xenc:EncryptionMethod vs xmlsecenc:EncryptionMethod
Closed this issue · 2 comments
I'm new to SAML, so my apologies if I've gotten something wrong here, but I can't get LightSAML to work, and LightSAML relies on these XMLSecLibs. The error I'm getting is "Could not locate key algorithm in encrypted data", coming from the call to locateKey.
When looking at the location of that function it appears to be the locateKey function in this library. I noticed that the query looks for "xmlsecenc:EncryptionMethod", as you can see here:
https://github.com/robrichards/xmlseclibs/blob/master/src/XMLSecEnc.php#L388
However, every sample XML assertion I've seen uses "xenc:EncryptionMethod" - hence this query fails. Here's one such link with examples:
https://www.samltool.com/generic_sso_res.php
Has the SAML spec changed over time, resulting in this discrepancy? Or is there something else I'm ignorant to here (certainly a valid possibility)?
Those are just prefixes so as long as they are referring the same namespace it is fine. You should see in you SAML document an element that defines:
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
This matches up to the use of the xmlsecenc prefix which is registered as:
XMLENCNS = 'http://www.w3.org/2001/04/xmlenc#';
It has to be something else causing the issue
correct, upon further review, while the errors appear to come out of this lib, I misdiagnosed.
if anyone googles and finds this error: mcrypt doesn't get into PHP properly on OSX El Capitan, and the process of debugging in-page error messages / exceptions is very poor/tricky!