You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
SAML2 frontend relies on the pysaml library, which defaults to RSA with PKCS#1 v1.5 padding (http://www.w3.org/2001/04/xmlenc#rsa-1_5) for assertion encryption. This algorithm should not be used because it is known to be vulnerable. For example, SimpleSAMLphp blocks it by default since version 1.13 released in 2014, so effectively it is not possible to use assertion encryption in SATOSA.
It also uses 3DES (http://www.w3.org/2001/04/xmlenc#tripledes-cbc) which probably should be replaced with AES (http://www.w3.org/2001/04/xmlenc#aes128-cbc or similar).
It is not possible to configure this in SATOSA neither in pysaml, because the encrypt_assertion method does not take the algorithm(s) as arguments. There is a related issue IdentityPython/pysaml2#421 started in 2017 which is still unsolved. There is also a PR for disabling specific algorithms, not yet merged https://github.com/IdentityPython/pysaml2/pull/628/files
Code Version
7.0.1
Expected Behavior
SATOSA should use a reasonably strong encryption by default and it should be possible to configure encryption algorithms.
Current Behavior
SATOSA SAML2 frontend uses vulnerable encryption by default and cannot be configured.
Possible Solution
Change defaults in pysaml and/or make the encrypt_assertion method configurable.
Steps to Reproduce
Configure SATOSA with SAML2 frontend (IdP).
Turn on assertion encryption (encrypt_assertion: true)
Try to use it for example with a SimpleSAMLphp SP.
SimpleSAMLphp fails to decrypt because of the algorithm:
Yes, this is one the high-priority issues for pysaml2 and should be resolved soon. Ideally, we should bump the algos to be stronger, and at the same time offer a configuration option to allow the users to set what they need. The frontend will support this automatically by using a newer pysaml2 version.
I am closing this to move the discussion over to pysaml2.
Hi @c00kiemon5ter - I was looking for the issue in pysaml2 - is it this? IdentityPython/pysaml2#821
It still seems to be open in pysaml2 so I guess it will be a while before it becomes available in Satosa. This is blocking us (and presumably lots of people) from using Satosa as an IdP since it can't send encrypted assertions to SimpleSAMLPhp or Shibboleth SPs (from what I remember testing). Do you have an estimated timeline?
SAML2 frontend relies on the pysaml library, which defaults to RSA with PKCS#1 v1.5 padding (
http://www.w3.org/2001/04/xmlenc#rsa-1_5
) for assertion encryption. This algorithm should not be used because it is known to be vulnerable. For example, SimpleSAMLphp blocks it by default since version 1.13 released in 2014, so effectively it is not possible to use assertion encryption in SATOSA.It also uses 3DES (
http://www.w3.org/2001/04/xmlenc#tripledes-cbc
) which probably should be replaced with AES (http://www.w3.org/2001/04/xmlenc#aes128-cbc
or similar).https://github.com/IdentityPython/pysaml2/blob/d62a10c473f64e389d2d26958c83c83daafe38fd/src/saml2/entity.py#L565
https://github.com/IdentityPython/pysaml2/blob/d62a10c473f64e389d2d26958c83c83daafe38fd/src/saml2/sigver.py#L1834
It is not possible to configure this in SATOSA neither in pysaml, because the
encrypt_assertion
method does not take the algorithm(s) as arguments. There is a related issue IdentityPython/pysaml2#421 started in 2017 which is still unsolved. There is also a PR for disabling specific algorithms, not yet merged https://github.com/IdentityPython/pysaml2/pull/628/filesCode Version
7.0.1
Expected Behavior
SATOSA should use a reasonably strong encryption by default and it should be possible to configure encryption algorithms.
Current Behavior
SATOSA SAML2 frontend uses vulnerable encryption by default and cannot be configured.
Possible Solution
Change defaults in pysaml and/or make the
encrypt_assertion
method configurable.Steps to Reproduce
encrypt_assertion: true
)The text was updated successfully, but these errors were encountered: