XML Security

About This Presentation

Title:

XML Security

Description:

Provides granular control for working with XML Digital Signatures and XML Encryption ... Data lives within the XML Signature structure ... – PowerPoint PPT presentation

Number of Views:608

Avg rating:3.0/5.0

Slides: 53

Provided by: cdata9

Learn more at: https://www.cdatazone.org

Category:

more less

Transcript and Presenter's Notes

Title: XML Security

1
XML Security

September 13, 2006
Robert Richards
rrichards_at_php.net

2
Digital Signatures and Encryption

Canonicalization
A standard form of data
Digital Signatures
Provides proof of identity and authenticity which
the sender cannot deny.
Encryption
Protection of data from being accessed by
unauthorized parties.

3
Existing Tools/Technologies

Secure Sockets Layer (SSL)
Transport Layer Security (TLS)
Pretty Good Privacy (PGP)
GNU Privacy Guard (GnuPG)
OpenPGP
S/MIME
x.509

4
XML Security Standards

Canonical XML
http//www.w3.org/TR/xml-c14n/
Exclusive XML Canonicalization
http//www.w3.org/TR/xml-exc-c14n/
XML Signature
http//www.w3.org/TR/xmldsig-core/
XML Encryption
http//www.w3.org/TR/xmlenc-core/
XML Key Management
http//www.w3.org/TR/xkms2/

5
Transmitting Data Over SSL/TLS
6
XML Security in PHP

A library based on the xmlsec library is
currently in the works
http//www.aleksey.com/xmlsec/
Provides granular control for working with XML
Digital Signatures and XML Encryption
PHP based libraries are available
Model libraries for designing xmlsec wrapper
Not officially mainitained and may not be
backwards compatible with xmlsec based extension
Requires PHP 5.1 (5.2 is recommended)
Requires DOM, OpenSSL and Mcrypt
http//www.cdatazone.org/files/xmlseclibs.phps
http//www.cdatazone.org/files/soap-wsse.phps
http//www.cdatazone.org/files/ws-amazon.phps
http//www.cdatazone.org/infocard/infocard-lib.php
s
http//www.cdatazone.org/infocard/infocard.phps

7
Benefits of XML Security Standards

XML is a structured format
Allows for secure storage of documents
Leverages existing technologies
Provides granularity

8
XML Canonicalization

A standard serialization of an XML document or
XPath node set

ltdata a"1" b"2" c"3"/gt ltdata b"2" c"3"
a"1"/gt ltdata c"3" a"1" b"2"gtlt/datagt ltdata
c"3" a"1" b"2"gtlt/datagt ltdata
a"1" b"2" c"3"gtlt/datagt
9
Canonical XML (C14N)
http//www.w3.org/TR/2001/REC-xml-c14n-20010315 ht
tp//www.w3.org/TR/2001/REC-xml-c14n-20010315With
Comments

XML declaration and DTD are removed
The document is encoded in UTF-8
Line breaks normalized to xA (linefeed) on
input, before parsing
Empty elements are converted to start-end tag
pairs
Whitespace outside of the document element and
within start and end tags is normalized
Attribute value delimiters are set to double
quotes
Superfluous namespace declarations are removed
from each element
Lexicographic order is imposed on the namespace
declarations and attributes of each element

