[xmlsec] Can't decrypt GCM based algorithms
Timothy Legge
timlegge at gmail.com
Wed Mar 30 01:27:59 UTC 2022
Hi
I little more information
https://github.com/lsh123/xmlsec/blob/4b6ab2d86b71f8642f19ab3b7a0777984b6bce9a/src/openssl/ciphers.c#L166
definitely unencrypted the data
If I add printf("%s\n", outBuf); before the return at the end of
the function it prints the unencrypted XML
Tim
Timothy Legge
timlegge at gmail.com
timlegge at cpan.org
On Tue, Mar 29, 2022 at 9:23 PM Timothy Legge <timlegge at gmail.com> wrote:
>
> I read https://www.w3.org/TR/xmlenc-core/#sec-AES-GCM as requiring no padding.
>
> No padding should be used during encryption
>
> but if I read 5.2.4 AES-GCM in the context of section 5.2 Block
> Encryption Algorithms then I guess the padding is required.
>
> Great things these standards :-)
>
> Tim
>
> Timothy Legge
> timlegge at gmail.com
> timlegge at cpan.org
>
> On Tue, Mar 29, 2022 at 9:12 PM Aleksey Sanin <aleksey at aleksey.com> wrote:
> >
> > Sorry forgot to add a pointer:
> >
> > https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.html#sec-Alg-Block
> >
> > This is not the standard RFC 1423 padding that most of the software is
> > using these days.
> >
> > Aleksey
> >
> > On 3/29/22 8:10 PM, Aleksey Sanin wrote:
> > > I would check what kind of padding is used by the encryption software.
> > > That's one of the most common reasons for EVP_CipherFinal failure like
> > > that.
> > >
> > > Aleksey
> > >
> > > On 3/29/22 6:35 PM, Timothy Legge wrote:
> > >> That likely answers that particular issue. My module issue looks like
> > >> this:
> > >>
> > >> xmlsec1 --decrypt --privkey-pem
> > >> ~/perl-Net-SAML2/xt/testapp/sign-private.pem tmp.xml
> > >> func=xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock:file=ciphers.c:line=250:obj=aes256-gcm:subj=EVP_CipherFinal:error=4:crypto
> > >>
> > >> library function failed:openssl error: 0: NULL: NULL NULL
> > >> func=xmlSecOpenSSLEvpBlockCipherGCMCtxFinal:file=ciphers.c:line=557:obj=aes256-gcm:subj=xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock:error=1:xmlsec
> > >>
> > >> library function failed:
> > >> func=xmlSecOpenSSLEvpBlockCipherExecute:file=ciphers.c:line=843:obj=aes256-gcm:subj=xmlSecOpenSSLEvpBlockCipherCtxFinal:error=1:xmlsec
> > >>
> > >> library function failed:
> > >> func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1927:obj=aes256-gcm:subj=xmlSecTransformExecute:error=1:xmlsec
> > >>
> > >> library function failed:final=1
> > >> func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1952:obj=aes256-gcm:subj=xmlSecTransformPushBin:error=1:xmlsec
> > >>
> > >> library function failed:final=1;outSize=74
> > >> func=xmlSecTransformCtxBinaryExecute:file=transforms.c:line=941:obj=unknown:subj=xmlSecTransformPushBin:error=1:xmlsec
> > >>
> > >> library function failed:dataSize=102
> > >> func=xmlSecEncCtxDecryptToBuffer:file=xmlenc.c:line=614:obj=unknown:subj=xmlSecTransformCtxBinaryExecute:error=1:xmlsec
> > >>
> > >> library function failed:
> > >> func=xmlSecEncCtxDecrypt:file=xmlenc.c:line=524:obj=unknown:subj=xmlSecEncCtxDecryptToBuffer:error=1:xmlsec
> > >>
> > >> library function failed:
> > >> Error: failed to decrypt file
> > >> Error: failed to decrypt file "tmp.xml"
> > >>
> > >>
> > >>
> > >> Timothy Legge
> > >> timlegge at gmail.com
> > >> timlegge at cpan.org
> > >>
> > >> On Tue, Mar 29, 2022 at 6:57 PM Aleksey Sanin <aleksey at aleksey.com>
> > >> wrote:
> > >>>
> > >>> Yes, basically you need to tell XML parser about ID attributes.
> > >>> As I said, section 3.2 in FAQ:
> > >>>
> > >>> https://www.aleksey.com/xmlsec/faq.html
> > >>>
> > >>> Aleksey
> > >>>
> > >>> On 3/29/22 5:52 PM, Timothy Legge wrote:
> > >>>> Hi
> > >>>>
> > >>>> I am missing the reference I think. Is it related to the --id-attr?
