When an EncryptedKey element is referenced from an EncryptedData element using a RetrievalMethod without a Type attribute, decryption fails (see example below).
This is because currently, the Type attribute is required to exist and have a fixed value of http://www.w3.org/2001/04/xmlenc#EncryptedKey. See:
https://github.com/robrichards/xmlseclibs/blob/master/src/XMLSecEnc.php#L464
However, the Type attribute is not required according to the XSD:
See for instance section 4.5.3 "The RetrievalMethod Element” of:
https://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod
The Type attribute Schema Definition indicates that this attribute is optional.
An example where this issue is a problem:
<saml2:EncryptedID xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<xenc:EncryptedData Id="_A" Type="http://www.w3.org/2001/04/xmlenc#Element">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
<ds:KeyInfo>
<ds:RetrievalMethod URI="#_B"/>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>...</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
<xenc:EncryptedKey Id="_B" Recipient="urn:sp">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
</xenc:EncryptionMethod>
<ds:KeyInfo>
<ds:KeyName>...</ds:KeyName>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>...</xenc:CipherValue>
</xenc:CipherData>
<xenc:ReferenceList>
<xenc:DataReference URI="#_A"/>
</xenc:ReferenceList>
</xenc:EncryptedKey>
</saml2:EncryptedID>
The code in the function staticLocateKeyInfo that tries to locate a KeyInfo element containing a decryption key (_B in this case) returns when the RetrievalMethod element lacks a Type attribute:
This means xmlseclibs is not able to retrieve the symmetric key (_B) that is needed to decrypt the nameid.
Interestingly, in the 2002 version of the xmlsec spec, the Type attribute was both optional and fixed to http://www.w3.org/2001/04/xmlenc#EncryptedKey, which would make a good default when a value was missing:
https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.html#sec-ds-RetrievalMethod
However, this was dropped later:
https://www.w3.org/TR/xmlenc-core/#sec-ds-RetrievalMethod
Unclear what the correct behaviour should be. Making the Type attribute default to http://www.w3.org/2001/04/xmlenc#EncryptedKey would fix above problem (but will it introduce others?).
When an
EncryptedKeyelement is referenced from anEncryptedDataelement using aRetrievalMethodwithout aTypeattribute, decryption fails (see example below).This is because currently, the
Typeattribute is required to exist and have a fixed value ofhttp://www.w3.org/2001/04/xmlenc#EncryptedKey. See:https://github.com/robrichards/xmlseclibs/blob/master/src/XMLSecEnc.php#L464
However, the
Typeattribute is not required according to the XSD:See for instance section 4.5.3 "The RetrievalMethod Element” of:
https://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod
The
Typeattribute Schema Definition indicates that this attribute is optional.An example where this issue is a problem:
The code in the function
staticLocateKeyInfothat tries to locate aKeyInfoelement containing a decryption key (_Bin this case) returns when theRetrievalMethodelement lacks aTypeattribute:This means xmlseclibs is not able to retrieve the symmetric key (
_B) that is needed to decrypt the nameid.Interestingly, in the 2002 version of the xmlsec spec, the
Typeattribute was both optional and fixed tohttp://www.w3.org/2001/04/xmlenc#EncryptedKey, which would make a good default when a value was missing:https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.html#sec-ds-RetrievalMethod
However, this was dropped later:
https://www.w3.org/TR/xmlenc-core/#sec-ds-RetrievalMethod
Unclear what the correct behaviour should be. Making the
Typeattribute default tohttp://www.w3.org/2001/04/xmlenc#EncryptedKeywould fix above problem (but will it introduce others?).