10
Canonical XML Example 1
lt?xml version"1.0" encoding"UTF-8"?gt lt?xml-style
sheet href"doc.xsl" type"text/xsl" ?gt lt!--
Comment --gt ltdocgt lte1 aattr'out'
battr'sorted' attr2'all' attr"I'm"
xmlnsb'http//www.ietf.org' xmlnsa"http//www.
w3.org" xmlns"http//example.org"/gt lte2
xmlns"" xmlnsa"http//www.w3.org"gt lte3
xmlns"" xmlnsa"http//www.w3.org"/gt
lt/e2gt lt/docgt
Canonical Form of Document (uncommented)
lt?xml-stylesheet href"doc.xsl" type"text/xsl"
?gt ltdocgt lte1 xmlns"http//example.org"
xmlnsa"http//www.w3.org" xmlnsb"http//www.ie
tf.org" attr"I'm" attr2"all" battr"sorted"
aattr"out"gtlt/e1gt lte2 xmlnsa"http//www.w3.o
rg"gt lte3gtlt/e3gt lt/e2gt lt/docgt
11
Canonical XML Example 1
lt?xml version"1.0" encoding"UTF-8"?gt lt?xml-style
sheet href"doc.xsl" type"text/xsl" ?gt lt!--
Comment --gt ltdocgt lte1 aattr'out'
battr'sorted' attr2'all' attr"I'm"
xmlnsb'http//www.ietf.org' xmlnsa"http//www.
w3.org" xmlns"http//example.org"/gt lte2
xmlns"" xmlnsa"http//www.w3.org"gt lte3
xmlns"" xmlnsa"http//www.w3.org"/gt
lt/e2gt lt/docgt
Canonical Form of Document (uncommented)
lt?xml-stylesheet href"doc.xsl" type"text/xsl"
?gt ltdocgt lte1 xmlns"http//example.org"
xmlnsa"http//www.w3.org" xmlnsb"http//www.ie
tf.org" attr"I'm" attr2"all" battr"sorted"
aattr"out"gtlt/e1gt lte2 xmlnsa"http//www.w3.o
rg"gt lte3gtlt/e3gt lt/e2gt lt/docgt
12
Canonical XML Example 1
lt?xml version"1.0" encoding"UTF-8"?gt lt?xml-style
sheet href"doc.xsl" type"text/xsl" ?gt lt!--
Comment --gt ltdocgt lte1 aattr'out'
battr'sorted' attr2'all' attr"I'm"
xmlnsb'http//www.ietf.org' xmlnsa"http//www.
w3.org" xmlns"http//example.org"/gt lte2
xmlns"" xmlnsa"http//www.w3.org"gt lte3
xmlns"" xmlnsa"http//www.w3.org"/gt
lt/e2gt lt/docgt
Canonical Form of Document (uncommented)
lt?xml-stylesheet href"doc.xsl" type"text/xsl"
?gt ltdocgt lte1 xmlns"http//example.org"
xmlnsa"http//www.w3.org" xmlnsb"http//www.ie
tf.org" attr"I'm" attr2"all" battr"sorted"
aattr"out"gtlt/e1gt lte2 xmlnsa"http//www.w3.o
rg"gt lte3gtlt/e3gt lt/e2gt lt/docgt
13
Canonical XML Example 1
lt?xml version"1.0" encoding"UTF-8"?gt lt?xml-style
sheet href"doc.xsl" type"text/xsl" ?gt lt!--
Comment --gt ltdocgt lte1 aattr'out'
battr'sorted' attr2'all' attr"I'm"
xmlnsb'http//www.ietf.org' xmlnsa"http//www.
w3.org" xmlns"http//example.org"/gt lte2
xmlns"" xmlnsa"http//www.w3.org"gt lte3
xmlns"" xmlnsa"http//www.w3.org"/gt
lt/e2gt lt/docgt
Canonical Form of Document (uncommented)
lt?xml-stylesheet href"doc.xsl" type"text/xsl"
?gt ltdocgt lte1 xmlns"http//example.org"
xmlnsa"http//www.w3.org" xmlnsb"http//www.ie
tf.org" attr"I'm" attr2"all" battr"sorted"
aattr"out"gtlt/e1gt lte2 xmlnsa"http//www.w3.o
rg"gt lte3gtlt/e3gt lt/e2gt lt/docgt
14
Canonical XML Example 2
lt?xml version"1.0" encoding"UTF-8"?gt ltdoc
xmlnsd"http//www.example.org/d"
xmlnsc"http//www.example.org/c"gt lte1
aattr"out" battr"sorted" attr2"all"
attr"I'm" xmlnsb"http//www.ietf.org"
xmlnsa"http//www.w3.org"
xmlns"http//example.org"/gt ltde2 xmlns""
xmlnsa"http//www.w3.org"gt lte3 xmlns""
xmlnsa"http//www.w3.org"/gt lt/de2gt lt/docgt
Canonical Form of Nodeset (uncommented) (//.
//_at_ //namespace)ancestor-or-selfde2
ltde2 xmlnsa"http//www.w3.org"
xmlnsc"http//www.example.org/c"
xmlnsd"http//www.example.org/d"gt
lte3gtlt/e3gt lt/de2gt
15
Canonical XML Example 2
lt?xml version"1.0" encoding"UTF-8"?gt ltdoc
xmlnsd"http//www.example.org/d"
xmlnsc"http//www.example.org/c"gt lte1
aattr"out" battr"sorted" attr2"all"
attr"I'm" xmlnsb"http//www.ietf.org"
xmlnsa"http//www.w3.org"
xmlns"http//example.org"/gt ltde2 xmlns""
xmlnsa"http//www.w3.org"gt lte3 xmlns""
xmlnsa"http//www.w3.org"/gt lt/de2gt lt/docgt
Canonical Form of Nodeset (uncommented) (//.
//_at_ //namespace)ancestor-or-selfde2
ltde2 xmlnsa"http//www.w3.org"
xmlnsc"http//www.example.org/c"
xmlnsd"http//www.example.org/d"gt
lte3gtlt/e3gt lt/de2gt
16
Canonical XML Example 2
lt?xml version"1.0" encoding"UTF-8"?gt ltdoc
xmlnsd"http//www.example.org/d"
xmlnsc"http//www.example.org/c"gt lte1
aattr"out" battr"sorted" attr2"all"
attr"I'm" xmlnsb"http//www.ietf.org"
xmlnsa"http//www.w3.org"
xmlns"http//example.org"/gt ltde2 xmlns""
xmlnsa"http//www.w3.org"gt lte3 xmlns""
xmlnsa"http//www.w3.org"/gt lt/de2gt lt/docgt
Canonical Form of Nodeset (uncommented) (//.
//_at_ //namespace)ancestor-or-selfde2
ltde2 xmlnsa"http//www.w3.org"
xmlnsc"http//www.example.org/c"
xmlnsd"http//www.example.org/d"gt
lte3gtlt/e3gt lt/de2gt
17
Problem with Re-Enveloping

