[xmlsec] Can't decrypt GCM based algorithms

Wed Mar 30 00:12:17 UTC 2022

Sorry forgot to add a pointer:

https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.html#sec-Alg-Block

This is not the standard RFC 1423 padding that most of the software is
using these days.

Aleksey

On 3/29/22 8:10 PM, Aleksey Sanin wrote:
> I would check what kind of padding is used by the encryption software.
> That's one of the most common reasons for EVP_CipherFinal failure like
> that.
> 
> Aleksey
> 
> On 3/29/22 6:35 PM, Timothy Legge wrote:
>> That likely answers that particular issue.  My module issue looks like 
>> this:
>>
>> xmlsec1 --decrypt --privkey-pem
>> ~/perl-Net-SAML2/xt/testapp/sign-private.pem tmp.xml
>> func=xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock:file=ciphers.c:line=250:obj=aes256-gcm:subj=EVP_CipherFinal:error=4:crypto 
>>
>> library function failed:openssl error: 0: NULL: NULL NULL
>> func=xmlSecOpenSSLEvpBlockCipherGCMCtxFinal:file=ciphers.c:line=557:obj=aes256-gcm:subj=xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock:error=1:xmlsec 
>>
>> library function failed:
>> func=xmlSecOpenSSLEvpBlockCipherExecute:file=ciphers.c:line=843:obj=aes256-gcm:subj=xmlSecOpenSSLEvpBlockCipherCtxFinal:error=1:xmlsec 
>>
>> library function failed:
>> func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1927:obj=aes256-gcm:subj=xmlSecTransformExecute:error=1:xmlsec 
>>
>> library function failed:final=1
>> func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1952:obj=aes256-gcm:subj=xmlSecTransformPushBin:error=1:xmlsec 
>>
>> library function failed:final=1;outSize=74
>> func=xmlSecTransformCtxBinaryExecute:file=transforms.c:line=941:obj=unknown:subj=xmlSecTransformPushBin:error=1:xmlsec 
>>
>> library function failed:dataSize=102
>> func=xmlSecEncCtxDecryptToBuffer:file=xmlenc.c:line=614:obj=unknown:subj=xmlSecTransformCtxBinaryExecute:error=1:xmlsec 
>>
>> library function failed:
>> func=xmlSecEncCtxDecrypt:file=xmlenc.c:line=524:obj=unknown:subj=xmlSecEncCtxDecryptToBuffer:error=1:xmlsec 
>>
>> library function failed:
>> Error: failed to decrypt file
>> Error: failed to decrypt file "tmp.xml"
>>
>>
>>
>> Timothy Legge
>> timlegge at gmail.com
>> timlegge at cpan.org
>>
>> On Tue, Mar 29, 2022 at 6:57 PM Aleksey Sanin <aleksey at aleksey.com> 
>> wrote:
>>>
>>> Yes, basically you need to tell XML parser about ID attributes.
>>> As I said, section 3.2 in FAQ:
>>>
>>> https://www.aleksey.com/xmlsec/faq.html
>>>
>>> Aleksey
>>>
>>> On 3/29/22 5:52 PM, Timothy Legge wrote:
>>>> Hi
>>>>
>>>> I am missing the reference I think.  Is it related to the --id-attr?
>>>>
>>>> Timothy Legge
>>>> timlegge at gmail.com
>>>> timlegge at cpan.org
>>>>
>>>> On Tue, Mar 29, 2022 at 6:36 PM Aleksey Sanin <aleksey at aleksey.com> 
>>>> wrote:
>>>>>
>>>>> FAQ section 3.2 if I recall (or somewhere close by).
>>>>>
>>>>> Aleksey
>>>>>
>>>>> On 3/29/22 5:34 PM, Timothy Legge wrote:
>>>>>> Hi
>>>>>>
>>>>>> It also seems to be an issue with a IdP SAMLResponse from okta:
>>>>>>
>>>>>> I have attached the xml as test xml and the base64 version as well as
>>>>>> the private key (that private key is from perl-Net-SAML2 and is
>>>>>> already public so it is fine to post).  My perl XML::Enc module
>>>>>> decrypts this file without any issues.
>>>>>>
>>>>>> I am continuing to review.
>>>>>>
>>>>>> Tim
>>>>>>
>>>>>> xmlsec1 --decrypt --privkey-pem sign-private-rsa.pem test.xml
>>>>>> func=xmlSecXPathDataExecute:file=xpath.c:line=246:obj=unknown:subj=xmlXPtrEval:error=5:libxml2 
>>>>>>
>>>>>> library function
>>>>>> failed:expr=xpointer(id('_040a0aae3380dc9275ae08c24a8ddd72')); xml
>>>>>> error: 0: NULL
>>>>>> func=xmlSecXPathDataListExecute:file=xpath.c:line=330:obj=unknown:subj=xmlSecXPathDataExecute:error=1:xmlsec 
>>>>>>
>>>>>> library function failed:
>>>>>> func=xmlSecTransformXPathExecute:file=xpath.c:line=430:obj=xpointer:subj=xmlSecXPathDataListExecute:error=1:xmlsec 
>>>>>>
>>>>>> library function failed:
>>>>>> func=xmlSecTransformDefaultPushXml:file=transforms.c:line=2108:obj=xpointer:subj=xmlSecTransformExecute:error=1:xmlsec 
