Hi
Jimmy
I have a problem with Saml2 token handler. I've created a custom handler that inherits from Saml2SecurityTokenHandler. I'm getting an exception:
System.Security.Cryptography.CryptographicException: ID6013: The signature verification failed.
at Microsoft.IdentityModel.Protocols.XmlSignature.SignedXml.VerifySignature(HashAlgorithm hash, AsymmetricSignatureDeformatter deformatter, String signatureMethod)
at Microsoft.IdentityModel.Protocols.XmlSignature.SignedXml.StartSignatureVerification(SecurityKey verificationKey)
at Microsoft.IdentityModel.Protocols.XmlSignature.EnvelopedSignatureReader.OnEndOfRootElement()
at Microsoft.IdentityModel.Protocols.XmlSignature.EnvelopedSignatureReader.Read()
at System.Xml.XmlReader.ReadEndElement()
at Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.ReadAssertion(XmlReader reader)
at CustomSaml2SecurityTokenHandler.ReadAssertion(XmlReader reader) in C:\IdentityTrainingKit\Labs\WebServicesAndIdentity\Ex1-SecuringWebService\Begin\WeatcherStationServiceEx01_2\CustomSaml2SecurityTokenHandler.cs:line 69
at Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.ReadToken(XmlReader reader)
at Microsoft.IdentityModel.Tokens.SecurityTokenHandler.ReadToken(XmlReader reader, SecurityTokenResolver tokenResolver)
at Microsoft.IdentityModel.Tokens.SecurityTokenSerializerAdapter.ReadTokenCore(XmlReader reader, SecurityTokenResolver tokenResolver)
at System.IdentityModel.Selectors.SecurityTokenSerializer.ReadToken(XmlReader reader, SecurityTokenResolver tokenResolver)
at System.ServiceModel.Security.ReceiveSecurityHeader.ReadToken(XmlReader reader, SecurityTokenResolver tokenResolver, IList`1 allowedTokenAuthenticators, SecurityTokenAuthenticator& usedTokenAuthenticator)
at System.ServiceModel.Security.ReceiveSecurityHeader.ReadToken(XmlDictionaryReader reader, Int32 position, Byte[] decryptedBuffer, SecurityToken encryptionToken, String idInEncryptedForm, TimeSpan timeout)
at System.ServiceModel.Security.ReceiveSecurityHeader.ExecuteFullPass(XmlDictionaryReader reader)
at System.ServiceModel.Security.StrictModeSecurityHeaderElementInferenceEngine.ExecuteProcessingPasses(ReceiveSecurityHeader securityHeader, XmlDictionaryReader reader)
at System.ServiceModel.Security.ReceiveSecurityHeader.Process(TimeSpan timeout, ChannelBinding channelBinding, ExtendedProtectionPolicy extendedProtectionPolicy)
at System.ServiceModel.Security.TransportSecurityProtocol.VerifyIncomingMessageCore(Message& message, TimeSpan timeout)
at System.ServiceModel.Security.TransportSecurityProtocol.VerifyIncomingMessage(Message& message, TimeSpan timeout)
In response to SOAP like that:
<soap:Envelope xmlns:soap="...." xmlns:tem="http://tempuri.org/">
<soap:Header>
<wsse:Security soap:mustUnderstand="true" xmlns:wsse="..." xmlns:wsu="..." xmlns:wsse11="...">
<saml:Assertion Version="2.0" ID="_620eb6ad-258b-4fc2-893c-d8358f269553" IssueInstant="2010-01-22T10:41:18Z" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
<saml:Issuer>...</saml:Issuer>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#_620eb6ad-258b-4fc2-893c-d8358f269553">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<InclusiveNamespaces PrefixList="#default saml ds xs xsi" xmlns="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transform>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>K0rmjYlOt+TfNgChz1vdZeOjxGQ=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>...</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>...</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
....
</saml:AttributeStatement>
</saml:Assertion>
</wsse:Security>
</soap:Header>
<soap:Body>
...
</soap:Body>
</soap:Envelope>
After spending some time with reflector and debugger here is what I found.
The last bit in the stack trace is SignedXml.VerifySignature() which (from reflector) looks like that:
private void VerifySignature(HashAlgorithm hash, AsymmetricSignatureDeformatter deformatter, string signatureMethod)
{
this.Signature.SignedInfo.ComputeHash(hash);
if (StringComparer.Ordinal.Equals(signatureMethod, "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"))
{
if (!CryptoUtil.VerifySignatureForSha256(deformatter, hash, this.GetSignatureValue()))
{
throw DiagnosticUtil.ExceptionUtil.ThrowHelperError(new CryptographicException(Microsoft.IdentityModel.SR.GetString("ID6013", new object[0])));
}
}
else if (!deformatter.VerifySignature(hash, this.GetSignatureValue()))
{
throw DiagnosticUtil.ExceptionUtil.ThrowHelperError(new CryptographicException(Microsoft.IdentityModel.SR.GetString("ID6013", new object[0])));
}
}
The error happens in bolded section when deformatter.VerifySignature() returns false. In my case the deformatter is an instance of RSAPKCS1SignatureDeformatter. Going down to that method we have:
public override bool VerifySignature(byte[] rgbHash, byte[] rgbSignature)
{
if (this._strOID == null)
{
throw new CryptographicUnexpectedOperationException(Environment.GetResourceString("Cryptography_MissingOID"));
}
.....
}
When I managed to debug to this point the _strIOD field is null. The only place I found where this is set is the method SetHashAlgorithm() which looks like it's not called before calling VerifySignature()
I'm not sure if I'm doing something wrong or there is an error in WIF but I would appreciate any help. Also, if anyone have an idea about a workaround I will be more than grateful.
Regards,
Jimmy
Jimmy