ltde2 xmlnsd"http//www.example.org/d"gtcontentlt/
de2gt
lt!-- Document wrapped within ns0e1 element --gt
ltns0e1 xmlnsns0"www.example.org/ns0"gt
ltde2 xmlnsd"http//www.example.org/d"gtconten
tlt/de2gt
lt/ns0e1gt
lt!-- Canonical Form --gt
ltde2 xmlnsd"http//www.example.org/d"
xmlnsns0"www.example.org/ns0"gtcontentlt
/de2gt
lt!-- Document wrapped within ns1e1 element --gt
ltns1e1 xmlnsns0"www.example.org/ns1"gt
ltde2 xmlnsd"http//www.example.org/d"gtconten
tlt/de2gt
lt/ns1e1gt
lt!-- Canonical Form --gt
ltde2 xmlnsd"http//www.example.org/d"
xmlnsns1"www.example.org/ns1"gtcontentlt
/de2gt

18
Exclusive XML Canonicalization
http//www.w3.org/2001/10/xml-exc-c14n http//www
.w3.org/2001/10/xml-exc-c14nWithComments

Follows the same rules as Canonical XML, except
Attributes in the xml namespace are not imported
into orphan nodes
Namespaces not specially told to be added are
only added on the starting element for which they
are visible and not currently in scope within the
output.

