Cannot decrypt Response with RSA-OAEP

[Lapeth]

(Also raised this on StackOverflow a couple of days ago)

I've run into an issue with python3-saml where the AuthResponse fails to get decrypted. This is with a SP cert/key pair that I know fit together, and a test with these against a local SimpleSamlPHP container works fine. The certificate and key have been provided by the IdP for testing purposes here, so they're not used in production systems.

With debugging enabled, the following is logged:

func=xmlSecTransformNodeRead:file=transforms.c:line=1314:obj=unknown:subj=xmlSecTransformIdListFindByHref:error=1:xmlsec library function failed:href=http://www.w3.org/2009/xmlenc11#rsa-oaep
func=xmlSecTransformCtxNodeRead:file=transforms.c:line=595:obj=EncryptionMethod:subj=xmlSecTransformNodeRead:error=1:xmlsec library function failed: 
func=xmlSecEncCtxEncDataNodeRead:file=xmlenc.c:line=742:obj=EncryptionMethod:subj=xmlSecTransformCtxNodeRead:error=1:xmlsec library function failed: 
func=xmlSecEncCtxDecryptToBuffer:file=xmlenc.c:line=596:obj=unknown:subj=xmlSecEncCtxEncDataNodeRead:error=1:xmlsec library function failed: 
func=xmlSecKeysMngrGetKey:file=keys.c:line=1253:obj=unknown:subj=xmlSecKeysMngrFindKey:error=1:xmlsec library function failed: 
func=xmlSecEncCtxEncDataNodeRead:file=xmlenc.c:line=779:obj=unknown:subj=unknown:error=45:key is not found:encMethod=aes256-gcm
func=xmlSecEncCtxDecryptToBuffer:file=xmlenc.c:line=596:obj=unknown:subj=xmlSecEncCtxEncDataNodeRead:error=1:xmlsec library function failed: 
func=xmlSecEncCtxDecrypt:file=xmlenc.c:line=524:obj=unknown:subj=xmlSecEncCtxDecryptToBuffer:error=1:xmlsec library function failed: 
django_mitid_auth.saml.saml2 ERROR 2022-07-28 05:23:18,918 saml2 handle_login_callback (1, 'failed to decrypt')
Traceback (most recent call last):
  File "/usr/local/lib/python3.9/site-packages/django_mitid_auth/saml/saml2.py", line 108, in handle_login_callback
    saml_auth.process_response(request_id=request_id)
  File "/usr/local/lib/python3.9/site-packages/onelogin/saml2/auth.py", line 130, in process_response
    response = self.response_class(self._settings, self._request_data['post_data']['SAMLResponse'])
  File "/usr/local/lib/python3.9/site-packages/onelogin/saml2/response.py", line 49, in __init__
    self.decrypted_document = self._decrypt_assertion(decrypted_document)
  File "/usr/local/lib/python3.9/site-packages/onelogin/saml2/response.py", line 903, in _decrypt_assertion
    decrypted = OneLogin_Saml2_Utils.decrypt_element(encrypted_data, key, debug=debug, inplace=True)
  File "/usr/local/lib/python3.9/site-packages/onelogin/saml2/utils.py", line 697, in decrypt_element
    return enc_ctx.decrypt(encrypted_data)
xmlsec.Error: (1, 'failed to decrypt')

Example SAML Response that triggers this:

