Merge upstream

Author: Stummi

decode_response.go

@@ -204,6 +204,7 @@ func (sp *SAMLServiceProvider) validateElementSignature(el *etree.Element) (*etr
 	return sp.validationContext().Validate(el)
 }
 
+// deprecated
 func (sp *SAMLServiceProvider) validateAssertionSignatures(el *etree.Element) error {
 	signedAssertions := 0
 	unsignedAssertions := 0
@@ -264,55 +265,131 @@ func (sp *SAMLServiceProvider) ValidateEncodedResponse(encodedResponse string) (
 	}
 
 	// Parse the raw response
-	doc, el, err := parseResponse(raw, sp.MaximumDecompressedBodySize)
+	doc, unverifiedResponse, err := parseResponse(raw, sp.MaximumDecompressedBodySize)
 	if err != nil {
 		return nil, err
 	}
 
 	var responseSignatureValidated bool
-	if !sp.SkipSignatureValidation {
-		el, err = sp.validateElementSignature(el)
-		if err == dsig.ErrMissingSignature {
-			// Unfortunately we just blew away our Response
-			el = doc.Root()
-		} else if err != nil {
+	// storing our final response to return back
+	decodedResponse := &types.Response{}
+	// user has decided to skip signature verification
+	// just unmarshal the untrusted el
+
+	if sp.SkipSignatureValidation {
+		err = xmlUnmarshalElement(unverifiedResponse, decodedResponse)
+		if err != nil {
+			return nil, fmt.Errorf("unable to unmarshal response: %v", err)
+		}
+
+		decodedResponse.SignatureValidated = false
+		err := sp.Validate(decodedResponse)
+		if err != nil {
 			return nil, err
-		} else if el == nil {
-			return nil, fmt.Errorf("missing transformed response")
-		} else {
-			responseSignatureValidated = true
 		}
+		return decodedResponse, nil
 	}
 
-	err = sp.decryptAssertions(el)
-	if err != nil {
+	// first get SignedResponse, if any
+	signedResponseEl, err := sp.validateElementSignature(unverifiedResponse)
+
+	// continue for unsigned Response, maybe individual Assertions are still signed
+	if err == dsig.ErrMissingSignature {
+		// Unfortunately we just blew away our Response
+		unverifiedResponse = doc.Root()
+	} else if err != nil {
 		return nil, err
-	}
+	} else if signedResponseEl == nil {
+		return nil, fmt.Errorf("missing transformed response")
+	} else {
+		// good case, no errors when verifying signature
+		// 1. Response is signed
+		// optionally decrypt each assertion
+		err = sp.decryptAssertions(signedResponseEl)
+		if err != nil {
+			return nil, err
+		}
 
-	var assertionSignaturesValidated bool
-	if !sp.SkipSignatureValidation {
-		err = sp.validateAssertionSignatures(el)
-		if err == dsig.ErrMissingSignature {
-			if !responseSignatureValidated {
-				return nil, fmt.Errorf("response and/or assertions must be signed")
-			}
-		} else if err != nil {
+		responseSignatureValidated = true
+
+		err = xmlUnmarshalElement(signedResponseEl, decodedResponse)
+		if err != nil {
+			return nil, fmt.Errorf("unable to unmarshal response: %v", err)
+		}
+		decodedResponse.SignatureValidated = responseSignatureValidated
+
+		err := sp.Validate(decodedResponse)
+		if err != nil {
 			return nil, err
-		} else {
-			assertionSignaturesValidated = true
 		}
+		return decodedResponse, nil
 	}
 
