Problem
SAML encrypted assertion decryption fails when Identity Providers use the xmlenc namespace URI for SHA-256 digest methods instead of the xmldsig namespace URI.
Error: unsupported digest algorithm: http://www.w3.org/2001/04/xmlenc#sha256
Background
Per the W3C XML Encryption 1.1 Recommendation (Syntax and Processing), both namespace URIs are valid for SHA-256:
- xmldsig namespace:
http://www.w3.org/2000/09/xmldsig#sha256
- xmlenc namespace:
http://www.w3.org/2001/04/xmlenc#sha256
Some Identity Providers (notably PingFederate and others following XML Encryption 1.1) use the xmlenc namespace URI, which is the correct namespace per the XML Encryption specification.
Root Cause
In types/encrypted_key.go, the DecryptSymmetricKey() method only recognizes the xmldsig namespace:
const (
MethodSHA1 = "http://www.w3.org/2000/09/xmldsig#sha1"
MethodSHA256 = "http://www.w3.org/2000/09/xmldsig#sha256" // Only xmldsig
MethodSHA512 = "http://www.w3.org/2000/09/xmldsig#sha512"
)
The switch statement only matches these constants, causing xmlenc namespace URIs to fall through to the default case and return "unsupported digest algorithm".
Impact
This prevents SAML SSO authentication for organizations using IdPs that follow the XML Encryption 1.1 specification and use the xmlenc namespace for digest methods. This affects compatibility with:
- PingFederate (when configured with SHA-256)
- Other IdPs following XML Encryption 1.1 best practices
- Organizations migrating from SHA-1 to SHA-256 for security compliance
Proposed Fix
Add support for xmlenc namespace URIs by extending the constants and switch statement:
const (
MethodSHA1 = "http://www.w3.org/2000/09/xmldsig#sha1"
MethodSHA256 = "http://www.w3.org/2000/09/xmldsig#sha256"
MethodSHA512 = "http://www.w3.org/2000/09/xmldsig#sha512"
// Add xmlenc namespace variants (same algorithms, different namespace)
MethodSHA256XML = "http://www.w3.org/2001/04/xmlenc#sha256"
MethodSHA512XML = "http://www.w3.org/2001/04/xmlenc#sha512"
)
And update the switch statement:
switch ek.EncryptionMethod.DigestMethod.Algorithm {
case "", MethodSHA1:
h = sha1.New()
case MethodSHA256, MethodSHA256XML: // Accept both namespaces
h = sha256.New()
case MethodSHA512, MethodSHA512XML: // Accept both namespaces
h = sha512.New()
default:
return nil, fmt.Errorf("unsupported digest algorithm: %v",
ek.EncryptionMethod.DigestMethod.Algorithm)
}
References
- W3C XML Encryption 1.1 Recommendation: https://www.w3.org/TR/xmlenc-core1/
- Both namespace URIs are valid per the specification
- Other Go SAML libraries (e.g.,
github.com/moov-io/signedxml) already support xmlenc namespace URIs
Priority
This is a compatibility issue that prevents SAML SSO for organizations using standards-compliant Identity Providers. The fix is minimal (2 lines of code) and improves standards compliance.
Problem
SAML encrypted assertion decryption fails when Identity Providers use the
xmlencnamespace URI for SHA-256 digest methods instead of thexmldsignamespace URI.Error:
unsupported digest algorithm: http://www.w3.org/2001/04/xmlenc#sha256Background
Per the W3C XML Encryption 1.1 Recommendation (Syntax and Processing), both namespace URIs are valid for SHA-256:
http://www.w3.org/2000/09/xmldsig#sha256http://www.w3.org/2001/04/xmlenc#sha256Some Identity Providers (notably PingFederate and others following XML Encryption 1.1) use the
xmlencnamespace URI, which is the correct namespace per the XML Encryption specification.Root Cause
In
types/encrypted_key.go, theDecryptSymmetricKey()method only recognizes the xmldsig namespace:The switch statement only matches these constants, causing xmlenc namespace URIs to fall through to the default case and return "unsupported digest algorithm".
Impact
This prevents SAML SSO authentication for organizations using IdPs that follow the XML Encryption 1.1 specification and use the
xmlencnamespace for digest methods. This affects compatibility with:Proposed Fix
Add support for xmlenc namespace URIs by extending the constants and switch statement:
And update the switch statement:
References
github.com/moov-io/signedxml) already support xmlenc namespace URIsPriority
This is a compatibility issue that prevents SAML SSO for organizations using standards-compliant Identity Providers. The fix is minimal (2 lines of code) and improves standards compliance.