<Response ID="_5319523e-64c5-1918-0657-d3a638045ad5" Version="2.0" IssueInstant="2022-07-26T06:23:31.0393084Z"
          Destination="https://[my domain]/login/callback/"
          InResponseTo="ONELOGIN_91d032676bab01fc363cce24799c865f03d74cba" xmlns="urn:oasis:names:tc:SAML:2.0:protocol">
    <Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
        https://saml.test-nemlog-in.dk/
    </Issuer>
    <Status>
        <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </Status>
    <EncryptedAssertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
        <xenc:EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"
                            xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
            <xenc:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey>
                    <xenc:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep">
                        <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                        <xenc11:MGF Algorithm="http://www.w3.org/2009/xmlenc11#mgf1sha256"
                                    xmlns:xenc11="http://www.w3.org/2009/xmlenc11#"/>
                    </xenc:EncryptionMethod>
                    <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
                        <o:SecurityTokenReference
                                xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
                            <X509Data>
                                <X509IssuerSerial>
                                    <X509IssuerName>CN=TRUST2408 Systemtest XXXIV CA, O=TRUST2408, C=DK</X509IssuerName>
                                    <X509SerialNumber>1604005554</X509SerialNumber>
                                </X509IssuerSerial>
                            </X509Data>
                        </o:SecurityTokenReference>
                    </KeyInfo>
                    <xenc:CipherData>
                        <xenc:CipherValue>
                            KEvZkAI1oXrkfE7EPtoQ4FWUq8vlLvOG4qxt2GgzssNmPB+/M9egJgYqHWZ07cOSP30mLJ4cuBN6396m1yPqaMpjlhrI4GZr99rXvCI6SrlUGlyYWmciAlygEwed/V6XhSHG/i9MFi57w14JhNfMSe4senMNyy6SEZ9+hCUTtc3wHXlJh2HBGN4YOWcPX7ta8esaDwEx/D9Byw97xajUB/Uu6UL10ifnAM0+vPBCiZUKl5b+BQ08JvGH+AOJPUeloq0uixkS44jjpn7TFKKr6ddnU1iZUNZKrmUMatkMKo+a5dKnLouxfN1DW/g9RQUmaAp3K9QYKBtb9ysHOl1M8Q==
                        </xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
            </ds:KeyInfo>
            <xenc:CipherData>
                <xenc:CipherValue>
