Encryption algorithms

[Wessel, Keith]

Hi, all,

 

We’ve got an SP that we’re trying to federate with that only supports AES256 encrypted assertions. For now, I’ve disabled encrypted assertions to this SP since, from what I’m reading, we can’t do AES256 with SimpleSAMLphp, or at least not using public key encryption. But the docs are confusing.

 

In the remote SP configuration reference, I read:

 

It is possible to encrypt the assertions sent to a SP. Currently the only algorithm supported is AES128_CBC or RIJNDAEL_128.

 

But a couple lines later under the sharedkey_algorithm configuration parameter, it says:

 

Possible values are:

• http://www.w3.org/2001/04/xmlenc#aes128-cbc

• http://www.w3.org/2001/04/xmlenc#aes192-cbc

• http://www.w3.org/2001/04/xmlenc#aes256-cbc

• http://www.w3.org/2009/xmlenc11#aes128-gcm

• http://www.w3.org/2009/xmlenc11#aes192-gcm

• http://www.w3.org/2009/xmlenc11#aes256-gcm

 

So, two questions:

 

First, does SSP support more than AES128 for encrypting assertions?

 

And second, how do I override this if I’m using public key encryption?

 

Thanks,

Keith

 

[Tim van Dijen]

Hi Keith,

Sorry for the confusion! We need to update the documentation.
All those algorithms should also work for public key encryption.

> And second, how do I override this if I’m using public key encryption?

You don't!  Just set `assertion.encryption` to `true` and the rest should go automatically based on the SP's metadata. It should have it's supported algorithms listed there in order of preference.

- Tim

Op donderdag 20 februari 2025 om 18:29:53 UTC+1 schreef Keith Wessel:

[Wessel, Keith]

Thanks, Tim. However, the encryption algorithms associated with an encryption cert don’t seem to be getting rendered in the PHP-based metadata for an SP. For instance, I ran this through the XML to PHP metadata converter. I imported the entire entity descriptor, but here’s just the relevant key descriptor block:

 

<md:KeyDescriptor use="encryption">

      <ds:KeyInfo xmlns:ds=http://www.w3.org/2000/09/xmldsig#>

        <ds:X509Data>

          <ds:X509Certificate>

          PEM data removed for brevity

          </ds:X509Certificate>

        </ds:X509Data>

      </ds:KeyInfo>

      <md:EncryptionMethod Algorithm=http://www.w3.org/2001/04/xmlenc#aes128-cbc/>

      <md:EncryptionMethod Algorithm=http://www.w3.org/2001/04/xmlenc#aes192-cbc/>

      <md:EncryptionMethod Algorithm=http://www.w3.org/2001/04/xmlenc#aes256-cbc/>

      <md:EncryptionMethod Algorithm=http://www.w3.org/2001/04/xmlenc#tripledes-cbc/>

    </md:KeyDescriptor>

 

But the generated PHP didn’t seem to contain any references to the supported encryption methods. Am I missing something here?

 

Keith

--
This is a mailing list for users of SimpleSAMLphp, not a support service. If you are willing to buy commercial support, please take a look here:
 
https://simplesamlphp.org/support
 
Before sending your question, make sure it is related to SimpleSAMLphp, and not your web server's configuration or any other third-party software. This mailing list cannot help with software that uses SimpleSAMLphp, only regarding SimpleSAMLphp itself.
 
Make sure to read the documentation:
 
https://simplesamlphp.org/docs/stable/
 
If you have an issue with SimpleSAMLphp that you cannot resolve and reading the documentation doesn't help, you are more than welcome to ask here for help. Subscribe to the list and send an email with your question. However, you will be expected to comply with some minimum, common sense standards in your questions. Please read this carefully:
 
http://catb.org/~esr/faqs/smart-questions.html
---
You received this message because you are subscribed to the Google Groups "SimpleSAMLphp" group.
To unsubscribe from this group and stop receiving emails from it, send an email to simplesamlph...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/simplesamlphp/96f76a63-3354-4a65-8bc2-a51e8a37d1f7n%40googlegroups.com.