-	decodedResponse := &types.Response{}
-	err = xmlUnmarshalElement(el, decodedResponse)
+	// now we have a tricky case,
+	// unsigned response but have some signed Assertions
+	// unmarshal into decodedResponse,
+
+	err = xmlUnmarshalElement(unverifiedResponse, decodedResponse)
 	if err != nil {
-		return nil, fmt.Errorf("unable to unmarshal response: %v", err)
+		return nil, err
 	}
-	decodedResponse.SignatureValidated = responseSignatureValidated
-	if assertionSignaturesValidated {
-		for idx := 0; idx < len(decodedResponse.Assertions); idx++ {
-			decodedResponse.Assertions[idx].SignatureValidated = true
+
+	// keep in mind anything inside the Response is technically untrusted
+	// however, we have to keep the relevant details such as StatusCode
+	// We reset the underlying assertions & encrypted assertions to []
+
+	decodedResponse.SignatureValidated = false
+	decodedResponse.Assertions = []types.Assertion{}
+	decodedResponse.EncryptedAssertions = []types.EncryptedAssertion{}
+
+	// first decrypt all assertions
+	err = sp.decryptAssertions(unverifiedResponse)
+	if err != nil {
+		return nil, err
+	}
+
+	// iterate through each Assertion inside our etree unverifiedResponse
+	addSignedAssertion := func(ctx etreeutils.NSContext, unverifiedAssertion *etree.Element) error {
+		parent := unverifiedAssertion.Parent()
+		if parent == nil {
+			return fmt.Errorf("parent is nil")
 		}
+		if parent != unverifiedResponse {
+			return fmt.Errorf("found assertion with unexpected parent element: %s", unverifiedAssertion.Parent().Tag)
+		}
+
+		detached, err := etreeutils.NSDetatch(ctx, unverifiedAssertion) // make a detached copy
+		if err != nil {
+			return fmt.Errorf("unable to detach unverified assertion: %v", err)
+		}
+
+		// signedAssertion after checking for errors
+		signedAssertion, err := sp.validationContext().Validate(detached)
+
+		if err != nil {
+			return err // return any errors including unsignedAssertions
+		}
+
+		decodedAssertion := &types.Assertion{}
+
+		err = xmlUnmarshalElement(signedAssertion, decodedAssertion)
+		if err != nil {
+			return fmt.Errorf("unable to unmarshal assertion: %v", err)
+		}
+
+		decodedAssertion.SignatureValidated = true
+
+		// now add it to decodedResponse
+		decodedResponse.Assertions = append(decodedResponse.Assertions, *decodedAssertion)
+
+		return nil
+	}
+
+	// iterate through each Assertion through our unverified Response
+	// our decodedResponse contains a empty list of Assertions
+	// throughout iteration, we will add signed assertions to the decodedResponse
+	if err := etreeutils.NSFindIterate(unverifiedResponse, SAMLAssertionNamespace, AssertionTag, addSignedAssertion); err != nil {
+		return nil, err
 	}
 
 	err = sp.Validate(decodedResponse)

go.mod

@@ -6,7 +6,7 @@ require (
 	github.com/beevik/etree v1.5.0
 	github.com/jonboulle/clockwork v0.5.0
 	github.com/mattermost/xml-roundtrip-validator v0.1.0
-	github.com/russellhaering/goxmldsig v1.4.0
+	github.com/russellhaering/goxmldsig v1.5.0
 	github.com/stretchr/testify v1.10.0
 )
 

go.sum

@@ -1,41 +1,44 @@
+<<<<<<< HEAD
 github.com/beevik/etree v1.1.0/go.mod h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A=
 github.com/beevik/etree v1.5.0 h1:iaQZFSDS+3kYZiGoc9uKeOkUY3nYMXOKLl6KIJxiJWs=
 github.com/beevik/etree v1.5.0/go.mod h1:gPNJNaBGVZ9AwsidazFZyygnd+0pAU38N4D+WemwKNs=
+=======
+github.com/beevik/etree v1.5.1 h1:TC3zyxYp+81wAmbsi8SWUpZCurbxa6S8RITYRSkNRwo=
+github.com/beevik/etree v1.5.1/go.mod h1:gPNJNaBGVZ9AwsidazFZyygnd+0pAU38N4D+WemwKNs=
+>>>>>>> upstream/main
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+<<<<<<< HEAD
 github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8=
 github.com/jonboulle/clockwork v0.5.0 h1:Hyh9A8u51kptdkR+cqRpT1EebBwTn1oK9YfGYbdFz6I=
 github.com/jonboulle/clockwork v0.5.0/go.mod h1:3mZlmanh0g2NDKO5TWZVJAfofYk64M7XN3SzBPjZF60=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
+=======
+github.com/jonboulle/clockwork v0.5.0 h1:Hyh9A8u51kptdkR+cqRpT1EebBwTn1oK9YfGYbdFz6I=
+github.com/jonboulle/clockwork v0.5.0/go.mod h1:3mZlmanh0g2NDKO5TWZVJAfofYk64M7XN3SzBPjZF60=
+>>>>>>> upstream/main
 github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0=
 github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk=
-github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
-github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/mattermost/xml-roundtrip-validator v0.1.0 h1:RXbVD2UAl7A7nOTR4u7E3ILa4IbtvKBHw64LDsmu9hU=
 github.com/mattermost/xml-roundtrip-validator v0.1.0/go.mod h1:qccnGMcpgwcNaBnxqpJpWWUiPNr5H3O8eDgGV9gT5To=
-github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
 github.com/rogpeppe/go-internal v1.8.0 h1:FCbCCtXNOY3UtUuHUYaghJg4y7Fd14rXifAYUAtL9R8=
 github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE=
-github.com/russellhaering/goxmldsig v1.4.0 h1:8UcDh/xGyQiyrW+Fq5t8f+l2DLB1+zlhYzkPUJ7Qhys=
-github.com/russellhaering/goxmldsig v1.4.0/go.mod h1:gM4MDENBQf7M+V824SGfyIUVFWydB7n0KkEubVJl+Tw=
+github.com/russellhaering/goxmldsig v1.5.0 h1:AU2UkkYIUOTyZRbe08XMThaOCelArgvNfYapcmSjBNw=
+github.com/russellhaering/goxmldsig v1.5.0/go.mod h1:x98CjQNFJcWfMxeOrMnMKg70lvDP6tE0nTaeUnjXDmk=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
 github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
-gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