                    LYmZOnG1mKfQhU2oNCJHTYl9XvNfb/auF0xaEWZjUZIdwIuJA9gcanhO1VbB6E0WSD4ztujV6JTzfG4RPVjHELiKYE+FqucMJCUKU3/C9FyF0Qt6BzW5vmUVRX5SrGTudmFZn3feaF1m52vbHV3a9ssMMfsbt6AcO+hzlP/Ex/oMt97EWQDA2XPCxsDMJLkuYtTZ/mjEgIxYGEWh92m4b+/pa8yFKkLHc1ZkzeEQU8th0hyA8ZfmDufl+uThLvIHdVDhp9Ewk1H5nGxGG0mEYnNxjHxL6D8RFh/fISybRqE1Og2wEDmsXTXUumh0bdlgrKa7lMGslBkGtcg+0MZvPpvPhK33ne+3zCB9klFqAC73Aji9ZMwOBQ7VfpwRC6jxuwONALsCuGfmmArwzRsNmOzW/pjmTg0y34GX/b+GzcRPXs5HDIeyBAA0lBTe3YDtd7pZmUjheEt8Y1suvkIFFiHN2vXk8QwgDothbbKCtxnwYlO6k5iQ5djTolhn0Y8ZjuLKee6tW43/hWk6fXApSjdlEECNyhetgSRz4Q7mvOMaFSC5JioCdXGVW0lG9HK/sugcQlCEme75vvSK0BK+xXGFzY83aq7AhKTkQWsPfzA9hfPeGNMAN2xqrLkCgRUHcdXEo5X0MUVSVBc6OHtNQZRShQI4fIdPG1EEuO12ZKqUhTKJv7yTsNk/GsZm4YJvJxNeU5PNCAXnQAQvGc98fskZucvZ7wlhmo76Ok2qd9mr5AUIx2GvnDktN9kc0PA0Bf2k4K9uuNmn4Y4EfGRYVIxjdUUxCUr64L9SG64IjNzkeLDlTmFye13gBIdTFdBLcknpGhmnzMjcN82E5DMYKVvduKchXJFtnN5tcHjaL6eAALDniUt1plR22FOJ8nzKTJ6G0HJV9Jk61tZ0CcaK+OVabgRkTIIlJgsvdduCMWeP0qtDEjd2UgYmDYdoAeffM8LPgczpom4KR+R7qUgwrbwFEITnAJH6R7SKyScxAuQKvs7GiBVtPFXNJIztimCRh+OZVS17PblytJodJ6CX1rz84T4NwU7LwhpA0V9mFFYgxxWZ/F00yPJX6aPeJXq4Ij7V+T5gxsCbyJeWj6PxAXC7TKuGx5DhngjpKBFjMct4KOy8A+FDCgGD1ZxWkdGffiwuj8/QvkiX0KAeQc9K/VVcBDqUob0e7r6tJrCXKw1jjLUR0w10ZshpXgXyocuMIbEVm34y9yIrOI4pcSvwHiv1224qajJuWa7V3hkQMVRhqYwAaxELTXaERY+zqj1SZHjjkVGrJQ000Yq5WiIM8iN5X8EW2ZPvZ4fNN3VBW32xJ8YFnJbw//r1XDUpoN1e7g1cmmrG4cEPyhevpXDIdSoQod+oSTQZdwinqzNyUeyYASNzeP61XoVDtUxr2YFlYhHd5d1i/xezV30jnTCsFRYie3TRtgcSslRNpp/NkqaReaMN1fCdIptnfLYxMmp1ha2ER0RjOWlxf2k72njvhzJKKYx5tkEd98qrtUaSm/LkfxZx5YubCSVP1K1yUEMN5JnLekPtrf3VRsygca/O/p1Ja/6UdApMIedWneXaCRRsw8kljs3xMNxisyPXNBCu6l09hyFRlNCc70csMeSGXM4YXEJUUMosTGIKeF6jvJrWu/rr7qVCX3X7FYVByE9XNxGqJ5GOpDT8sJyzHqY3crNM7MVPoQj9iQwGP4JLIlGm6SKxpDnK2x0LgRWy2i6cvZBVMKNFqO61byiGRrl+NNJRBWRuMt65BFBM61brC7s0TZxwpSZk2qD/aCxcAxdf+QsCqfUvbic0jIBeknb8892djG7YBBk7mDikHTObHJqUKDHA6U1WNoPi86dPmWpEyw70Sur7cEfgnRI6EU2ql8rtOV5Ju2ZHGH60c91uCRNdF018HEzheSZ9RsKFSPMcEUTH68n1KcusIJZli6Gr0aV2rqQH/QABiOkAbtxaOuyLvm7BEAiBMXR8riz3f+EhuAsDY2K0WJsIt2BRM3lUOXoVK1wop1/VLY4iTt1+V1n8cg8a5D2XYXYIA/ja5V0QoE7CA0J8kWJJSnPWqKDyTX5P1pWukLzit80RwxXe8Rpug0Cn8LDW0MMJt7TaEIG7NQCbTfXO0QSsGMI5Oalu5E8sr/d8CuWqTfkG36LxP6EDxMxLqkbjSEiFjoKSAfUsG00ZdhilQFFB01ffsjkw7xtjq0HDsMVBds9EqvDZqxFNsbjH39tf0067Vwji/I9gUp5nEf7RCeh+d0bjtF85x+blh5TrLCOa/XRxpoqNhR4APjNUny4N/35PP+KyRBwfoT2aZZSRJ4iTxhXl/I055Tzl+CCzkxZt6f3FeNc8VokjMb/5IhCRYWaD28NaCBzJdPUdjkWnGGY9OA/BDPR6HLhYIZiTAL/atioTJiuskkkFbyvTMLQcGJ96WTk2i08SaX0/cUBaUsTJ3RbMbawRMIkfnZYWH4oEWzAsiOBbX7PvF+iFl6cSQNF8SmDxbc2eDq+tJpFnaFVZCj/ywIWQTdWS8k80FF2e2jpnQinKD1bZtmymw3Mb1Tf9oe4jeACjdP1xWqxcit5+XRNOd7ZYHHLGpUVDGUoSLJ//hai8UVwYbkBuQoLfLIqcEvxjJBQEQ4dFM83QUk7Stck3o933e2KN5DS3RvNIpaTJZwA3Ea7H5duC/B1e7Yah4YeIoD6qTa+fq6uFl8x7wv8zVQCQUmjiS6okjQvhHpLF5MlU0n7arIOVmFgKzc165xlzP0J0CJTbqCKKYOyC3h3p54ITpDfmUKYcMf3LEG6zEb300v0cQxbfAjFjTJyYBMF1DTXbPPakRMNpbMcG+aCESekCvgjgoUl8+B/ZZbNSMIEB0EuNRWiGQFlCKA7lmYGWUBKsLYm1FfXe9d0dpCkjAtL/Etlh9W1Xe1UQaXtNJ7UmJ5dmJTX7B0NnzzfEaW1frKGiyZVCpf8fDBEBnvFFVGb1uU/FcrKXSMOMWc6FeY7a1V40YF/pVNSw+Qbn5LEQMWxzMv7UDggLyxFp3HREnVX7Hph+huV+4SjplMCTqjZx9Kr8u+DGanP1MeWHu5IqIES9FUADEIBnls/tmh0A+sLjIFVCgz5RDaWkwg/Y4JGbQj6ttI3ECikRnFTC8XtuZVxCRPs8DPiiLNFNYB6vsdOZCqUxavQmUPqS69RAZyf8V09cqYjLFXNeZGpjN5sIrlN6U2iJMg7DPD0bypwPSZ4H44LctrpFB0JreDG5D9inKSmw3+jHVUdj5nuotA77jSG+1Pr/rOX5nUPT5ww+qm2+MkRBErmXYXDHcbZOX9LLc+Xnm/mKjkLa5bSQvYR8fzmg7zkvDlFnSk60iT07w7q8Am1L1YPJvmjk0wcI/E5akUKlfsjrh4kM7c97AHngpiiiWBl2i7j/BYf6ULH3pDUcqwIOw2u6ktwjYPJssSFtibYjasoFbCRyDElElDcZamW6W0k25LJ1fEfKirbzwULJ9PLYO7vL4fOClmmAlR2h6iBZvTG6zW5VkwbhDH+tKa0983mK9hBpQDxfqxGPzYUOdLdF2zwjq/Ri6rhHinUupQXp0HTozJEXjBU0uygFnU3ClQX+Avae+SqYUO02P0RUlrpZlq/zpoGh12TeVwDFq6urWDDwQUDxHaL8TvPqqFYYrHWVTv1atPtIfymb9Zv0CbF8GGrpqtP3hKcR9wZnyGw4aDb6PzHH2JWK3PjHSfjR4bVAG/9xxisZvzW8bEZBEPc4bvkX5iFriQRjz3zd47w84sM62xDOWo8paJhy4P8x22+Pe5gwoX7yukbE+yMiVrOtICWauzE3PqShcrjCCm0HizFHJCp9Ri6pj9JYt7gH5+zd6kxbEqzGRX9LAJ9UImc6cPK5bLrg7Ifdph/6sx4VfD1XwpRbF+ha81yxCfsXHiqKVScAWNSdbb0+uoFSzLCAzsl1g1KUrLVdBu0dRkaR9q2bWZmvH2H9B6Wks2X30yBzKX2WmmPGdrWEGvyzBhczdPp9SpxEkNnl/94I6uSCFxxrPLLvTdT+74xWYzs3clroLdYCJqE7TG08BYNraYjKjhGHD3zOIAiP1RETKWePAVEJVnBZPhIXRb6yAiIg/sC09wQQvUkKf0o2t9oXgtSAEXU20YL2uXCGKG8xdbW5l/oQSe/8KzwHqilsLlrNLvb31u4hGhn0dhxKsvJokJflfaAXd5M7suRubqilJZg3Ag2J4C83rU+HYe3rU/GxTu7fJDUvdQ9eZj3GE1X0tJJBIpyV9MFCyLB4XYCyDBlkFHxZXWKhSwQVZimjgyHVQVrqEMLFmNq6vU/HxEPHaly4+dOYAnDB2GoXMh7q/75DoIGxk/e6G08MS/12hE+L2NN/HlLR8nlUJiSrEPvSiSvxBWEkBF8ELo78x9WqqcsBNG7+FfEwzClIPNQOCl26lRtqpin+mb7m6oRxss9Tk59WpQ5glr/J9mWSJwFrtRVJzPjwbhkz2NV94tHk9fvv/5stqcK48AiVGG5Lc1dIc4Zk/uOqV8crb9h9/45v5A4rKbChhqnD6DEHUwSaXM1yK2oKWtYhn5b3Swqqn8PoREMnknEy5+u3N7CMmT7yEHk9iFmyn9n18l8SNyvjXSbTD0yfpUGX6TXc9LSeO20/x5fYNsIp35PWBU606ADGmczgZ6B/EjL+MASLSbqnDU1s0B3acmdSBFUBUwohqMSAUBgvAcUiAN1t61O/YmFqbDe12sjOuQLzOAdyKM/XGT8iBggdEhvs19k+BlboNssLMGM7rEmaU0HD6J3Yr3tiHQCJU3vuEwO2fsNTagD/Obc/2/75ud29UQuYqP0eeF0a1Rq7gwgOCA4XfRZdGxgzqz2PrIzHrbJmG9FEzZOu3mOITEBOK6PRNkka6BrwN4Fs+4V4AxBqzlgVHdmxmZTKVPAa81YpLNRLZQsobY6E3Walq0a5A9GkBKXpfgLU+P+sMHcyZiYnQvnMM4Y6oP8+BgubtzAt46ZRAFIcuqeo1fVxtXKxLiXLZD7B3tNZv44PvrvHXqZqIFuvyBkecDfLqr2P3CnJ2cfTlHoMxlWK1xFs7ZTk5ud+6XmnM2aP1lnCzT1Uf4EdK7EaeBizSiIZeE7GBPjq61GzoVLTySxJlOZlravIE6XAjO4U7C+P3h0aZJ8YM121wvADxVjzrwQGxUMycG9fHpRU9aVaqPr/2d+yTy9BbYGLd5kmc1xDfDZTX9j3PH1yZzbAerOtw0TmsWHfJiloB3bU/BIS/kQOWZf32m9cXRjv+M6T+Uf49XlbZgRuiNmQKQG4cdd0o8fbWZnEXqci8IG/JTRTpHEI2EfFe