[Tim van Dijen]

Hey Keith,

Sorry, I thought I had replied to this, but somehow my message got deleted.

This thread is becoming a bit confusing.. What you want to achieve is to configure AES256 encryption for this one SP, right?

- Tim

Op maandag 24 februari 2025 om 16:14:53 UTC+1 schreef Keith Wessel:

[Wessel, Keith]

No problem at all on the delay.

 

Yes, Sir, that’s correct. The metadata coming in for this SP is coming from our local federation, and the tool generating the XML for that federation is rather old and doesn’t have support for including supported encryption algorithms for an SP in the metadata. So, I’d like to augment the loaded metadata in SimpleSAMLphp.

 

That’s why I was manually feeding metadata from an SP whose metadata includes encryption methods elements on the encryption certificate. I was hoping to see the way that SimpleSAMLphp represented setting the encryption algorithm in its PHP-based metadata so I could add that in using a regex-template block in my metarefresh config.

 

Perhaps it’s not the encryptionMethod elements inside the X509Certificate block of the XML metadata that I should be looking at?

 

But yes, in short, how does one change the encryption algorithm for an SP inside the SSP PHP-based SP metadata?

To view this discussion visit https://groups.google.com/d/msgid/simplesamlphp/bf6ac1fc-4ece-457b-ad3b-42dedcb146fan%40googlegroups.com.

[Tim van Dijen]

Just set the three settings you had already found in the documentation:

- `assertion.encryption => true`

- `sharedkey_algorithm = http://www.w3.org/2001/04/xmlenc#aes256-cbc` _or_ http://www.w3.org/2009/xmlenc11#aes256-gcm depending on which one your SP supports
- `sharedkey = <the shared secret you have mutually agreed upon>`

That's it!

- Tim

Op donderdag 27 februari 2025 om 15:14:13 UTC+1 schreef Keith Wessel:

[Wessel, Keith]

Only snag is that this isn’t using shared key encryption. It’s using public/private key pair encryption. The encryption cert is in the SP’s metadata. Will sharedkey_algorithm still set the encryption algorithm if we’re using a public cert from metadata to encrypt? From what I saw in the source code, it doesn’t look like it.

 

Keith

To view this discussion visit https://groups.google.com/d/msgid/simplesamlphp/074faedf-7a15-4607-907b-f7b6c210a2bcn%40googlegroups.com.

[Tim van Dijen]

Hey Keith,

I hope my memory serves me well here:

AES256 is a symmetric key algorithm and uses a preshared key.  Using this algorithm in a context of asymmetric encryption is impossible AFAIK.
Asymmetric key encryption always uses the RSA algorithm and the strength of the encryption is based on the strength of the key (i.e. 2048/3072/4096 bytes).

Isn't this some kind of  miscommunication between you and your peer?

- Tim

Op donderdag 27 februari 2025 om 17:06:54 UTC+1 schreef Keith Wessel:

[Wessel, Keith]

Hi, Tim,

 

I don’t claim to be an encryption expert, but I know that we were using AES256-CBC when this SP was going against our Shibboleth IdP using the same public cert/private key:

 

<md:EncryptionMethod Algorithm=http://www.w3.org/2001/04/xmlenc#aes256-cbc/>

 

Looking through the eduGain aggregate (which obviously does allow specifying supported encryption algorithms in SP metadata), I see over 600 mentions of aes256-cbc and nearly as many of aes256-gcm.

 

So, clearly something must be possible. Any thoughts?

To view this discussion visit https://groups.google.com/d/msgid/simplesamlphp/a0341977-16f5-42d7-8ade-fdc892b18614n%40googlegroups.com.

[Wessel, Keith]

Just following up with a nudge on this. Any further thoughts from Tim or anyone else?

To view this discussion visit https://groups.google.com/d/msgid/simplesamlphp/SN7PR11MB76663A9DD42A0C26BA860DBBCBCD2%40SN7PR11MB7666.namprd11.prod.outlook.com.