providertests/oktadev_test.go

@@ -1,11 +1,11 @@
 // Copyright 2016 Russell Haering et al.
-// 
+//
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
-// 
+//
 //     https://www.apache.org/licenses/LICENSE-2.0
-// 
+//
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -20,20 +20,20 @@ import (
 	"time"
 
 	"github.com/jonboulle/clockwork"
-	"github.com/russellhaering/gosaml2"
-	"github.com/russellhaering/goxmldsig"
+	saml2 "github.com/russellhaering/gosaml2"
+	dsig "github.com/russellhaering/goxmldsig"
 )
 
 var oktaScenarioErrors = map[int]string{
-	1:  "error validating response: response and/or assertions must be signed",
+	1:  "error validating response: Missing signature referencing the top-level element",
 	3:  "error validating response: Could not verify certificate against trusted certs",
 	4:  "error validating response: Unrecognized Destination value, Expected: http://dba9a5fc.ngrok.io/v1/_saml_callback, Actual: fake.identifier.example.com",
 	5:  "error validating response: Unrecognized Issuer value, Expected: http://example.com/saml/acs/example, Actual: fake.identifier.example.com",
 	7:  "error validating response: missing Issuer element",
 	8:  "error validating response: missing NotOnOrAfter attribute on SubjectConfirmationData element",
 	9:  "missing NotOnOrAfter attribute on Conditions element",
 	10: "missing NotBefore attribute on Conditions element",
-	12: "error validating response: response and/or assertions must be signed",
+	12: "error validating response: Missing signature referencing the top-level element",
 	13: "error validating response: Signature could not be verified",
 	14: "error validating response: Unrecognized StatusCode value, Expected: urn:oasis:names:tc:SAML:2.0:status:Success, Actual: Failure",
 	15: "error validating response: Unrecognized StatusCode value, Expected: urn:oasis:names:tc:SAML:2.0:status:Success, Actual: urn:oasis:names:tc:SAML:2.0:status:Requester",

providertests/onelogin_test.go

@@ -1,11 +1,11 @@
 // Copyright 2016 Russell Haering et al.
-// 
+//
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
-// 
+//
 //     https://www.apache.org/licenses/LICENSE-2.0
-// 
+//
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -18,14 +18,14 @@ import (
 	"fmt"
 	"testing"
 
-	"github.com/russellhaering/gosaml2"
+	saml2 "github.com/russellhaering/gosaml2"
 )
 
