saml-sp icon indicating copy to clipboard operation
saml-sp copied to clipboard
verified publisher icon mcguinness

RSA signature verification failing due to Bad Padding Exception

Open robotdan opened this issue 4 years ago • 0 comments

Description

With the following SAML AuthN Request generated with this library, I was unable to validate the signature using the provided public key.

See certificate, signature and full XML AuthN request below.

When validating in Java, I receive a BadPaddingException exception. Can you confirm this signature is valid?

Methods used to verify the signature

  1. I used this online tool to attempt to verify the AuthN request. This validates ok until you add the signature to the validation, and then it fails.
    • https://www.samltool.com/validate_authn_req.php
    • Filled out request, SP Entity Id, Target URL, X.509, and signature fields
      • SAML AuthN Request
        • See XML below
      • SP EntityId
        • urn:example:sp
      • Target URL, Destination of the AuthN Request
        • http://localhost:9011/samlv2/login/5b2e483f-7572-4879-817e-1a90ac44e757
      • X.509 cert of the Service Provider (to check Signature)
        • MIIDUzCCAjugAwIBAgIJAPJ0mA6WzOpvMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRAwDgYDVQQKEwdKYW5reUNvMRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcNMTQwMzEyMTk0NjMzWhcNMjcxMTE5MTk0NjMzWjBgMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEQMA4GA1UEChMHSmFua3lDbzESMBAGA1UEAxMJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlNDy4DR2thZ2DDciITofUpwYZcnXk/9pqDt8V16jBD02uOd/TdysgiKLjrZZbC/X0OX1EFe5dN65UrLODQBBzZ3/8PYz6819MKc9irV8+732H5dGwzgmYBYD+qqf4BcR36L7TjmOwjke+1cMcGg+WXVSXQM/djSxhQHjWNjkRt1T/mLflqMqpopzcmAPQDLEHErtuam9XtudjiFM8r5jzvmu/UpIPibbwAY8q3sTPpE7JBLr6Iy4pBAciLlXa4NrDQ8aL8jFpihjvm+uHVMHMGmynGicGQLgrFKOWs655mVVWXfDOe6J5piBXr1mynnBstddSalZ5aLAWF8g6szfQIDAQABoxAwDjAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQClZy+gMYkNfo+dQjEuvbvx62MMR3Wdkpfey43ZgPqx18vpG0P7aIqTybkxTkhi/Aw8pLDcIvAPZHqlMfLCNBr/4+snqrLo3OiGZI1hl9QOG3hQmkrjT10hlyXRS3oTnjD5bhDj+inbG1i9QRK7PO0PQqWhIKgrtLyYp3WvS6Z9cYXwQt5FcYbhKp+C+kvCzq+TfbQamlvehWjBUNR27CE11M//WTF0nfbOFu32EC6kB0EGd6PTIwhty2zHxg++uYMjAUL+ZNuNiaMc355oXvLth1q5rk3Ga3unpBjmQ7obU2/4/WdJnPfvlD2ktAV/S5dVSKSDNmkag8IX0nHb/1FN
      • Signature of the SAML AuthN Request
        • lgNBHFxPqnxuJFeQkG07wMcBpfYwNEAsjLyjPM0lB+y6o+4KCK3tSjZuuRQYMY4IorzROyozbdklF+BOe1/KJ4XqDhEiqemA2Lk3pIbjBPn+z47FpDt5glAEqcsf2R6D8JNwd5bqJh1buHMsTCwH8XOTvityqAvkfjxYXMSotH1VIlkElcdQzip9fXlemYtLBuz2lnlLv2KMCJDia9PO6kHt2I4A/k4YpMFlv6QthiOr7eV4N9b1VN7ULXDreQ/NP8megmXeAqlZ0/5VyWtdXCQ4AIRQYTynfNVwL05TnI9sXd9yY7Omy9YRptF3hvAYQjwKujOtn3FRrMJWJ34akw==
      • SigAlg
        • http://www.w3.org/2001/04/xmldsig-more#rsa-sha2556
  2. Java fusionauth-samlv2 library
    • A BadPaddingException is thrown out of sun.security.rsa.RSAPadding. unpad In sun.security.rsa.RSAPadding. unpad, the switch hits unpadV15, and it then throws a BadPaddingException.
    • Test https://github.com/FusionAuth/fusionauth-samlv2/blob/15fa48df134833ab86286474770f502a2c872f53/src/test/java/io/fusionauth/samlv2/service/DefaultSAMLv2ServiceTest.java#L244
  public byte[] unpad(byte[] var1) throws BadPaddingException {
    if (var1.length != this.paddedSize) {
      throw new BadPaddingException("Decryption error");
    } else {
      switch(this.type) {
      case 1:
      case 2:
        return this.unpadV15(var1);
      case 3:
        return var1;
      case 4:
        return this.unpadOAEP(var1);
      default:
        throw new AssertionError();
      }
    }
  }

