SAMLRaider icon indicating copy to clipboard operation
SAMLRaider copied to clipboard
verified publisher icon CompassSecurity

XSW attacks are losing whitespace in Signature

Open pratikd650 opened this issue 9 years ago • 1 comments

I am trying XSW1 but the signature is turning out to be invalid after the transformation.

Turns out the SAML Raider is losing whitespace, and so the canonicalized output is different. Initial SignedInfo (generated by Shibboleth - notice that there is no indent, but newline after every element)

<ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"></ds:SignatureMethod>
<ds:Reference URI="#_a544335059b58b98d30e75524e09627c">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Transform>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></ds:DigestMethod>
<ds:DigestValue>t9htoNyes3QdccTS57Dp1QOO6oTz8MxON+QYqqgIF3I=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>

SignedInfo after XSW1. (notice that all the newlines are gone)

<ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"></ds:SignatureMethod><ds:Reference URI="#_a544335059b58b98d30e75524e09627c"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Transform><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></ds:DigestMethod><ds:DigestValue>t9htoNyes3QdccTS57Dp1QOO6oTz8MxON+QYqqgIF3I=</ds:DigestValue></ds:Reference></ds:SignedInfo>

Is there some option to preserve the whitespace?

pratikd650 avatar Aug 18 '16 22:08 pratikd650

This could actually be seen as a duplicate of https://github.com/SAMLRaider/SAMLRaider/issues/7 , right?

lindi2 avatar Dec 12 '18 08:12 lindi2