>>>>>>
>>>>>> library function failed:
>>>>>> func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1044:obj=xpointer:subj=xmlSecTransformPushXml:error=1:xmlsec 
>>>>>>
>>>>>> library function failed:
>>>>>> func=xmlSecTransformCtxExecute:file=transforms.c:line=1092:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec 
>>>>>>
>>>>>> library function failed:
>>>>>> func=xmlSecKeyDataRetrievalMethodXmlRead:file=keyinfo.c:line=1108:obj=retrieval-method:subj=xmlSecTransformCtxExecute:error=1:xmlsec 
>>>>>>
>>>>>> library function failed:
>>>>>> func=xmlSecKeyInfoNodeRead:file=keyinfo.c:line=121:obj=retrieval-method:subj=xmlSecKeyDataXmlRead:error=1:xmlsec 
>>>>>>
>>>>>> library function failed:node=RetrievalMethod
>>>>>> func=xmlSecKeysMngrGetKey:file=keys.c:line=1234:obj=unknown:subj=xmlSecKeyInfoNodeRead:error=1:xmlsec 
>>>>>>
>>>>>> library function failed:node=KeyInfo
>>>>>> func=xmlSecEncCtxEncDataNodeRead:file=xmlenc.c:line=779:obj=unknown:subj=unknown:error=45:key 
>>>>>>
>>>>>> is not found:encMethod=aes256-gcm
>>>>>> func=xmlSecEncCtxDecryptToBuffer:file=xmlenc.c:line=596:obj=unknown:subj=xmlSecEncCtxEncDataNodeRead:error=1:xmlsec 
>>>>>>
>>>>>> library function failed:
>>>>>> func=xmlSecEncCtxDecrypt:file=xmlenc.c:line=524:obj=unknown:subj=xmlSecEncCtxDecryptToBuffer:error=1:xmlsec 
>>>>>>
>>>>>> library function failed:
>>>>>> Error: failed to decrypt file
>>>>>> Error: failed to decrypt file "test.xml"
>>>>>>
>>>>>> Timothy Legge
>>>>>> timlegge at gmail.com
>>>>>> timlegge at cpan.org
>>>>>>
>>>>>> On Tue, Mar 29, 2022 at 1:25 PM Timothy Legge <timlegge at gmail.com> 
>>>>>> wrote:
>>>>>>>
>>>>>>> perfect.  I do get errors but my laptop is home at the moment.  I 
>>>>>>> will test again tonight and let you know.
>>>>>>>
>>>>>>> Tim
>>>>>>>
>>>>>>> On Tue., Mar. 29, 2022, 12:57 p.m. Aleksey Sanin, 
>>>>>>> <aleksey at aleksey.com> wrote:
>>>>>>>>
>>>>>>>> Well, the gcm code for openssl is here:
>>>>>>>>
>>>>>>>> https://github.com/lsh123/xmlsec/blob/4b6ab2d86b71f8642f19ab3b7a0777984b6bce9a/src/openssl/ciphers.c#L80 
>>>>>>>>
>>>>>>>>
>>>>>>>> so adding printfs in these functions would help.
>>>>>>>>
>>>>>>>> Do you get any errors?
>>>>>>>>
>>>>>>>> Aleksey
>>>>>>>>
>>>>>>>> On 3/29/22 11:51 AM, Timothy Legge wrote:
>>>>>>>>> Hi
>>>>>>>>>
>>>>>>>>> I am working on adding support for aes*-gcm to perl's 
>>>>>>>>> XML::Enc.  I can:
>>>>>>>>>
>>>>>>>>> 1. Decrypt SAML responses encrypted with aes*-gcm using XML::Enc
>>>>>>>>> 2. Decrypt xmlsec encrypted aes*-gcm XML using XML::Enc
>>>>>>>>> 3. Encrypt XML using aes*-gcm with XML::Sec
>>>>>>>>> 4. Decrypt XML that was encrypted with XML::Sec using ases*-gcm
>>>>>>>>>
>>>>>>>>> However, I cannot use xmlsec to decrypt XML::Sec encrypted XML 
>>>>>>>>> that
>>>>>>>>> uses aes*-gcm.
>>>>>>>>>
>>>>>>>>> I can't think of any issues that would allow me to encrypt and 
>>>>>>>>> decrypt
>>>>>>>>> XML successfully with XML::Enc but not allow xmlsec to decrypt 
>>>>>>>>> those
>>>>>>>>> files.
>>>>>>>>>
>>>>>>>>> I was wondering if there is a debug flag for XML sec that would 
>>>>>>>>> allow
>>>>>>>>> me to output the following:
>>>>>>>>>
>>>>>>>>> 1. base64 of the CipherValue it reads from the XML file
>>>>>>>>> 2. base 64 of IV
>>>>>>>>> 3 base64 of encrypted data
>>>>>>>>> 4 base 64 of the tag
>>>>>>>>> 5 base 64 of the key
>>>>>>>>>
>>>>>>>>> I don't mind adding some print debugging and recompiling if you 
>>>>>>>>> can
>>>>>>>>> point me to a starting place.  It has been a while since I 
>>>>>>>>> wrote much
>>>>>>>>> C but I have no issues.  Finding the correct spot though...
>>>>>>>>>
>>>>>>>>> Tim
>>>>>>>>>
>>>>>>>>> Timothy Legge
>>>>>>>>> timlegge at gmail.com
>>>>>>>>> timlegge at cpan.org
>>>>>>>>> _______________________________________________
>>>>>>>>> xmlsec mailing list
>>>>>>>>> xmlsec at aleksey.com
>>>>>>>>> http://www.aleksey.com/mailman/listinfo/xmlsec
>>>> _______________________________________________
>>>> xmlsec mailing list
>>>> xmlsec at aleksey.com
>>>> http://www.aleksey.com/mailman/listinfo/xmlsec
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec