我正在尝试解密从名为 NemLogin 的 IdP 获得的 SAMLResponse,但收到错误:
解密数据失败(openssl 专用) - 错误:04099079:rsa 例程:RSA_padding_check_PKCS1_OAEP_mgf1:oaep 解码错误
我有一个私钥和一个由 IdP 所有者颁发的 X509 证书,并且它们的模数匹配。我已在 IdP 上连接并授权,现在使用 SAMLResponse 返回我的网站。
我正在使用 PHP-Saml 库,填充由
robrichards/xmlseclibs
库按类型设置:
case (self::RSA_OAEP):
$this->cryptParams['library'] = 'openssl';
$this->cryptParams['padding'] = OPENSSL_PKCS1_OAEP_PADDING;
$this->cryptParams['method'] = 'http://www.w3.org/2009/xmlenc11#rsa-oaep';
$this->cryptParams['hash'] = 'http://www.w3.org/2009/xmlenc11#mgf1sha1';
我可以看到它在
http://www.w3.org/2009/xmlenc11#rsa-oaep
部分失败了。回复如下:
<Response xmlns="urn:oasis:names:tc:SAML:2.0:protocol" [...]>
<Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns="urn:oasis:names:tc:SAML:2.0:assertion">[...]</Issuer>
<Status>
<StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
</Status>
<EncryptedAssertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
<xenc:EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<xenc:EncryptedKey>
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep">
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<xenc11:MGF Algorithm="http://www.w3.org/2009/xmlenc11#mgf1sha256"
xmlns:xenc11="http://www.w3.org/2009/xmlenc11#"/>
</xenc:EncryptionMethod>
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<o:SecurityTokenReference
xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<X509Data>
<X509IssuerSerial>
<X509IssuerName>[...]</X509IssuerName>
<X509SerialNumber>[...]</X509SerialNumber>
</X509IssuerSerial>
</X509Data>
</o:SecurityTokenReference>
</KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>[...]</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedKey>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>[...]</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
</EncryptedAssertion>
</Response>
我不知道我的元数据是否相关,但情况如下:
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" validUntil="2023-09-18T19:22:04Z" cacheDuration="PT604800S" entityID="https://saml.my-site.dk">
<md:SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>[...]</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:KeyDescriptor use="encryption">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>[...]</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://my-site.localhost/saml/sls"/>
<md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://my-site.localhost/saml/acs" index="1"/>
<md:AttributeConsumingService index="1">
<md:ServiceName xml:lang="en">Ignored</md:ServiceName>
<md:RequestedAttribute Name="https://data.gov.dk/model/core/specVersion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute Name="https://data.gov.dk/concept/core/nsis/loa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute Name="https://data.gov.dk/model/core/eid/professional/orgName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute Name="https://data.gov.dk/model/core/eid/professional/cvr" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
</md:AttributeConsumingService>
</md:SPSSODescriptor>
</md:EntityDescriptor>
SAML2 响应使用您的私钥进行解密。您对应的公钥已在 NemLog-in 中注册。
NemLog-in 默认使用 .NET 不支持的加密方法,也许 PHP-Saml 库也是如此。在 FoxIDs 中,支持的加密方法
http://www.w3.org/2001/04/xmlenc#aes256-cbc
和 http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p
包含在元数据中。
像这样:
<m:KeyDescriptor use="encryption">
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<KeyName>pAK7Fykprg0K2mL2hkMpw13ClIM=</KeyName>
<X509Data>
<X509Certificate>MIIGOjCC ...xxx... oJu0i56xDA=</X509Certificate>
</X509Data>
</KeyInfo>
<m:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
<m:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
</m:KeyDescriptor>
来自 FoxIDs NemLog-in 测试配置的元数据 eksample: https://foxys.com/test-corp/nemlogin-test/.nemlogin./saml/spmetadata