PROBLEM
When attempting to decrypt the SAML response from IdP, the following exception occurs:-
org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size
Original Exception was java.security.InvalidKeyException: Illegal key size
at org.apache.xml.security.encryption.XMLCipher.decryptToByteArray(XMLCipher.java:1822)
at org.opensaml.xml.encryption.Decrypter.decryptDataToDOM(Decrypter.java:596)
at org.opensaml.xml.encryption.Decrypter.decryptUsingResolvedEncryptedKey(Decrypter.java:795)
at org.opensaml.xml.encryption.Decrypter.decryptDataToDOM(Decrypter.java:535)
at org.opensaml.xml.encryption.Decrypter.decryptDataToList(Decrypter.java:453)
at org.opensaml.xml.encryption.Decrypter.decryptData(Decrypter.java:414)
at org.opensaml.saml2.encryption.Decrypter.decryptData(Decrypter.java:141)
at org.opensaml.saml2.encryption.Decrypter.decrypt(Decrypter.java:69)
at org.springframework.security.saml.websso.WebSSOProfileConsumerImpl.processAuthenticationResponse(WebSSOProfileConsumerImpl.java:199)
at org.springframework.security.saml.SAMLAuthenticationProvider.authenticate(SAMLAuthenticationProvider.java:82)
SOLUTION
When inspecting the SAML response payload below, the data is encrypted with AES-256:-
<!--?xml version="1.0" encoding="UTF-8"?-->
<samlp:response consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" destination="https://server/my-app/saml/SSO" id="_370d6ba5-177c-494b-9147-2eafd9ecb6c9" inresponseto="a5c5dja1i5fgb2bf2e66f6g9g5398gj" issueinstant="2016-02-18T15:28:43.473Z" version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
<issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">http://adfs-server/adfs/services/trust</issuer>
<samlp:status>
<samlp:statuscode value="urn:oasis:names:tc:SAML:2.0:status:Success">
</samlp:statuscode></samlp:status>
<encryptedassertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
<xenc:encrypteddata type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:encryptionmethod algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc">
<keyinfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<e:encryptedkey xmlns:e="http://www.w3.org/2001/04/xmlenc#">
<e:encryptionmethod algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
<digestmethod algorithm="http://www.w3.org/2000/09/xmldsig#sha1">
</digestmethod></e:encryptionmethod>
<keyinfo>
<ds:x509data xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:x509issuerserial>
<ds:x509issuername>CN=server</ds:x509issuername>
<ds:x509serialnumber>1822784706</ds:x509serialnumber>
</ds:x509issuerserial>
</ds:x509data>
</keyinfo>
<e:cipherdata>
<e:ciphervalue>isG83fVk50fJRIcg...</e:ciphervalue>
</e:cipherdata>
</e:encryptedkey>
</keyinfo>
<xenc:cipherdata>
<xenc:ciphervalue>+b2o6HNxaxsse7rkB...</xenc:ciphervalue>
</xenc:cipherdata>
</xenc:encryptionmethod></xenc:encrypteddata>
</encryptedassertion>
</samlp:response>
By default, Java’s keysize is limited to 128-bit key due to US export laws and a few countries’ import laws.
To fix this…
Leave a Reply