> > >>>>
> > >>>> Timothy Legge
> > >>>> timlegge at gmail.com
> > >>>> timlegge at cpan.org
> > >>>>
> > >>>> On Tue, Mar 29, 2022 at 6:36 PM Aleksey Sanin <aleksey at aleksey.com>
> > >>>> wrote:
> > >>>>>
> > >>>>> FAQ section 3.2 if I recall (or somewhere close by).
> > >>>>>
> > >>>>> Aleksey
> > >>>>>
> > >>>>> On 3/29/22 5:34 PM, Timothy Legge wrote:
> > >>>>>> Hi
> > >>>>>>
> > >>>>>> It also seems to be an issue with a IdP SAMLResponse from okta:
> > >>>>>>
> > >>>>>> I have attached the xml as test xml and the base64 version as well as
> > >>>>>> the private key (that private key is from perl-Net-SAML2 and is
> > >>>>>> already public so it is fine to post). My perl XML::Enc module
> > >>>>>> decrypts this file without any issues.
> > >>>>>>
> > >>>>>> I am continuing to review.
> > >>>>>>
> > >>>>>> Tim
> > >>>>>>
> > >>>>>> xmlsec1 --decrypt --privkey-pem sign-private-rsa.pem test.xml
> > >>>>>> func=xmlSecXPathDataExecute:file=xpath.c:line=246:obj=unknown:subj=xmlXPtrEval:error=5:libxml2
> > >>>>>>
> > >>>>>> library function
> > >>>>>> failed:expr=xpointer(id('_040a0aae3380dc9275ae08c24a8ddd72')); xml
> > >>>>>> error: 0: NULL
> > >>>>>> func=xmlSecXPathDataListExecute:file=xpath.c:line=330:obj=unknown:subj=xmlSecXPathDataExecute:error=1:xmlsec
> > >>>>>>
> > >>>>>> library function failed:
> > >>>>>> func=xmlSecTransformXPathExecute:file=xpath.c:line=430:obj=xpointer:subj=xmlSecXPathDataListExecute:error=1:xmlsec
> > >>>>>>
> > >>>>>> library function failed:
> > >>>>>> func=xmlSecTransformDefaultPushXml:file=transforms.c:line=2108:obj=xpointer:subj=xmlSecTransformExecute:error=1:xmlsec
> > >>>>>>
> > >>>>>> library function failed:
> > >>>>>> func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1044:obj=xpointer:subj=xmlSecTransformPushXml:error=1:xmlsec
> > >>>>>>
> > >>>>>> library function failed:
> > >>>>>> func=xmlSecTransformCtxExecute:file=transforms.c:line=1092:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec
> > >>>>>>
> > >>>>>> library function failed:
> > >>>>>> func=xmlSecKeyDataRetrievalMethodXmlRead:file=keyinfo.c:line=1108:obj=retrieval-method:subj=xmlSecTransformCtxExecute:error=1:xmlsec
> > >>>>>>
> > >>>>>> library function failed:
> > >>>>>> func=xmlSecKeyInfoNodeRead:file=keyinfo.c:line=121:obj=retrieval-method:subj=xmlSecKeyDataXmlRead:error=1:xmlsec
> > >>>>>>
> > >>>>>> library function failed:node=RetrievalMethod
> > >>>>>> func=xmlSecKeysMngrGetKey:file=keys.c:line=1234:obj=unknown:subj=xmlSecKeyInfoNodeRead:error=1:xmlsec
> > >>>>>>
> > >>>>>> library function failed:node=KeyInfo
> > >>>>>> func=xmlSecEncCtxEncDataNodeRead:file=xmlenc.c:line=779:obj=unknown:subj=unknown:error=45:key
> > >>>>>>
> > >>>>>> is not found:encMethod=aes256-gcm
> > >>>>>> func=xmlSecEncCtxDecryptToBuffer:file=xmlenc.c:line=596:obj=unknown:subj=xmlSecEncCtxEncDataNodeRead:error=1:xmlsec
> > >>>>>>
> > >>>>>> library function failed:
> > >>>>>> func=xmlSecEncCtxDecrypt:file=xmlenc.c:line=524:obj=unknown:subj=xmlSecEncCtxDecryptToBuffer:error=1:xmlsec
> > >>>>>>
> > >>>>>> library function failed:
> > >>>>>> Error: failed to decrypt file
> > >>>>>> Error: failed to decrypt file "test.xml"
> > >>>>>>
> > >>>>>> Timothy Legge
> > >>>>>> timlegge at gmail.com
> > >>>>>> timlegge at cpan.org
> > >>>>>>
> > >>>>>> On Tue, Mar 29, 2022 at 1:25 PM Timothy Legge <timlegge at gmail.com>
> > >>>>>> wrote:
> > >>>>>>>
> > >>>>>>> perfect. I do get errors but my laptop is home at the moment. I
> > >>>>>>> will test again tonight and let you know.
