEXCEPTION
Backtrace:

2 public/_include.php:31 (SimpleSAML_exception_handler)

1 …/vendor/symfony/error-handler/ErrorHandler.php:619 (Symfony\Component\ErrorHandler\ErrorHandler::handleException)

0 [builtin] (N/A)

Caused by: Exception: Unsupported signing algorithm.

Backtrace:

11 …/vendor/simplesamlphp/saml2/src/SAML2/Utils.php:140 (SAML2\Utils::castKey)

10 …/vendor/simplesamlphp/saml2/src/SAML2/Utils.php:191 (SAML2\Utils::validateSignature)

9 [builtin] (call_user_func)

8 …/vendor/simplesamlphp/saml2/src/SAML2/Message.php:263 (SAML2\Message::validate)

7 modules/saml/src/Message.php:168 (SimpleSAML\Module\saml\Message::checkSign)

6 modules/saml/src/Message.php:602 (SimpleSAML\Module\saml\Message::processResponse)

5 modules/saml/src/Controller/ServiceProvider.php:317 (SimpleSAML\Module\saml\Controller\ServiceProvider::assertionConsumerService)

4 …/vendor/symfony/http-kernel/HttpKernel.php:163 (Symfony\Component\HttpKernel\HttpKernel::handleRaw)

3 …/vendor/symfony/http-kernel/HttpKernel.php:75 (Symfony\Component\HttpKernel\HttpKernel::handle)

2 …/vendor/symfony/http-kernel/Kernel.php:202 (Symfony\Component\HttpKernel\Kernel::handle)

1 src/SimpleSAML/Module.php:234 (SimpleSAML\Module::process)

0 public/module.php:17 (N/A)

***

 

Best wishes and thank you for any hint to a solution!

Helge

Tim van Dijen

unread,
Jan 15, 2025, 5:12:28 AMJan 15
to SimpleSAMLphp
Hi Helge,

Unfortunately it's not supported. This is not a limitation of SimpleSAMLphp but a limitation of PHP's openssl extension that doesn't support this.

- Tim

Op woensdag 15 januari 2025 om 09:47:24 UTC+1 schreef Ahrens, Helge:

Ahrens, Helge

unread,
Jan 15, 2025, 7:18:18 AMJan 15
to simple...@googlegroups.com

Dear Tim,

 

thank you for your fast reply. So I’ll be forced to change from php-based SAML to another solution? That is unfortunate.

 

Best wishes

Helge

--
This is a mailing list for users of SimpleSAMLphp, not a support service. If you are willing to buy commercial support, please take a look here:
 
https://simplesamlphp.org/support
 
Before sending your question, make sure it is related to SimpleSAMLphp, and not your web server's configuration or any other third-party software. This mailing list cannot help with software that uses SimpleSAMLphp, only regarding SimpleSAMLphp itself.
 
Make sure to read the documentation:
 
https://simplesamlphp.org/docs/stable/
 
If you have an issue with SimpleSAMLphp that you cannot resolve and reading the documentation doesn't help, you are more than welcome to ask here for help. Subscribe to the list and send an email with your question. However, you will be expected to comply with some minimum, common sense standards in your questions. Please read this carefully:
 
http://catb.org/~esr/faqs/smart-questions.html
---
You received this message because you are subscribed to the Google Groups "SimpleSAMLphp" group.
To unsubscribe from this group and stop receiving emails from it, send an email to simplesamlph...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/simplesamlphp/a495c7ab-ff42-4b34-bd2d-3bc247bf1a1bn%40googlegroups.com.

Tim van Dijen

unread,
Jan 15, 2025, 7:35:42 AMJan 15
to SimpleSAMLphp
Hi Helge,

No, not necessarily. There are PHP-based crypto-libraries like phpseclibs that do not rely on PHP's openssl extension and that _do_ support RSS-PSS.
The unfortunate part is that the crypto-library underneath SimpleSAMLphp is tightly coupled to the openssl extension and therefore cannot support it.
We will at some point migrate to a better crypto-library, but with current resources for the project this is going to take a _really_ long time :(

-Tim

Op woensdag 15 januari 2025 om 13:18:18 UTC+1 schreef Ahrens, Helge:

Ahrens, Helge

unread,
Jan 15, 2025, 7:43:28 AMJan 15
to simple...@googlegroups.com

Dear Tim,

 

thank you for the insight! Do you have an overview of the parts that would need change? Because either I’ll try and changing it in my simplesaml installation and maybe that can help your effort for migration as well or I’ll have to migrate to another backend (not sure how much work that might be).

