Decryption failed: Algorithm mismatch between input key and key in message: Key was: 'http://www.w3.org/2001/04/xmlenc#rsa-1_5'; message was: 'http://www.w3.org/2001/04/xmlenc#aes256-cbc'
449 views
Skip to first unread message
Maarten Scholl
Aug 17, 2018, 5:05:55 AM8/17/18
to SimpleSAMLphp
I am connecting to eIDAS/idensys through a mandatory dutch broker. On my side (SP) i want to use simplesaml. I trigger authentication and see the authn request send to the IDP. I get the eidas (remote IDP) login screen and can login at the IDP. But when redirected back to my SP I get an decryption error. The specific error from the logs:
Aug 16 18:25:32 simplesamlphp ERROR [c8e6bc166f] Decryption failed: Algorithm mismatch between input key and key in message. Key was: 'http://www.w3.org/2001/04/xmlenc#rsa-1_5'; message was: 'http://www.w3.org/2001/04/xmlenc#aes256-cbc'array (
)
more logs:
Aug 16 18:25:12 simplesamlphp DEBUG [c8e6bc166f] <saml:Issuer>urn:etoegang:DV:00000003141286080000:entities:9001</saml:Issuer>
Aug 16 18:25:12 simplesamlphp DEBUG [c8e6bc166f] <samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" AllowCreate="true"/>
Aug 16 18:25:12 simplesamlphp DEBUG [c8e6bc166f] </samlp:AuthnRequest>
)
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] Loading state: '_ef028a7f9abcdd28bb144dd9704b9c2e8c43c33677'
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] Received SAML2 Response from 'urn:etoegang:HM:00000003271247010000:entities:9511'.
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] Has 3 candidate keys for validation.
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] Message validated based on SSL certificate.array (
)
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] Validation with key #0 succeeded.
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] Has 3 candidate keys for validation.
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] Validation with key #0 failed with exception: Unable to validate Signature
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] Validation with key #1 failed with exception: Unable to validate Signature
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] Validation with key #2 succeeded.
Aug 16 18:25:32 simplesamlphp ERROR [c8e6bc166f] Decryption failed: Algorithm mismatch between input key and key in message. Key was: 'http://www.w3.org/2001/04/xmlenc#rsa-1_5'; message was: 'http://www.w3.org/2001/04/xmlenc#aes256-cbc'array (
)
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] Decryption with key #0 failed with exception: Failed to decrypt XML element.
Aug 16 18:25:32 simplesamlphp ERROR [c8e6bc166f] SimpleSAML_Error_Error: UNHANDLEDEXCEPTION
Aug 16 18:25:32 simplesamlphp ERROR [c8e6bc166f] Backtrace:
Aug 16 18:25:32 simplesamlphp ERROR [c8e6bc166f] 1 /var/simplesamlphp-1.15.3/www/_include.php:45 (SimpleSAML_exception_handler)
Aug 16 18:25:32 simplesamlphp ERROR [c8e6bc166f] 0 [builtin] (N/A)
Aug 16 18:25:32 simplesamlphp ERROR [c8e6bc166f] Caused by: Exception: Failed to decrypt XML element.
Aug 16 18:25:32 simplesamlphp ERROR [c8e6bc166f] Backtrace:
Aug 16 18:25:32 simplesamlphp ERROR [c8e6bc166f] 5 /var/simplesamlphp-1.15.3/vendor/simplesamlphp/saml2/src/SAML2/Utils.php:568 (SAML2\Utils::decryptElement)
Aug 16 18:25:32 simplesamlphp ERROR [c8e6bc166f] 4 /var/simplesamlphp-1.15.3/vendor/simplesamlphp/saml2/src/SAML2/Assertion.php:811 (SAML2\Assertion::decryptNameId)
Aug 16 18:25:32 simplesamlphp ERROR [c8e6bc166f] 3 /var/simplesamlphp-1.15.3/modules/saml/lib/Message.php:803 (sspmod_saml_Message::processAssertion)
Aug 16 18:25:32 simplesamlphp ERROR [c8e6bc166f] 2 /var/simplesamlphp-1.15.3/modules/saml/lib/Message.php:579 (sspmod_saml_Message::processResponse)
Aug 16 18:25:32 simplesamlphp ERROR [c8e6bc166f] 1 /var/simplesamlphp-1.15.3/modules/saml/www/sp/saml2-acs.php:129 (require)
Aug 16 18:25:32 simplesamlphp ERROR [c8e6bc166f] 0 /var/simplesamlphp-1.15.3/www/module.php:135 (N/A)
Aug 16 18:25:32 simplesamlphp ERROR [c8e6bc166f] Error report with id 2f8c2b1d generated.
