openssl_verify() failure with PHP 8.1 (works with 7.4)

Question

openssl_verify() failure with PHP 8.1 (works with 7.4)

Closed this issue a year ago · 15 comments

This one is driving me nuts.
I have a SAML exchange that uses an encrypted and signed assertion in the response.

Under PHP 7.4 everything works great, the call to openssl_verify($data, $signature, $this->key, $algo); in verifyOpenSSL works perfectly and returns 1

Under PHP 8.1 everything fails, with exactly the same data being passed with the error.

error:02000068:rsa routines::bad signature
error:1C880004:Provider routines::RSA lib

The key is their public cert (this is a SAML response), the signature is sha256

Any tips appreciated, especially as to why the same code works with 7.4 and not 8.1

Answer 1 · 2023-07-27T09:38:58.000Z

openssl is a disaster when it comes to error handling.

See this comment: https://www.php.net/manual/en/function.openssl-error-string.php#119878

This library will only show you the last error, even when there's a whole stack of error messages. In your case you are probably just missing crucial information to properly debug this.

Answer 2 · 2023-07-27T16:01:03.000Z

Yeah, already handled the error queue thing. Now working on a minimal reproducible example that works with 7.4 and fails with 8.1

Answer 3 · 2023-07-27T16:36:23.000Z

Pinned it down, not an openssl error, wrong value is being passed as the data, will work out whether it is a xmlseclibs or a onelogin saml issue.

Answer 4 · 2023-07-27T16:37:56.000Z

Are you using another saml-lib that uses this lib, or what?
Just out of curiosity since I happen to manage one of the saml-lib around.

Answer 5 · 2023-07-27T20:04:56.000Z

Using the OneLogin PHP SAML Library, https://github.com/SAML-Toolkits/php-saml
Looks like the signature info inside the encrypted assertion is getting mangled:

<ds:Signature><ds:SignedInfo> .... translated to:
<ns3:Signature><ns3:SignedInfo> etc

But only on PHP 8.1, and only inside the assertion. Signature info on the response is left untouched.

still tracking down exactly where and why.

Answer 6 · 2023-07-27T20:22:02.000Z

Decryption is fine....

<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo>....

Amd something happens afterwards that I'll still tracking down....

Answer 7 · 2023-07-27T20:40:16.000Z

That library seems pretty basic considering the huge saml2 protocol.. I wouldn't expect much of that tbh

Answer 8 · 2023-07-27T20:51:06.000Z

It's been working fine so far, but maybe this will force us to change libraries, and it seems to be a 8.1 thing, and I suspect C14N, but we'll see.

Answer 9 · 2023-07-27T21:12:40.000Z

Seems to be a DOMXPath::query issue with 8.x, more a OneLogin SAML Lib issue, or PHP issue.

Answer 10 · 2023-07-27T21:48:34.000Z

Yeah PHP 8.0 has known issues that won't be fixed anymore.
I've been having similar issues with my lib.

Answer 11 · 2023-07-27T21:54:38.000Z

Thanks. Tracked down to: Utils::treeCopyReplace($encryptedAssertion, $decrypted); in OneLogin's Library. Closing this and moving over there.

Answer 12 · 2023-07-27T23:56:50.000Z

FYI tracked it down to insertBefore() - SAML-Toolkits/php-saml#562

Answer 13 · 2023-07-28T08:26:38.000Z

From the PHP changelog:

Version 8.1.21
06 Jul 2023

    DOM:
        Fixed bug [#55294](http://bugs.php.net/55294) and #47530 and #47847 (various namespace reconciliation issues).

Could that be it? Are you on the latest dot-version?

Answer 14 · 2023-07-28T16:13:04.000Z

Yes, latest dot version. Haven’t gone back to find out when it was introduced and maybe. libxml issue but for now I’m working around it.

Answer 15 · 2023-07-28T16:23:42.000Z

Looking at the release log, lots of DOM fixes in 8.1.21, looks like it may have been introduced with this version.

Fix DOMElement::append() and DOMElement::prepend() hierarchy checks.