I think I figured it out. The encryption does not appear to be using the additional authentication data that GCM provides.
Tim Timothy Legge [email protected] [email protected] On Wed, Mar 30, 2022 at 8:32 AM Timothy Legge <[email protected]> wrote: > > Hi > > I have confirmed that all my values are the values that xmlsec gets. > IV, ciphertext and tag. > > I have seen some references that say in order to decrypt the > ciphertext properly you need the IV, authentication data and the tag. > > However, the XML spec says to only provide the concatenation of IV . > CIPHERTEXT . TAG there appears to be nowhere to pass the > authentication data. Am I missing something? > > Tim > > > Timothy Legge > [email protected] > [email protected] > > On Tue, Mar 29, 2022 at 10:27 PM Timothy Legge <[email protected]> wrote: > > > > Hi > > > > I little more information > > https://github.com/lsh123/xmlsec/blob/4b6ab2d86b71f8642f19ab3b7a0777984b6bce9a/src/openssl/ciphers.c#L166 > > definitely unencrypted the data > > > > If I add printf("%s\n", outBuf); before the return at the end of > > the function it prints the unencrypted XML > > > > Tim > > Timothy Legge > > [email protected] > > [email protected] > > > > On Tue, Mar 29, 2022 at 9:23 PM Timothy Legge <[email protected]> wrote: > > > > > > I read https://www.w3.org/TR/xmlenc-core/#sec-AES-GCM as requiring no > > > padding. > > > > > > No padding should be used during encryption > > > > > > but if I read 5.2.4 AES-GCM in the context of section 5.2 Block > > > Encryption Algorithms then I guess the padding is required. > > > > > > Great things these standards :-) > > > > > > Tim > > > > > > Timothy Legge > > > [email protected] > > > [email protected] > > > > > > On Tue, Mar 29, 2022 at 9:12 PM Aleksey Sanin <[email protected]> wrote: > > > > > > > > Sorry forgot to add a pointer: > > > > > > > > https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.html#sec-Alg-Block > > > > > > > > This is not the standard RFC 1423 padding that most of the software is > > > > using these days. > > > > > > > > Aleksey > > > > > > > > On 3/29/22 8:10 PM, Aleksey Sanin wrote: > > > > > I would check what kind of padding is used by the encryption software. > > > > > That's one of the most common reasons for EVP_CipherFinal failure like > > > > > that. > > > > > > > > > > Aleksey > > > > > > > > > > On 3/29/22 6:35 PM, Timothy Legge wrote: > > > > >> That likely answers that particular issue. My module issue looks > > > > >> like > > > > >> this: > > > > >> > > > > >> xmlsec1 --decrypt --privkey-pem > > > > >> ~/perl-Net-SAML2/xt/testapp/sign-private.pem tmp.xml > > > > >> func=xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock:file=ciphers.c:line=250:obj=aes256-gcm:subj=EVP_CipherFinal:error=4:crypto > > > > >> > > > > >> library function failed:openssl error: 0: NULL: NULL NULL > > > > >> func=xmlSecOpenSSLEvpBlockCipherGCMCtxFinal:file=ciphers.c:line=557:obj=aes256-gcm:subj=xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock:error=1:xmlsec > > > > >> > > > > >> library function failed: > > > > >> func=xmlSecOpenSSLEvpBlockCipherExecute:file=ciphers.c:line=843:obj=aes256-gcm:subj=xmlSecOpenSSLEvpBlockCipherCtxFinal:error=1:xmlsec > > > > >> > > > > >> library function failed: > > > > >> func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1927:obj=aes256-gcm:subj=xmlSecTransformExecute:error=1:xmlsec > > > > >> > > > > >> library function failed:final=1 > > > > >> func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1952:obj=aes256-gcm:subj=xmlSecTransformPushBin:error=1:xmlsec > > > > >> > > > > >> library function failed:final=1;outSize=74 > > > > >> func=xmlSecTransformCtxBinaryExecute:file=transforms.c:line=941:obj=unknown:subj=xmlSecTransformPushBin:error=1:xmlsec > > > > >> > > > > >> library function failed:dataSize=102 > > > > >> func=xmlSecEncCtxDecryptToBuffer:file=xmlenc.c:line=614:obj=unknown:subj=xmlSecTransformCtxBinaryExecute:error=1:xmlsec > > > > >> > > > > >> library function failed: > > > > >> func=xmlSecEncCtxDecrypt:file=xmlenc.c:line=524:obj=unknown:subj=xmlSecEncCtxDecryptToBuffer:error=1:xmlsec > > > > >> > > > > >> library function failed: > > > > >> Error: failed to decrypt file > > > > >> Error: failed to decrypt file "tmp.xml" > > > > >> > > > > >> > > > > >> > > > > >> Timothy Legge > > > > >> [email protected] > > > > >> [email protected] > > > > >> > > > > >> On Tue, Mar 29, 2022 at 6:57 PM Aleksey Sanin <[email protected]> > > > > >> wrote: > > > > >>> > > > > >>> Yes, basically you need to tell XML parser about ID attributes. > > > > >>> As I said, section 3.2 in FAQ: > > > > >>> > > > > >>> https://www.aleksey.com/xmlsec/faq.html > > > > >>> > > > > >>> Aleksey > > > > >>> > > > > >>> On 3/29/22 5:52 PM, Timothy Legge wrote: > > > > >>>> Hi > > > > >>>> > > > > >>>> I am missing the reference I think. Is it related to the > > > > >>>> --id-attr? > > > > >>>> > > > > >>>> Timothy Legge > > > > >>>> [email protected] > > > > >>>> [email protected] > > > > >>>> > > > > >>>> On Tue, Mar 29, 2022 at 6:36 PM Aleksey Sanin <[email protected]> > > > > >>>> wrote: > > > > >>>>> > > > > >>>>> FAQ section 3.2 if I recall (or somewhere close by). > > > > >>>>> > > > > >>>>> Aleksey > > > > >>>>> > > > > >>>>> On 3/29/22 5:34 PM, Timothy Legge wrote: > > > > >>>>>> Hi > > > > >>>>>> > > > > >>>>>> It also seems to be an issue with a IdP SAMLResponse from okta: > > > > >>>>>> > > > > >>>>>> I have attached the xml as test xml and the base64 version as > > > > >>>>>> well as > > > > >>>>>> the private key (that private key is from perl-Net-SAML2 and is > > > > >>>>>> already public so it is fine to post). My perl XML::Enc module > > > > >>>>>> decrypts this file without any issues. > > > > >>>>>> > > > > >>>>>> I am continuing to review. > > > > >>>>>> > > > > >>>>>> Tim > > > > >>>>>> > > > > >>>>>> xmlsec1 --decrypt --privkey-pem sign-private-rsa.pem test.xml > > > > >>>>>> func=xmlSecXPathDataExecute:file=xpath.c:line=246:obj=unknown:subj=xmlXPtrEval:error=5:libxml2 > > > > >>>>>> > > > > >>>>>> library function > > > > >>>>>> failed:expr=xpointer(id('_040a0aae3380dc9275ae08c24a8ddd72')); > > > > >>>>>> xml > > > > >>>>>> error: 0: NULL > > > > >>>>>> func=xmlSecXPathDataListExecute:file=xpath.c:line=330:obj=unknown:subj=xmlSecXPathDataExecute:error=1:xmlsec > > > > >>>>>> > > > > >>>>>> library function failed: > > > > >>>>>> func=xmlSecTransformXPathExecute:file=xpath.c:line=430:obj=xpointer:subj=xmlSecXPathDataListExecute:error=1:xmlsec > > > > >>>>>> > > > > >>>>>> library function failed: > > > > >>>>>> func=xmlSecTransformDefaultPushXml:file=transforms.c:line=2108:obj=xpointer:subj=xmlSecTransformExecute:error=1:xmlsec > > > > >>>>>> > > > > >>>>>> library function failed: > > > > >>>>>> func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1044:obj=xpointer:subj=xmlSecTransformPushXml:error=1:xmlsec > > > > >>>>>> > > > > >>>>>> library function failed: > > > > >>>>>> func=xmlSecTransformCtxExecute:file=transforms.c:line=1092:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec > > > > >>>>>> > > > > >>>>>> library function failed: > > > > >>>>>> func=xmlSecKeyDataRetrievalMethodXmlRead:file=keyinfo.c:line=1108:obj=retrieval-method:subj=xmlSecTransformCtxExecute:error=1:xmlsec > > > > >>>>>> > > > > >>>>>> library function failed: > > > > >>>>>> func=xmlSecKeyInfoNodeRead:file=keyinfo.c:line=121:obj=retrieval-method:subj=xmlSecKeyDataXmlRead:error=1:xmlsec > > > > >>>>>> > > > > >>>>>> library function failed:node=RetrievalMethod > > > > >>>>>> func=xmlSecKeysMngrGetKey:file=keys.c:line=1234:obj=unknown:subj=xmlSecKeyInfoNodeRead:error=1:xmlsec > > > > >>>>>> > > > > >>>>>> library function failed:node=KeyInfo > > > > >>>>>> func=xmlSecEncCtxEncDataNodeRead:file=xmlenc.c:line=779:obj=unknown:subj=unknown:error=45:key > > > > >>>>>> > > > > >>>>>> is not found:encMethod=aes256-gcm > > > > >>>>>> func=xmlSecEncCtxDecryptToBuffer:file=xmlenc.c:line=596:obj=unknown:subj=xmlSecEncCtxEncDataNodeRead:error=1:xmlsec > > > > >>>>>> > > > > >>>>>> library function failed: > > > > >>>>>> func=xmlSecEncCtxDecrypt:file=xmlenc.c:line=524:obj=unknown:subj=xmlSecEncCtxDecryptToBuffer:error=1:xmlsec > > > > >>>>>> > > > > >>>>>> library function failed: > > > > >>>>>> Error: failed to decrypt file > > > > >>>>>> Error: failed to decrypt file "test.xml" > > > > >>>>>> > > > > >>>>>> Timothy Legge > > > > >>>>>> [email protected] > > > > >>>>>> [email protected] > > > > >>>>>> > > > > >>>>>> On Tue, Mar 29, 2022 at 1:25 PM Timothy Legge > > > > >>>>>> <[email protected]> > > > > >>>>>> wrote: > > > > >>>>>>> > > > > >>>>>>> perfect. I do get errors but my laptop is home at the moment. > > > > >>>>>>> I > > > > >>>>>>> will test again tonight and let you know. > > > > >>>>>>> > > > > >>>>>>> Tim > > > > >>>>>>> > > > > >>>>>>> On Tue., Mar. 29, 2022, 12:57 p.m. Aleksey Sanin, > > > > >>>>>>> <[email protected]> wrote: > > > > >>>>>>>> > > > > >>>>>>>> Well, the gcm code for openssl is here: > > > > >>>>>>>> > > > > >>>>>>>> https://github.com/lsh123/xmlsec/blob/4b6ab2d86b71f8642f19ab3b7a0777984b6bce9a/src/openssl/ciphers.c#L80 > > > > >>>>>>>> > > > > >>>>>>>> > > > > >>>>>>>> so adding printfs in these functions would help. > > > > >>>>>>>> > > > > >>>>>>>> Do you get any errors? > > > > >>>>>>>> > > > > >>>>>>>> Aleksey > > > > >>>>>>>> > > > > >>>>>>>> On 3/29/22 11:51 AM, Timothy Legge wrote: > > > > >>>>>>>>> Hi > > > > >>>>>>>>> > > > > >>>>>>>>> I am working on adding support for aes*-gcm to perl's > > > > >>>>>>>>> XML::Enc. I can: > > > > >>>>>>>>> > > > > >>>>>>>>> 1. Decrypt SAML responses encrypted with aes*-gcm using > > > > >>>>>>>>> XML::Enc > > > > >>>>>>>>> 2. Decrypt xmlsec encrypted aes*-gcm XML using XML::Enc > > > > >>>>>>>>> 3. Encrypt XML using aes*-gcm with XML::Sec > > > > >>>>>>>>> 4. Decrypt XML that was encrypted with XML::Sec using > > > > >>>>>>>>> ases*-gcm > > > > >>>>>>>>> > > > > >>>>>>>>> However, I cannot use xmlsec to decrypt XML::Sec encrypted XML > > > > >>>>>>>>> that > > > > >>>>>>>>> uses aes*-gcm. > > > > >>>>>>>>> > > > > >>>>>>>>> I can't think of any issues that would allow me to encrypt and > > > > >>>>>>>>> decrypt > > > > >>>>>>>>> XML successfully with XML::Enc but not allow xmlsec to decrypt > > > > >>>>>>>>> those > > > > >>>>>>>>> files. > > > > >>>>>>>>> > > > > >>>>>>>>> I was wondering if there is a debug flag for XML sec that > > > > >>>>>>>>> would > > > > >>>>>>>>> allow > > > > >>>>>>>>> me to output the following: > > > > >>>>>>>>> > > > > >>>>>>>>> 1. base64 of the CipherValue it reads from the XML file > > > > >>>>>>>>> 2. base 64 of IV > > > > >>>>>>>>> 3 base64 of encrypted data > > > > >>>>>>>>> 4 base 64 of the tag > > > > >>>>>>>>> 5 base 64 of the key > > > > >>>>>>>>> > > > > >>>>>>>>> I don't mind adding some print debugging and recompiling if > > > > >>>>>>>>> you > > > > >>>>>>>>> can > > > > >>>>>>>>> point me to a starting place. It has been a while since I > > > > >>>>>>>>> wrote much > > > > >>>>>>>>> C but I have no issues. Finding the correct spot though... > > > > >>>>>>>>> > > > > >>>>>>>>> Tim > > > > >>>>>>>>> > > > > >>>>>>>>> Timothy Legge > > > > >>>>>>>>> [email protected] > > > > >>>>>>>>> [email protected] > > > > >>>>>>>>> _______________________________________________ > > > > >>>>>>>>> xmlsec mailing list > > > > >>>>>>>>> [email protected] > > > > >>>>>>>>> http://www.aleksey.com/mailman/listinfo/xmlsec > > > > >>>> _______________________________________________ > > > > >>>> xmlsec mailing list > > > > >>>> [email protected] > > > > >>>> http://www.aleksey.com/mailman/listinfo/xmlsec > > > > > _______________________________________________ > > > > > xmlsec mailing list > > > > > [email protected] > > > > > http://www.aleksey.com/mailman/listinfo/xmlsec _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