19
Re-Enveloping using Exclusive

ltde2 xmlnsd"http//www.example.org/d"gtcontentlt/
de2gt
lt!-- Document wrapped within ns0e1 element --gt
ltns0e1 xmlnsns0"www.example.org/ns0"gt
ltde2 xmlnsd"http//www.example.org/d"gtconten
tlt/de2gt
lt/ns0e1gt
lt!-- Canonical Form --gt
ltde2 xmlnsd"http//www.example.org/d"gtcontentlt/
de2gt
lt!-- Document wrapped within ns1e1 element --gt
ltns1e1 xmlnsns0"www.example.org/ns1"gt
ltde2 xmlnsd"http//www.example.org/d"gtconten
tlt/de2gt
lt/ns1e1gt
lt!-- Canonical Form --gt
ltde2 xmlnsd"http//www.example.org/d"gtcontentlt/
de2gt

20
Exclusive Canonical XML Example
lt?xml version"1.0" encoding"UTF-8"?gt ltdoc
xmlnsd"http//www.example.org/d"
xmlnsc"http//www.example.org/c"gt lte1
aattr"out" battr"sorted" attr2"all"
attr"I'm" xmlnsb"http//www.ietf.org"
xmlnsa"http//www.w3.org"
xmlns"http//example.org"/gt ltde2 xmlns""
xmlnsa"http//www.w3.org"gt lte3 xmlns""
xmlnsa"http//www.w3.org"/gt lt/de2gt lt/docgt
Exclusive Canonical Form of Nodeset
(uncommented) (//. //_at_ //namespace)ancest
or-or-selfde2
ltde2 xmlnsd"http//www.example.org/d"gt
lte3gtlt/e3gt lt/de2gt
21
XML Digital Signature (XMLDSIG)

Insure that a message has not been altered or
tampered with. (integrity)
Protection against attacks that alter a message
but maintain integrity. (message authentication)
Provide a means for message auditing so that
messages may not be repudiated. (signer
authenticity)

22
XML Signature Structure
xmlns"http//www.w3.org/2000/09/xmldsig"

ltSignaturegt
ltSignedInfogt
ltCanonicalizationMethod/gt
ltSignatureMethod/gt
(ltReference URI? gt
(ltTransformsgt)?
ltDigestMethodgt
ltDigestValuegt
lt/Referencegt)
lt/SignedInfogt
ltSignatureValuegt
(ltKeyInfogt)?
(ltObject Id?gt)
lt/Signaturegt

23
XML Signature Types of Signatures

Enveloping Signature
Data lives within the XML Signature structure
Good for signing data being packaged within an
XML payload
Enveloped Signature
Data lives outside of and contains the XML
Signature structure
Good for signing portions or all of an XML
document
Detached Signature
Data lives outside and DOES NOT contain the XML
Signature structure
Data may reside at a remote location addressable
by URI

24
Enveloping Signature

lt?xml version"1.0"?gt
ltSignature xmlns"http//www.w3.org/2000/09/xmldsi
g"gt
ltSignedInfogt
ltCanonicalizationMethod
Algorithm"http//www.w3.org/TR/
2001/REC-xml-c14n-20010315"/gt
ltSignatureMethod
Algorithm"http//www.w3.org/2000
/09/xmldsighmac-sha1"/gt
ltReference URI"myobj"gt
ltDigestMethod Algorithm"http//www.w3.org/2
000/09/xmldsigsha1"/gt
ltDigestValuegtC2g9BLcGyGPCVKuF2byR1Ym6pElt/D
igestValuegt
lt/Referencegt
lt/SignedInfogt
ltSignatureValuegtR/XEOHDvR/jbmmpiuH4ZcRqC6clt/S
ignatureValuegt
ltObject Id"myobj"gtHello World!lt/Objectgt
lt/Signaturegt

