search

robrichards / xmlseclibs

A PHP library for XML Security
BSD 3-Clause "New" or "Revised" License
393 stars 182 forks source link

verifyOpenSSL return error:04077068:rsa routines:RSA_verify:bad signature #125

Open ngaikwad opened 7 years ago

ngaikwad commented 7 years ago

When We call verifyOpenSSL method of XMLSecurityKey class then it return error:04077068:rsa routines:RSA_verify:bad signature.

Here is my code `$success =openssl_verify($data, $signature, $key, $algo);

    if ($success === -1) {
    echo "openssl_verify() failed with error. <br> " . openssl_error_string() . "<hr />";
} elseif ($success === 1) {
    echo "Signature verification was successful!<hr />";
} else {
    echo "Signature verification failed.  Incorrect key or data has been tampered with.<br>" . openssl_error_string() . "<hr />";
}`

I am using public cert with Signature algorithm : md5RSA and Signature hash algorithm : md5

does library support cert with md5 signature algorithm? can you please help to resolve this issue?

robrichards commented 7 years ago

It currently does not as that is not a core algorithm in the spec. Being such an insecure and obsolete algorithm, I would be hesitant about adding it to the core implementation tho may consider it. Should be fairly easy tho to subclass the XMLSecurityKey class and override the constructor adding something like the following:

        case (“http://www.w3.org/2001/04/xmldsig-more#rsa-md5”):
            $this->cryptParams['library'] = 'openssl';
            $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-md5';
            $this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING;
            $this->cryptParams['digest'] = ‘MD5’;
            if (is_array($params) && ! empty($params['type'])) {
                if ($params['type'] == 'public' || $params['type'] == 'private') {
                    $this->cryptParams['type'] = $params['type'];
                    break;
                }
            }
            throw new Exception('Certificate "type" (private/public) must be passed via parameters');

Let me know if that works in your case

ngaikwad commented 7 years ago

Thanks for your support.

after override code in constructor, I received error:04077064:rsa routines:RSA_verify:algorithm mismatch.

Below signature node used in SAML response.

<dsig:Signature>
            <dsig:SignedInfo>
                <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
                <dsig:Reference URI="#id-">
                    <dsig:Transforms>
                        <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                        <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                    </dsig:Transforms>
                    <dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                    <dsig:DigestValue></dsig:DigestValue>
                </dsig:Reference>
            </dsig:SignedInfo>
            <dsig:SignatureValue></dsig:SignatureValue>
        </dsig:Signature>

I tried to change SignatureMethod and DigestMethod algorithm to Md5 in SAML response, but still no success.

please let me know, if i missed anything.

robrichards commented 7 years ago

I would need to see your code as I am a bit confused where the rsa-sha256 is coming from if you are using md5 based certs. Is that SAML response something you are generating or getting back from a server? If it is the latter then it would be their public cert you would be using to verify the signature (in which case theirs appears to be sha256 based). Your public cert would be used from the receiving end to verify the SAML requests you are making to their system.