Tim van Dijen

unread,
Jan 15, 2025, 8:59:54 AMJan 15
to SimpleSAMLphp
Hi Helge,

The crypto-library that is in use now is https://github.com/robrichards/xmlseclibs ...
Because that one is not very well maintained, we decided to set up our very own crypto-library under https://github.com/simplesamlphp/xml-security .

That one by itself is finished, but not yet in use by SimpleSAMLphp because the API was changed completely.
It has support for multiple back-ends, with one back-end implemented (openssl), but it could also have a backend for phpseclib.

So two steps that need to be done:
- Add backend for phpseclib into the xml-security library
- Integrate this new library into SimpleSAMLphp

It will be quite a lot of work, I think, but we would really appreciate your help!

- Tim

Op woensdag 15 januari 2025 om 13:43:28 UTC+1 schreef Ahrens, Helge:

Ahrens, Helge

unread,
Jan 16, 2025, 3:44:19 AMJan 16
to simple...@googlegroups.com

Dear Tim,

 

I’ll take a look at the code, however I have a tight schedule (the change must be completed by the end of June). Depending on how we estimate the effort in the team, we may have to change the backend.

Ahrens, Helge

unread,
Jan 21, 2025, 4:51:52 AMJan 21
to simple...@googlegroups.com

Dear Tim,

 

are there already issues/tasks in the simplesamlphp and xml-security repositories where we could start working on?

I’m a little lost where I should start, except that I would start by trying to integrate phpseclib directly in a local simplesamlphp instance to see if I can get it working. From there I could try integrating it in xml-security. Or should I first try to integrate xml-security in simplesamlphp?

 

Best wishes

Helge

Peter Schober

unread,
Jan 21, 2025, 7:01:00 AMJan 21
to simple...@googlegroups.com
Tim van Dijen <tvd...@gmail.com> [2025-01-15 15:00 CET]:
> - Add backend for phpseclib into the xml-security library

Btw, is libsodium an option here? It should come with PHP core since
v7.2, so no new dendency added.
The main reason I could think of why this wouldn't work is (in
the words of some older paragonie.com article[1]):
"Stringent requirements to maintain interoperability with weak
cryptography."
Best,
-peter

[1] https://paragonie.com/blog/2015/09/how-to-safely-implement-cryptography-in-any-application

Tim van Dijen

unread,
Jan 21, 2025, 7:41:29 AMJan 21
to SimpleSAMLphp
Hi Peter,

I don't think this is true, at least not for all platorms, because I still have to install ext-sodium manually on my distro.

Anyway, I don't think it matters all that much... phpseclibs or sodium.. It both comes down to fitting in a new type of backend..
I personally have a slight preference for phpseclibs because it's a pure PHP-solution, making it much more flexible.

- Tim

Op dinsdag 21 januari 2025 om 13:01:00 UTC+1 schreef Peter Schober:

Peter Schober

unread,
Jan 21, 2025, 8:26:41 AMJan 21
to simple...@googlegroups.com
Tim van Dijen <tvd...@gmail.com> [2025-01-21 13:41 CET]:
> I don't think this is true, at least not for all platorms, because I
> still have to install ext-sodium manually on my distro.

I was a bit inprecise before, I'll quote from the docs[1] instead:

> As of PHP 7.2.0 this extension is bundled with PHP.

Best,
-peter

[1] https://www.php.net/manual/en/sodium.installation.php

monk...@gmail.com

unread,
May 5, 2025, 8:41:44 PMMay 5
to SimpleSAMLphp
I was digging into the openssl versions in php and and the released openssl versions. 

I see that openssl 3.5.0 has some promise, for example with RSA_FLAG_TYPE_RSASSAPSS. That constant or ones like it do not exist in php-8.4.6/ext/openssl. I also don't see RSASSA in ext/openssl in git master for php.

I also found this heavy handed patch which passes off RSASSA_PSS requests to the phpseclib3\Crypt library from inside the robrichards/xmlseclibs library.
https://github.com/robrichards/xmlseclibs/pull/262

I thought I would put my findings from the little search around here in case somebody reads this thread.


Reply all
Reply to author
Forward
0 new messages