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] Localization: using old system
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] Template: Reading [/var/simplesamlphp-1.15.3/dictionaries/errors]
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] ArtifactResolutionService endpoint being used is := https://broker.nl/brk/ws/SamlArtifactarray (
)
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] Sending message:
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] <soap-env:Envelope xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/">
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] <soap-env:Header/>
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] <soap-env:Body>
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] <samlp:ArtifactResolve xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_bb411a925d8681a8dda676fce24767244f630eede4" Version="2.0" IssueInstant="2018-08-16T18:25:32Z" Destination="https://broker.nl/brk/ws/SamlArtifact">
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] <saml:Issuer>urn:etoegang:DV:00000003141286080000:entities:9001</saml:Issuer>
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] <ds:SignedInfo>
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] <ds:Reference URI="#_bb411a925d8681a8dda676fce24767244f630eede4">
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] <ds:Transforms>
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] </ds:Transforms>
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] <ds:DigestValue>L0sRjiM0irPArYaN4eg4XZQrHv8=</ds:DigestValue>
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] </ds:Reference>
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] </ds:SignedInfo>
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] <ds:SignatureValue>cyWdteNW50CongdDW/dptNg11XbAxT7w2TLpT/jMEFWeYPuqYfi/QGAkRLsMn24XuO9aec3q58OeVUJJFC8GGwneoKFiaYKshVaUZvmlZ0Ij0kdnkiQUtfWSzEej+P/duqMYeJpAxVV1n5ilOYSwEeCSsG69i/E3uH1WjNpNVpLz2QWLZDmtpwUht/fhTtfOxx4PECm43KeBYqysisFyVv4Hc4eEH+dbzgdT1U2Oz+rSMWEdPREebWmeZrpaL3ERH7TQOkg8+F0fd3asCCJ76VvIUNcpOT7Sj6FnvOf/VInzNypS8M3oI/8e735eBBTKL2g2zKRvzi5uQmeqTD3p8g==</ds:SignatureValue>
Aug 16 18:25:32 simplesamlphp DEBUG [c8e6bc166f] <ds:KeyInfo>
the authsource config:
'eidas-sp' => array(
'saml:SP',
'privatekey' => 'priv-enc.key',
'privatekey_pass' => '{SHA256}oGfWXW0T6Wcn4oaQuYjSCaQb40LGm8H87wn/VICSPM4=',
'certificate' => 'pub-cert.pem',
'metadata.sign.enable' => TRUE,
'metadata.sign.algorithm' => 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',
'ProtocolBinding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact',
'redirect.sign' => TRUE,
'redirect.validate' => TRUE,
//'encryption.blacklisted-algorithms' => array(),
'sign.authnrequest' => TRUE,
//'signature.algorithm' => 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',
'assertion.encryption' => FALSE,
'WantAssertionsSigned' => TRUE,
'acs.Bindings' => array('urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact'),
'authproc' => array(20 => array('class' => 'saml:NameIDAttribute', 'format' => '%V',),),
'entityID' => 'urn:etoegang:DV:000000031412xxxx:entities:9001',
'idp' => 'urn:etoegang:HM:00000003271xxxx:entities:9511',
'discoURL' => NULL,
'attributes' => array(
'urn:etoegang:DV:00000003141286080000:services:9001',
'urn:etoegang:1.9:attribute:FirstName',
'urn:etoegang:1.9:attribute:FamilyNameInfix',
'urn:etoegang:1.9:attribute:FamilyName',
'urn:etoegang:1.9:attribute:DateOfBirth',
'urn:etoegang:1.11:attribute:BirthName',
'urn:etoegang:1.9:attribute:Initials',
'urn:etoegang:1.9:attribute:Email',
),
'name' => 'some name',
'attributes.isDefault' => TRUE,
'contacts' => array(
array(
'contactType' => 'technical',
'emailAddress' => 'xxx',
'givenName' => 'xxx',
'surName' => 'xxx',
'telephoneNumber' => 'xxx',
'company' => 'xxxx',
),
),
),
Could anyone point me in the correct direction to resolve this?
Thanks in advance,
Best regards,
Maarten
Maarten Scholl
Aug 20, 2018, 12:23:45 PM8/20/18
to SimpleSAMLphp
I found that (just to try/pinpoint the issue) if i change this in <simplesamlroot>/modules/saml/lib/Message.php:
line 325/326
#$key = new XMLSecurityKey(XMLSecurityKey::RSA_1_5, array('type' => 'private'));
$key = new XMLSecurityKey(XMLSecurityKey::AES256_CBC, array('type' => 'private'));
the error will disappear. I now get a new error:
SimpleSAML_Error_Error: UNHANDLEDEXCEPTION
Backtrace: 1 www/_include.php:45 (SimpleSAML_exception_handler) 0 [builtin] (N/A) Caused by: Exception: Failed to decrypt XML element. Backtrace: 5 vendor/simplesamlphp/saml2/src/SAML2/Utils.php:572 (SAML2\Utils::decryptElement) 4 vendor/simplesamlphp/saml2/src/SAML2/Assertion.php:811 (SAML2\Assertion::decryptNameId) 3 modules/saml/lib/Message.php:805 (sspmod_saml_Message::processAssertion) 2 modules/saml/lib/Message.php:581 (sspmod_saml_Message::processResponse) 1 modules/saml/www/sp/saml2-acs.php:129 (require) 0 www/module.php:135 (N/A)
Don't knwow if related to the above change, but any advice would be appreciated:)
Best regards,
Maarten
Tim van Dijen
Aug 21, 2018, 3:22:01 AM8/21/18
to SimpleSAMLphp
Hi Maarten,
First of all, you should never have to edit the code to make something basic as encryption work..