25
Enveloped Signature

lt?xml version"1.0"?gt
ltEnvelopegt
ltDatagtcontentlt/Datagt
ltSignature xmlns"http//www.w3.org/2000/09/xmldsi
g"gt
ltSignedInfogt
ltCanonicalizationMethod Algorithm"http//www.
w3.org/2001/10/xml-exc-c14n"/gt
ltSignatureMethod Algorithm"http//www.w3.org/
2000/09/xmldsighmac-sha1"/gt
ltReferencegt
ltTransformsgt
ltTransform
Algorithm"http//www.w3.org/2000/09
/xmldsigenveloped-signature"/gt
lt/Transformsgt
ltDigestMethod Algorithm"http//www.w3.org/2
000/09/xmldsigsha1"/gt
ltDigestValuegtMMMkB0ZPp82XrUvJMFqDIEuXy0olt/D
igestValuegt
lt/Referencegt
lt/SignedInfogt
ltSignatureValuegtmVPvfcVSXi9elKLIcSCAzD4Jbklt/Si
gnatureValuegt
lt/Signaturegtlt/Envelopegt

26
Detached Signature

lt?xml version"1.0"?gt
ltSignature xmlns"http//www.w3.org/2000/09/xmldsi
g"gt
ltSignedInfogt
ltCanonicalizationMethod
Algorithm"http//www.w3.org/
2001/10/xml-exc-c14n"/gt
ltSignatureMethod
Algorithm"http//www.w3.org/
2000/09/xmldsighmac-sha1"/gt
ltReference URI"http//www.ctindustries.net/te
xt.txt"gt
ltDigestMethod Algorithm"http//www.w3.org/2
000/09/xmldsigsha1"/gt
ltDigestValuegtoLZZOWcLwsAQ9NXWoLPk5FkPuSslt/D
igestValuegt
lt/Referencegt
lt/SignedInfogt
ltSignatureValuegtO9ykpFMXmkddzJ3CySrpzHBUW/Qlt/Sign
atureValuegt
lt/Signaturegt

27
XML Signature Generation

Apply any transforms to the data
Calculate the digest value
Create the Reference Element
Repeat steps 1 3 for each piece of data to be
included
Create SignedInfo element with SignatureMethod,
CanonicalizationMethod and Reference elements
Canonicalize the SignedInfo element
Calculate the SignatureValue over the
canonicalized SignedInfo based the
SignatureMethod
Assemble the Signature element

28
SOAP Request

ltSOAP-ENVEnvelope
xmlnsSOAP-ENV"http//schemas.xmlsoap.org/s
oap/envelope/"
xmlnsns1"http//www.csapi.org/schema/parla
yx/terminal_location/v2_0/local"
xmlnsxsd"http//www.w3.org/2001/XMLSchema"
xmlnsxsi"http//www.w3.org/2001/XMLSchema-
instance"gt
ltSOAP-ENVBodygt
ltns1getLocationgt
ltaddressgttel1234567890lt/addressgt
ltrequestedAccuracy xsitype"xsdint"gtxxlt/
requestedAccuracygt
ltacceptableAccuracy xsitype"xsdint"gtyylt
/acceptableAccuracygt
lt/ns1getLocationgt
lt/SOAP-ENVBodygt
lt/SOAP-ENVEnvelopegt

29
SOAP Request WS-Security (Signature)

ltsoapenvEnvelope ...gt
ltsoapenvHeadergt
ltwsseSecurity xmlnswsse"http//docs.oasis
-open.org/. . ." soapenvmustunderstand"1"gt
ltwsseBinarySecurityToken . .
.gtMIIE3zCCBEigAwIBAg . . .lt/wsseBinarySecurityTok
engt
ltdsSignature xmlnsds"http//www.w3.org
/2000/09/xmldsig"gt
ltdsSignedInfogt
ltdsSignatureMethod
Algorithm"http//www.w3.org/2000/09/xmldsigrsa-s
ha1"/gt
ltdsCanonicalizationMethod
Algorithm"http//www.w3.org/2001/10/xml-exc-c14n
"/gt
ltdsReference URI"9b6c55bc-558f-e
61a-e99a-ee2084f22000"gt. . .lt/dsReferencegt
ltdsReference URI"c359df59-9262-d
587-18af-add2c0dc1ddb"gt. . .lt/dsReferencegt
lt/dsSignedInfogt
ltdsSignatureValuegtYd1TGIjOb3q4UcQkUBu
M3Q6Zs3G...lt/dsSignatureValuegt
ltdsKeyInfogt. . .lt/dsKeyInfogt
lt/dsSignaturegt
ltwsuTimestamp xmlnswsu"http// ."
wsuId"9b6c55bc-558f-e61a-e99a-ee2084f22000"gt
lt/wsseSecuritygt
lt/soapenvHeadergt
ltsoapenvBody xmlnswsu"http//. . ."
wsuId"c359df59-9262-d587-18af-add2c0dc1ddb"gt

