v2.9.2 + ASP.NET MVC 4.8 = Error occurred during a cryptographic operation.

[cbeckner12]

I have been using 2.9.1 for a few years and have just upgraded to 2.9.2. Now when a request is sent back to /Saml2/acs, it is erroring out with this error:

Exception Details: System.Security.Cryptography.CryptographicException: Error occurred during a cryptographic operation.

Stack Trace:

[CryptographicException: Error occurred during a cryptographic operation.] System.Web.Security.Cryptography.HomogenizingCryptoServiceWrapper.HomogenizeErrors(Func2 func, Byte[] input) +176 Sustainsys.Saml2.WebSso.HttpRequestData.Init(String httpMethod, Uri url, String applicationPath, IEnumerable1 formData, Func2 cookieReader, Func2 cookieDecryptor, ClaimsPrincipal user) +273 Sustainsys.Saml2.Owin.d__0.MoveNext() +978 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +32 ......

This particular setup hosts many websites which all have their own configuration and /saml path, so I'm not using the web.config to host the settings. I do see that v2.9.2 has the following security fixes:

• Security Fix: Bind state and assertion to response issuer.
• Security Fix: Bind request state to module path to prevent substitution.

I'm assuming that these are the causes of the issue, but am not sure how to change my coding to fix the crypto error. Can you please advise?

Thanks!

Chad

[AndersAbel]

None of the fixes in 2.9.2 are related to the crypto code for signature validation. If it would have been a general issue with the crypto after that release I would have heard about it. I think it is a pure coincidence that the error is happening after the upgrade.

Unfortunately the exception details are very vague. The stack trace indicates that it is the decryption of the state cookie that fails.

[AndersAbel]

I'm coming back to this after realizing that this in fact might be related to the patches in 2.9.2.

The data protection purpose is now bound to the module path, please see https://github.com/Sustainsys/Saml2/commit/d9e4ff83688d9ebb1ff82a201fab94f1131b7692#diff-74b1739eaedd603552fb5112a05eed286d1deadbba7ab9521782459bd1e5a831.

If your configuration for the multiple site scenario alters the module path to change the path the module listens to that might actually make the cookie state decryption fail. Reverting back to 2.9.1 should fix it. You can then go back and reconsider your multi tenancy design and evaluate if any of the security issues that where fix by these changes are applicable to your application.

[cbeckner12]

Hi,

Thank you for the update, that would explain it. I have several site (25+) that use this setup for authentication, and they all do have their own module path, which is bound to the IDP which requires them to each have their own module path. Reverting back to 2.9.1 does fix the issue, but I'm now concerned about future updates and the security fixes that you have put in not being applied. Since the path is set in the code, is there no way to make this work in a future update?

Thanks!

Chad

[AndersAbel]

If you have a unique module path per Idp it's usually better to call AddSaml2() once for each Idp. That would give you a unique authentication typ for each Idp.

But it's impossible to say if that is a better solution for your particular setup without knowing more details. If you want further help, I would be happy supply that as commercial support services. Please reach out to support@sustainsys.com for details.