Looking at your first mail, two things catch my eye:
- You cannot use password-hashes for the `privatekey_pass`; it has to be plain text.
- You should be on SSP 1.15.4 due to a severe security issue in previous versions, related to encrypted assertions
- Tim
Maarten Scholl
Aug 21, 2018, 3:42:38 AM8/21/18
to SimpleSAMLphp
Hello Tim,
Thanks for your response:
- Yes...that is something i did only in the post to hide the password, in my config it is in plain text:) sorry for the confusion
- I just upgraded to 1.15.3 to 1.15.4 but still this error.
I agree i shouldn't change code, but am am just looking to pinpoint the error
any other ideas?
Best regards,
Maarten
Joost van Dijk
Aug 24, 2018, 11:44:58 AM8/24/18
to simple...@googlegroups.com
Hi Maarten,
It seems there is a mismatch with the way your IdP is encrypting elements and the way your SP (using robrichards/xmlseclibs for xmlsec) is expecting them.
Your IdP is sending an encrypted nameid (which I learned from private communication), like
<saml2:EncryptedID xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<xenc:EncryptedData Id="_A" Type="http://www.w3.org/2001/04/xmlenc#Element">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
<ds:KeyInfo>
<ds:RetrievalMethod URI="#_B"/>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>...</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
<xenc:EncryptedKey Id="_B" Recipient="urn:sp">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
</xenc:EncryptionMethod>
<ds:KeyInfo>
<ds:KeyName>...</ds:KeyName>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>...</xenc:CipherValue>
</xenc:CipherData>
<xenc:ReferenceList>
<xenc:DataReference URI="#_A"/>
</xenc:ReferenceList>
</xenc:EncryptedKey>
</saml2:EncryptedID>
The nameid is encrypted with a (symmetric) AES key, which is in turn encrypted with the (asymmetric) public key from your SP’s metadata.
If you look at the following code from the xmlseclibs dependency:
The code in the function staticLocateKeyInfo that tries to locate a KeyInfo element containing a decryption key (_B in this case) returns when the RetrievalMethod element lacks a Type attribute:
This means SimpleSAMLphp is not able to retrieve the symmetric key (_B) that is needed to decrypt the nameid.
So your Idp and your SP are not interoperable. As to the question which of the two should change its behaviour: looking at
In section 3.5.2 "The ds:RetrievalMethod Element” the Type attribute Schema Definition indicates that the Type attribute is optional.
I’d say this issue is best solved with a patched version of xmlseclibs.
Cheers,
—
Joost van Dijk
SURFnet
--
This is a mailing list for users of SimpleSAMLphp, not a support service. If you are willing to buy commercial support, please take a look here:
https://simplesamlphp.org/support
Before sending your question, make sure it is related to SimpleSAMLphp, and not your web server's configuration or any other third-party software. This mailing list cannot help with software that uses SimpleSAMLphp, only regarding SimpleSAMLphp itself.
Make sure to read the documentation:
https://simplesamlphp.org/docs/stable/
If you have an issue with SimpleSAMLphp that you cannot resolve and reading the documentation doesn't help, you are more than welcome to ask here for help. Subscribe to the list and send an email with your question. However, you will be expected to comply with some minimum, common sense standards in your questions. Please read this carefully:
http://catb.org/~esr/faqs/smart-questions.html
---
You received this message because you are subscribed to the Google Groups "SimpleSAMLphp" group.
To unsubscribe from this group and stop receiving emails from it, send an email to simplesamlph...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Jaime Perez Crespo
Aug 28, 2018, 3:21:22 AM8/28/18
to SimpleSAMLphp
Thanks a lot for taking the time to debug this, Joost! Would you mind to add an issue here so that I can (at some point in time) take a look as well into our fork and fix the issue, if it’s affected in the same way?
https://github.com/simplesamlphp/xmlsec/issues
Thanks again!
--
Jaime Pérez
Uninett / Feide
jaime...@uninett.no
jaime...@protonmail.com
9A08 EA20 E062 70B4 616B 43E3 562A FE3A 6293 62C2
"Two roads diverged in a wood, and I, I took the one less traveled by, and that has made all the difference."
- Robert Frost
https://github.com/simplesamlphp/xmlsec/issues
Thanks again!
Jaime Pérez
Uninett / Feide
jaime...@uninett.no
jaime...@protonmail.com
9A08 EA20 E062 70B4 616B 43E3 562A FE3A 6293 62C2
"Two roads diverged in a wood, and I, I took the one less traveled by, and that has made all the difference."
- Robert Frost
Maarten Scholl
Aug 29, 2018, 6:59:26 AM8/29/18
to SimpleSAMLphp
Hello Joost,
Thanks a lot for looking into this!
I can confirm that if we remove the check for the 'Type' in the "XMLSecEnc.php" the decryption works.
Best regards,
Maarten
Joost van Dijk
Sep 4, 2018, 4:07:57 AM9/4/18
to simple...@googlegroups.com
Reply all
Reply to author
Forward
0 new messages