LightSaml\Error\LightSamlSecurityException: "Algorithm mismatch ...

[strietzel]

Hello, my implemented SAML flow suddenly stopped working with the following Error message:

Uncaught PHP Exception LightSaml\Error\LightSamlSecurityException: "Algorithm mismatch between input key and key used to encrypt the symmetric key for the message. Input key algo is: 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'. Message key algo is 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'"

What is in this context the "input key" and what is the "message key"?

• Does it mean that the ADFS Server returns a message that is encrypted with rsa-oaep-mgf1p,
  but the key I created is encrypted with rsa-sha256?

Because I did not change anything on my side, I assume that the ADFS settings were changed by someone. Is this the right conclusion for this case?

Any help would be appreciated, Thx. :-)

[tmilos]

Are you sure this started w/out any modification of the code on your side? Maybe update to new lightsaml/lightsaml 1.1.0 version?

[tmilos]

Try updating to lightsaml/lightsaml v1.1.3 it should fix your issue