> > >>>>>>>
> > >>>>>>> Tim
> > >>>>>>>
> > >>>>>>> On Tue., Mar. 29, 2022, 12:57 p.m. Aleksey Sanin,
> > >>>>>>> <aleksey at aleksey.com> wrote:
> > >>>>>>>>
> > >>>>>>>> Well, the gcm code for openssl is here:
> > >>>>>>>>
> > >>>>>>>> https://github.com/lsh123/xmlsec/blob/4b6ab2d86b71f8642f19ab3b7a0777984b6bce9a/src/openssl/ciphers.c#L80
> > >>>>>>>>
> > >>>>>>>>
> > >>>>>>>> so adding printfs in these functions would help.
> > >>>>>>>>
> > >>>>>>>> Do you get any errors?
> > >>>>>>>>
> > >>>>>>>> Aleksey
> > >>>>>>>>
> > >>>>>>>> On 3/29/22 11:51 AM, Timothy Legge wrote:
> > >>>>>>>>> Hi
> > >>>>>>>>>
> > >>>>>>>>> I am working on adding support for aes*-gcm to perl's
> > >>>>>>>>> XML::Enc. I can:
> > >>>>>>>>>
> > >>>>>>>>> 1. Decrypt SAML responses encrypted with aes*-gcm using XML::Enc
> > >>>>>>>>> 2. Decrypt xmlsec encrypted aes*-gcm XML using XML::Enc
> > >>>>>>>>> 3. Encrypt XML using aes*-gcm with XML::Sec
> > >>>>>>>>> 4. Decrypt XML that was encrypted with XML::Sec using ases*-gcm
> > >>>>>>>>>
> > >>>>>>>>> However, I cannot use xmlsec to decrypt XML::Sec encrypted XML
> > >>>>>>>>> that
> > >>>>>>>>> uses aes*-gcm.
> > >>>>>>>>>
> > >>>>>>>>> I can't think of any issues that would allow me to encrypt and
> > >>>>>>>>> decrypt
> > >>>>>>>>> XML successfully with XML::Enc but not allow xmlsec to decrypt
> > >>>>>>>>> those
> > >>>>>>>>> files.
> > >>>>>>>>>
> > >>>>>>>>> I was wondering if there is a debug flag for XML sec that would
> > >>>>>>>>> allow
> > >>>>>>>>> me to output the following:
> > >>>>>>>>>
> > >>>>>>>>> 1. base64 of the CipherValue it reads from the XML file
> > >>>>>>>>> 2. base 64 of IV
> > >>>>>>>>> 3 base64 of encrypted data
> > >>>>>>>>> 4 base 64 of the tag
> > >>>>>>>>> 5 base 64 of the key
> > >>>>>>>>>
> > >>>>>>>>> I don't mind adding some print debugging and recompiling if you
> > >>>>>>>>> can
> > >>>>>>>>> point me to a starting place. It has been a while since I
> > >>>>>>>>> wrote much
> > >>>>>>>>> C but I have no issues. Finding the correct spot though...
> > >>>>>>>>>
> > >>>>>>>>> Tim
> > >>>>>>>>>
> > >>>>>>>>> Timothy Legge
> > >>>>>>>>> timlegge at gmail.com
> > >>>>>>>>> timlegge at cpan.org
> > >>>>>>>>> _______________________________________________
> > >>>>>>>>> xmlsec mailing list
> > >>>>>>>>> xmlsec at aleksey.com
> > >>>>>>>>> http://www.aleksey.com/mailman/listinfo/xmlsec
> > >>>> _______________________________________________
> > >>>> xmlsec mailing list
> > >>>> xmlsec at aleksey.com
> > >>>> http://www.aleksey.com/mailman/listinfo/xmlsec
> > > _______________________________________________
> > > xmlsec mailing list
> > > xmlsec at aleksey.com
> > > http://www.aleksey.com/mailman/listinfo/xmlsec
More information about the xmlsec
mailing list