search

node-saml / xml-crypto

Xml digital signature and encryption library for Node.js
MIT License
198 stars 173 forks source link

Signature validation calculated digest doesn't match #132

Closed mikevbaker closed 1 year ago

mikevbaker commented 7 years ago

Hi all, I'm working with passport-saml in Amazon Web Service Elastic Beanstalk NodeJS. I have this setup in config:

passport: {
     strategy: 'saml',
     saml: {
        path: process.env.SAML_PATH || '/sso/acs',
        entryPoint: process.env.SAML_ENTRY_POINT || 'https://idp-domain.com/folder/saml20/login',
         issuer: 'passport-saml',
        cert: process.env.SAML_CERT || 'MIIGm .... iBJdLEPo+OdIW'
     }
}

which is used in this strategy:

const SamlStrategy = require('passport-saml').Strategy;
var samlStrategy = new SamlStrategy(
    {
        path: config.passport.saml.path,
        entryPoint: config.passport.saml.entryPoint,
        issuer: config.passport.saml.issuer,
        cert: config.passport.saml.cert,
        acceptedClockSkewMs: 60000
    },
    function (profile, done) {
        return done(null,
        {
            id: profile.uid,
            email: profile.email,
            displayName: profile.cn,
            firstName: profile.givenName
            lastName: profile.sn
        });
    });

This is an excerpt from a samlp:Response that is sent from the IdP to my /sso/acs post handler.

<ds:SignedInfo>
  <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#Assertion-uuidf5cec21-015c-1744-8ab6-e42f35dbee20">
    <ds:Transforms>
      <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
      <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
        <xc14n:InclusiveNamespaces xmlns:xc14n="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs saml xsi"/>
      </ds:Transform>
    </ds:Transforms>
    <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
    <ds:DigestValue>DZSPFDmb1ag4wvxjOKdcpFxGa2c=</ds:DigestValue>
  </ds:Reference>
</ds:SignedInfo>

I traced the operation down into xml-crypto and I found it stuffing this into the validationErrors. invalid signature: for uri #Assertion-uuidf5cec21-015c-1744-8ab6-e42f35dbee20 calculated digest is 0xcAC4ltyxSDCKKE+miR6uge/gs= but the xml to validate supplies digest DZSPFDmb1ag4wvxjOKdcpFxGa2c=

I also found that the hash algorithm name that was selected was http://www.w3.org/2000/09/xmldsig#sha1

I've read everything I can find on the topic. The enveloped-signature is first in the transforms, I modified the code to force samlp to be included in the PrefixList, I forced the PrefixList to exactly match what's in the test.js file, I dumped canonXml out to the log and made sure there aren't any trailing characters on line endings (it's all one line as far as I can tell). I also tried it with and without my private key. This is my first NodeJS SAML experience so I might be missing something obvious. Can anyone see a problem here? Do I need to change something in the setup to handle this? Do you need to see more code, the canonXml or perhaps the whole samlp:Response xml?

TIA Mike

misanche commented 7 years ago

I'm getting the same problem, did you solve it?

mikevbaker commented 7 years ago

I switched to express-saml2. It also makes use of xml-crypto but doesn't seem to have the same problem with the signature.

Mike

tngan commented 7 years ago

@mikevbaker Please switch to samlify as soon as possible, the old version (express-saml2) is already deprecated and has security issue.

james-gardner commented 5 years ago

What if all you want to do is verify a signature?

cjbarth commented 1 year ago

Several such issues were fixed since this issue was reported in newer versions of xml-crypto, passport-saml, and node-saml. Please try those versions and, if you are still having an issue, please reply to this issue but also please include the version numbers you are using.