SAML v2 AuthN Request

<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
                    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_7fe510cc8e51aa41558a"
                    IssueInstant="2021-01-21T16:46:05Z" ProviderName="Simple SAML Service Provider"
                    AssertionConsumerServiceURL="http://localhost:7070/saml/sso"
                    Destination="http://localhost:9011/samlv2/login/5b2e483f-7572-4879-817e-1a90ac44e757"
                    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0">
  <saml:Issuer>urn:example:sp</saml:Issuer>
  <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
    <SignedInfo>
      <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
      <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
      <Reference URI="#_7fe510cc8e51aa41558a">
        <Transforms>
          <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
          <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
        </Transforms>
        <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
        <DigestValue>5xWg/idj8jMWfwedfjK2BEYkd/yLWcjMkfJ+Vf8t+FA=</DigestValue>
      </Reference>
    </SignedInfo>
    <SignatureValue>
      lgNBHFxPqnxuJFeQkG07wMcBpfYwNEAsjLyjPM0lB+y6o+4KCK3tSjZuuRQYMY4IorzROyozbdklF+BOe1/KJ4XqDhEiqemA2Lk3pIbjBPn+z47FpDt5glAEqcsf2R6D8JNwd5bqJh1buHMsTCwH8XOTvityqAvkfjxYXMSotH1VIlkElcdQzip9fXlemYtLBuz2lnlLv2KMCJDia9PO6kHt2I4A/k4YpMFlv6QthiOr7eV4N9b1VN7ULXDreQ/NP8megmXeAqlZ0/5VyWtdXCQ4AIRQYTynfNVwL05TnI9sXd9yY7Omy9YRptF3hvAYQjwKujOtn3FRrMJWJ34akw==
    </SignatureValue>
    <KeyInfo>
      <X509Data>
        <X509Certificate>
          MIIDUzCCAjugAwIBAgIJAPJ0mA6WzOpvMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRAwDgYDVQQKEwdKYW5reUNvMRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcNMTQwMzEyMTk0NjMzWhcNMjcxMTE5MTk0NjMzWjBgMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEQMA4GA1UEChMHSmFua3lDbzESMBAGA1UEAxMJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlNDy4DR2thZ2DDciITofUpwYZcnXk/9pqDt8V16jBD02uOd/TdysgiKLjrZZbC/X0OX1EFe5dN65UrLODQBBzZ3/8PYz6819MKc9irV8+732H5dGwzgmYBYD+qqf4BcR36L7TjmOwjke+1cMcGg+WXVSXQM/djSxhQHjWNjkRt1T/mLflqMqpopzcmAPQDLEHErtuam9XtudjiFM8r5jzvmu/UpIPibbwAY8q3sTPpE7JBLr6Iy4pBAciLlXa4NrDQ8aL8jFpihjvm+uHVMHMGmynGicGQLgrFKOWs655mVVWXfDOe6J5piBXr1mynnBstddSalZ5aLAWF8g6szfQIDAQABoxAwDjAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQClZy+gMYkNfo+dQjEuvbvx62MMR3Wdkpfey43ZgPqx18vpG0P7aIqTybkxTkhi/Aw8pLDcIvAPZHqlMfLCNBr/4+snqrLo3OiGZI1hl9QOG3hQmkrjT10hlyXRS3oTnjD5bhDj+inbG1i9QRK7PO0PQqWhIKgrtLyYp3WvS6Z9cYXwQt5FcYbhKp+C+kvCzq+TfbQamlvehWjBUNR27CE11M//WTF0nfbOFu32EC6kB0EGd6PTIwhty2zHxg++uYMjAUL+ZNuNiaMc355oXvLth1q5rk3Ga3unpBjmQ7obU2/4/WdJnPfvlD2ktAV/S5dVSKSDNmkag8IX0nHb/1FN
        </X509Certificate>
      </X509Data>
    </KeyInfo>
  </Signature>
  <samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" AllowCreate="true"/>
  <samlp:RequestedAuthnContext Comparison="exact">
    <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
    </saml:AuthnContextClassRef>
  </samlp:RequestedAuthnContext>
</samlp:AuthnRequest>

robotdan avatar Jan 27 '21 08:01 robotdan