Add support for AES-GCM

[Skywalker-11]

simplsamlphp currently does not support AES in GCM mode.

If an IDP uses AES-GCM for encryption of the ssertions eg:

<saml2:EncryptedAssertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
  ....
  <xenc:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/> 
   ....

this creates an error in form of the following message on a SP running simplesamlphp:

simplesamlphp: 3  Decryption failed: Could not locate key algorithm in encrypted data.
simplesamlphp: 3  SimpleSAML\Error\Error: UNHANDLEDEXCEPTION
simplesamlphp: 3  Backtrace:
simplesamlphp: 3  1 /opt/simplesamlphp/www/_include.php:17 (SimpleSAML_exception_handler)
simplesamlphp: 3  0  (N/A)
simplesamlphp: 3  Caused by: Exception: Failed to decrypt XML element.
simplesamlphp: 3  Backtrace:
simplesamlphp: 3  7 /opt/simplesamlphp/vendor/simplesamlphp/saml2/src/SAML2/Utils.php:575 (SAML2\Utils::decryptElement)
simplesamlphp: 3  6 /opt/simplesamlphp/vendor/simplesamlphp/saml2/src/SAML2/EncryptedAssertion.php:98 (SAML2\EncryptedAssertion::getAssertion)
simplesamlphp: 3  5 /opt/simplesamlphp/modules/saml/lib/Message.php:391 (SimpleSAML\Module\saml\Message::decryptAssertion)
simplesamlphp: 3  4 /opt/simplesamlphp/modules/saml/lib/Message.php:647 (SimpleSAML\Module\saml\Message::processAssertion)
simplesamlphp: 3  3 /opt/simplesamlphp/modules/saml/lib/Message.php:614 (SimpleSAML\Module\saml\Message::processResponse)
simplesamlphp: 3  2 /opt/simplesamlphp/modules/saml/www/sp/saml2-acs.php:134 (require)
simplesamlphp: 3  1 /opt/simplesamlphp/lib/SimpleSAML/Module.php:236 (SimpleSAML\Module::process)
simplesamlphp: 3  0 /opt/simplesamlphp/www/module.php:9 (N/A)

Depending on change in library xmlseclibs (robrichards/xmlseclibs#134)

[blai-cartera]

@Skywalker-11 have you found any alternatives to simplesamlphp or a way to include 3rd party support of aes-gcm for simplesamlphp users?

[Skywalker-11]

I am not using simplesaml myself but noticed the error when interacting with 3rd party SPs

[melanger]

AES-GCM is the default in Shibboleth 4.0, so missing support breaks compatibility of SimpleSAMLphp with a growing number of IdPs.

[tvdijen]

@melanger The issue here is not SimpleSAMLphp, but two dependency-levels down in the xmlseclibs library.. So, unless you can open up a can of crypto-savvy PHP developers, this is really out of our control.

[melanger]

@tvdijen There is an open issue in the library as well, robrichards/xmlseclibs#134, but it seems that the support was actually added in 3.1 https://github.com/robrichards/xmlseclibs/releases/tag/3.1.0

[melanger]

Requires PHP 7.1+, but SimpleSAML already requires 7.2+ on master

[jaimeperez]

I might be mistaken here, but I would say this is just a matter of updating the xmlseclibs dependency, since 3.1.0 implements support for AES-GCM.

[IlariExove]

I see Shibboleth 4.0 IdPs using http://www.w3.org/2009/xmlenc11#aes128-gcm algorithm for encryption. This is a rising concern as 4.0 went GA in March. IdPs are rolling out v4 to production soon.

[tvdijen]

If you're using SimpleSAMLphp:

• On 1.18 you can get this working by running composer require robrichards/xmlseclibs:^3.1.
• 1.19 will officially include this.

If you're using this library directly:

• Use v4.1.8 of the libary

[s0rin]

The workaround in SSP 1.18.7 to install manually xmlseclibs 3.1.0 over the existent 3.0.8 didn't work for me, the error "Failed to decrypt XML element" still occur. How to check the xmlseclibs installed version?

[tvdijen]

You can check the installed version in the composer.lock file
Also, what's your PHP-version? xmlseclibs will not process aes-128-gcm on PHP <7.1

[s0rin]

The PHP version is right:

# php -v
PHP 7.2.33 (cli) (built: Sep  1 2020 05:35:29) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
    with Zend OPcache v7.2.33, Copyright (c) 1999-2018, by Zend Technologies

but the xmlseclibs is not:

# cat /var/simplesamlphp/composer.lock | grep xmlseclibs
                "robrichards/xmlseclibs": "^3.0.4",

Note. With the newer SSP 1.18.8 is no change :-(

In conclusion the workaround for 1.18.x to install xmlseclibs with composer manually is not working (maybe some steps are missing, i.e. to edit composer.lock?). I will rather wait for 1.19...

[tvdijen]

1.18.8 has the right one;
https://github.com/simplesamlphp/simplesamlphp/blob/simplesamlphp-1.18/composer.lock#L419

So it must be something else...

[s0rin]

and here? https://github.com/simplesamlphp/simplesamlphp/blob/simplesamlphp-1.18/composer.lock#L509