解密数据失败:RSA_padding_check_PKCS1_OAEP_mgf1:oaep解码错误

问题描述 投票:0回答:1

我正在尝试解密从名为 NemLogin 的 IdP 获得的 SAMLResponse,但收到错误:

解密数据失败(openssl 专用) - 错误:04099079:rsa 例程:RSA_padding_check_PKCS1_OAEP_mgf1:oaep 解码错误

我有一个私钥和一个由 IdP 所有者颁发的 X509 证书,并且它们的模数匹配。我已在 IdP 上连接并授权,现在使用 SAMLResponse 返回我的网站。

我正在使用 PHP-Saml 库,填充由 

robrichards/xmlseclibs
库按类型设置:

case (self::RSA_OAEP):
  $this->cryptParams['library'] = 'openssl';
  $this->cryptParams['padding'] = OPENSSL_PKCS1_OAEP_PADDING;
  $this->cryptParams['method'] = 'http://www.w3.org/2009/xmlenc11#rsa-oaep';
  $this->cryptParams['hash'] = 'http://www.w3.org/2009/xmlenc11#mgf1sha1';

我可以看到它在 

http://www.w3.org/2009/xmlenc11#rsa-oaep
部分失败了。回复如下:

<Response xmlns="urn:oasis:names:tc:SAML:2.0:protocol" [...]>
  <Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns="urn:oasis:names:tc:SAML:2.0:assertion">[...]</Issuer>
  <Status>
    <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </Status>
  <EncryptedAssertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
    <xenc:EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
      <xenc:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <xenc:EncryptedKey>
          <xenc:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep">
            <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
            <xenc11:MGF Algorithm="http://www.w3.org/2009/xmlenc11#mgf1sha256"
                        xmlns:xenc11="http://www.w3.org/2009/xmlenc11#"/>
          </xenc:EncryptionMethod>
          <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
            <o:SecurityTokenReference
              xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
              <X509Data>
                <X509IssuerSerial>
                  <X509IssuerName>[...]</X509IssuerName>
                  <X509SerialNumber>[...]</X509SerialNumber>
                </X509IssuerSerial>
              </X509Data>
            </o:SecurityTokenReference>
          </KeyInfo>
          <xenc:CipherData>
            <xenc:CipherValue>[...]</xenc:CipherValue>
          </xenc:CipherData>
        </xenc:EncryptedKey>
      </ds:KeyInfo>
      <xenc:CipherData>
        <xenc:CipherValue>[...]</xenc:CipherValue>
      </xenc:CipherData>
    </xenc:EncryptedData>
  </EncryptedAssertion>
</Response>

我不知道我的元数据是否相关,但情况如下:

<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" validUntil="2023-09-18T19:22:04Z" cacheDuration="PT604800S" entityID="https://saml.my-site.dk">
  <md:SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    <md:KeyDescriptor use="signing">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
          <ds:X509Certificate>[...]</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:KeyDescriptor use="encryption">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
          <ds:X509Certificate>[...]</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://my-site.localhost/saml/sls"/>
    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://my-site.localhost/saml/acs" index="1"/>
    <md:AttributeConsumingService index="1">
      <md:ServiceName xml:lang="en">Ignored</md:ServiceName>
      <md:RequestedAttribute Name="https://data.gov.dk/model/core/specVersion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute Name="https://data.gov.dk/concept/core/nsis/loa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute Name="https://data.gov.dk/model/core/eid/professional/orgName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute Name="https://data.gov.dk/model/core/eid/professional/cvr" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
    </md:AttributeConsumingService>
  </md:SPSSODescriptor>
</md:EntityDescriptor>
php drupal nemlogin
1个回答
0
投票

SAML2 响应使用您的私钥进行解密。您对应的公钥已在 NemLog-in 中注册。

NemLog-in 默认使用 .NET 不支持的加密方法,也许 PHP-Saml 库也是如此。在 FoxIDs 中,支持的加密方法 

http://www.w3.org/2001/04/xmlenc#aes256-cbc
http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p
包含在元数据中。

像这样:

<m:KeyDescriptor use="encryption">  
 <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
    <KeyName>pAK7Fykprg0K2mL2hkMpw13ClIM=</KeyName>
    <X509Data>
      <X509Certificate>MIIGOjCC ...xxx... oJu0i56xDA=</X509Certificate>
    </X509Data>
  </KeyInfo>
  <m:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
  <m:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
</m:KeyDescriptor>

来自 FoxIDs NemLog-in 测试配置的元数据 eksample: https://foxys.com/test-corp/nemlogin-test/.nemlogin./saml/spmetadata

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.