 var oneLoginScenarioErrors = map[int]string{
 	// 99 - Response(Assertion) - no signature
-	99: "error validating response: response and/or assertions must be signed",
+	99: "error validating response: Missing signature referencing the top-level element",
 	// 98 - Response(encrypted(Assertion)) - no signature
-	98: "error validating response: response and/or assertions must be signed",
+	98: "error validating response: Missing signature referencing the top-level element",
 	// 01 - signed(Response(Assertion))
 	1: "",
 	// 03 - Response(signed(Assertion))
@@ -64,18 +64,16 @@ var oneLoginScenarioErrors = map[int]string{
 	17: "error validating response: Signature could not be verified",
 	// 18 - signed(Response(encrypted(signed(Assertion)))) - 16 signed (signature valid, still cannot decrypt)
 	18: "error validating response: unable to decrypt encrypted assertion: cannot decrypt, error retrieving private key: rsa internal error: crypto/rsa: decryption error",
-	// 81 - Response(Assertion) - 99 set IssueInstant before EncryptionCertTime
-	// Note: signatures are being checked before IssueInstant (which is correct)
-	81: "error validating response: response and/or assertions must be signed",
-	// 82 - Response(Assertion) - 99 set IssueInstant after EncryptionCertTime
-	// Note: signatures are being checked before IssueInstant (which is correct)
-	82: "error validating response: response and/or assertions must be signed",
-	// 91 - Response(Assertion) - 99 set IssueInstant before CertTime
-	// Note: signatures are being checked before IssueInstant (which is correct)
-	91: "error validating response: response and/or assertions must be signed",
-	// 92 - Response(Assertion) - 99 set IssueInstant after CertTime
-	// Note: signatures are being checked before IssueInstant (which is correct)
-	92: "error validating response: response and/or assertions must be signed",
+	// 81 - Response(Assertion) - 99 missing assertion and response signature
+	81: "error validating response: Missing signature referencing the top-level element",
+	// 82 - Response(Assertion) - 99 missing assertion and response signature
+	82: "error validating response: Missing signature referencing the top-level element",
+	// 91 - Response(Assertion) - 99 missing Response subject confirmation element
+	// Note: gosaml2 is correctly checking signature before contents
+	91: "error validating response: Missing signature referencing the top-level element",
+	// 92 - Response(Assertion) - 99 missing Response subject confirmation method
+	// Note: gosaml2 is correctly checking signature before contents
+	92: "error validating response: Missing signature referencing the top-level element",
 	// 21 - signed(Response(Assertion)) - 91 sign Response, IssueInstant before SigningCertTime
 	21: "error validating response: Cert is not valid at this time",
 	// 22 - signed(Response(Assertion)) - 92 sign Response, IssueInstant after SigningCertTime
@@ -120,19 +118,19 @@ var oneLoginScenarioErrors = map[int]string{
 	48: "error validating response: unable to decrypt encrypted assertion: cannot decrypt, error retrieving private key: key decryption attempted with mismatched cert, SP cert(cd:f6:7c:e9), assertion cert(42:99:58:b8)",
 	// 85 - Response(Assertion) - 99 empty Response Destination (empty is ok, Destination is optional)
 	// Note: gosaml2 is correctly checking signature before contents
-	85: "error validating response: response and/or assertions must be signed",
+	85: "error validating response: Missing signature referencing the top-level element",
 	// 86 - Response(Assertion) - 99 wrong Response Destination (SP acs)
 	// Note: gosaml2 is correctly checking signature before contents
-	86: "error validating response: response and/or assertions must be signed",
+	86: "error validating response: Missing signature referencing the top-level element",
 	// 87 - Response(Assertion) - 99 wrong Response Issuer (IDP endpoint id)
 	// Note: gosaml2 is correctly checking signature before contents
-	87: "error validating response: response and/or assertions must be signed",
+	87: "error validating response: Missing signature referencing the top-level element",
 	// 88 - Response(Assertion) - 99 wrong Assertion Audience (SP entity id)
 	// Note: gosaml2 is correctly checking signature before contents
-	88: "error validating response: response and/or assertions must be signed",
+	88: "error validating response: Missing signature referencing the top-level element",
 	// 89 - Response(Assertion) - 99 wrong Assertion Issuer (IDP endpoint id)
 	// Note: gosaml2 is correctly checking signature before contents
-	89: "error validating response: response and/or assertions must be signed",
+	89: "error validating response: Missing signature referencing the top-level element",
 	// 50 - signed(Response(Assertion)) - 85 signed Response, empty Response Destination (success, optional)
 	50: "",
 	// 51 - signed(Response(Assertion)) - 86 signed Response, wrong Response Destination (SP acs)

types/encrypted_assertion.go

@@ -63,6 +63,9 @@ func (ea *EncryptedAssertion) DecryptBytes(cert *tls.Certificate) ([]byte, error
 		}
 		return plainText, nil
 	case MethodAES128CBC, MethodAES256CBC, MethodTripleDESCBC:
+		if len(data)%k.BlockSize() != 0 {
+			return nil, fmt.Errorf("encrypted data is not a multiple of the expected CBC block size %d: actual size %d", k.BlockSize(), len(data))
+		}
 		nonce, data := data[:k.BlockSize()], data[k.BlockSize():]
 		c := cipher.NewCBCDecrypter(k, nonce)
 		c.CryptBlocks(data, data)