3vtF3WzegLerfOlx+Jg3BCw+RUKtz5koveO7x7mWm78DQofnl6uRME17QEvuOWD1IsJvfN8wcpVzb1z7YqMpu5qr7OBFR5bCfiEwW3XDUopHqUJAjufoDNE1wu1QfZNmABXJ5WAm45x4XTZ2fGlPvcgVdGl25HK6b+yyxeaixlKzcsJKVEJ4aS7lgEh9yGmNuZ1oQqhdF6T/SjA8of99THyMnyWdkjqwnrE6QgjoNf2tCJteI1u3LKG2KbLtKJM1vnPjtyA8sBGk0g/monytpGq8W4TYOGcJ6OP0oLt3jq/ywQP3ODvxzLcptSbyYzTQXSyLgYTw61EkcMdF3pnOCW+Gd8tHKLLqLveWX5uL6BhguFbMbFl/5pbyI1DR5uXQCSCKQ5RMN1rGwjjhVm/VNNPdG7Ra0Z4ppaTaz0pHft4n8yaliUqr6NqYWXnllmlugSLwT4b8Dke13ESFsjguRcRK91KHNZ5D66Yl3TqYVzz9b8W3e3ZwS2GovK2A/jZgqeTCyuoFT0aEM489OCUfYlnzUqnpC+O/Hb3/8b1/t1v7uCZusITkp+CSs6jlhOztz/i8DY8WJj+OycsKP6KFULvAq4TDby/ysHvP5KgXrKElQWADmLNYOskz1v4oUSeRthfAN0ccffKE0DNb3i3KvlQc0giMUhIDg9lGUxkugR6O3FkPaOPJtsSt0y6qZ47kYJV6VVCQxoSFj6/+SkkDzj6R9Ewro1zYzTatkrvLA+ArBTKLRktZUte2/UEqZVsWel7ZfRzhaFBuwxCsAUF+eyAVeF5IMJuWUNud4lIQr/O6TQcYZbdpIrxiwrZWneftYEd4gvB7rhN55Z+Iol67CRU42PVPfMLPdHQpFmYEh6DtZv91XC0OBoa8042tAPWoYNrrpDltyWgRB2YZqxgGJJVzGoS5hpwcf/3UfxSZl203+FXBXq0nblE8upV54clig2Gcae9BPL1nWTzThYjhCeR2KPEmwPeAT9AxgFi6wLBVIvE0KHCqOxksHop8T1by855yBkhV9nz3TLyR1R0GVpThTCTMFbum2BuIfSZWSfrJU9XeIGmeqK/rrrEHBrrVgPv1iVhpNygT6Tcre/KK9f/e7/LIoAeZSroQcnwkBHDg+vOUAWN5umpBi5gAE2z4N4PE9zbWDLG5TznzNKRmR1kiJT7IyBYCRxwhzHnMFv6dWmlo+SDneZkO4EtT8Hj4iTX8rZDV+EhTSl95q/mj3D5YcgTSWjtBdHhIo+Ym8Bsp19ItcdVlOTsX8Yd1G68N48xfI6OcBfDzK8UiAtjwmoazQDuA5VoVC8lx+F8mKCKbNJN/Z5pnHHVmdf1ZadfAmzYgLsf9pJalBikVPmLXYQ=
                </xenc:CipherValue>
            </xenc:CipherData>
        </xenc:EncryptedData>
    </EncryptedAssertion>
</Response>

Note that the IdP uses RSA-OAEP in the response, and that one of the log lines mentions this algorithm.

I've tried patching utils.py, in the method decrypt_element, in order to inspect the key being added and generally to analyze the problem, and found that even though the key is added through an xmlsec.KeysManager, enc_ctx.key is None afterwards. Setting it with enc_ctx.key = xmlsec.Key.from_memory(key, xmlsec.KeyFormat.PEM, None) gets rid of the first several errors, but doesn't solve the problem (plus I know patching the code myself wouldn't be a solution anyway).

Does xmlsec have a problem with RSA-OAEP, or does python3-saml need to register the algorithm somehow?

[pitbulk]

Hi @Lapeth,

have you solved this issue? otherwise, are you still interested in solving this issue?

Check this thread:
xmlsec/python-xmlsec#22

You can try to use this simple script to check if the issue is on xmlsec or python3-saml.

Reopen this ticket in case that the issue is on python3-saml side.

[Lapeth]

I ended up using PySaml2 instead. That was a bumpy road as well, but eventually I got it working.