30
SOAP Request WS-Security Generation

require('soap-wsse.php')
define('PRIVATE_KEY', 'private_key.pem')
define('CERT_FILE', 'cert.pem')
class mySoap extends SoapClient
public function __doRequest(request,
location, saction, version)
doc new DOMDocument('1.0')
doc-gtloadXML(request)
/ WS-Security Specific code here /
return parent__doRequest(wsseRequest,
location, saction, version)

31
SOAP Request WS-Security Generation

objWSSE new WSSESoap(doc-gtloadXML(request))
/ add Timestamp with default expiration
timestamp /
objWSSE-gtaddTimestamp()
/ objWSSE-gtaddUserToken('username',
'password', TRUE) /
/ create new XMLSec Key using RSA SHA-1 and
type is private key /
objKey new XMLSecurityKey(XMLSecurityKeyRSA_
SHA1, array('type'gt'private'))
/ load private key from file - last arg is bool
if key in file (TRUE) or is string (FALSE) /
objKey-gtloadKey(PRIVATE_KEY, TRUE)
/ Sign the message - also signs appropraite
WS-Security items /
objWSSE-gtsignSoapDoc(objKey)
/ Add certificate (BinarySecurityToken) to the
message and attach pointer to Signature /
token objWSSE-gtaddBinaryToken(file_get_conten
ts(CERT_FILE))
objWSSE-gtattachTokentoSig(token)

32
SOAP Request signSoapDoc()

objDSig new XMLSecurityDSig()
objDSig-gtsetCanonicalMethod(XMLSecurityDSigEXC_
C14N)
arNodes array()
/ this-gtsecNode refers to wsseSecurity node
within tree /
foreach (this-gtsecNode-gtchildNodes AS node)
if (node-gtnodeType XML_ELEMENT_NODE)
arNodes node
foreach (this-gtenvelope-gtchildNodes AS node)
if (node-gtnamespaceURI this-gtsoapNS
node-gtlocalName 'Body')
arNodes node
break
arOptions array('prefix'gtWSSESoapWSUPFX,
'prefix_ns'gtWSSESoapWSUNS)
objDSig-gtaddReferenceList(arNodes,
XMLSecurityDSigSHA1, NULL, arOptions)

33
XML Signature Validation

Obtain the verification keying information
Apply the CanonicalizationMethod to the
SignedInfo element
Verify the SignatureValue using the canonical
form of the SignatureMethod
For each Reference element within SignedInfo
Obtain the data to be digested
Digest the data using the DigestMethod within its
Referece element
Compare the computed value to that of the
un-encoded value from the DigestValue element

34
XML Encryption (XMLENC)

Encrypted data is maintained.
All information needed to decrypt a document is
contained within the document.
Session can be secured on the document level and
shared between multiple parties.
Sensitive data is easily interchanged between
applications.

35
XML Encryption Structure
xmlnsenc"http//www.w3.org/2001/04/xmlenc"

ltencEncryptedData Id? Type? MimeType?gt
ltencEncryptionMethod Algorithm /gt?
ltdsigKeyInfogt?
ltencCipherDatagt
ltencCipherValuegt?
ltencCipherReference URI?gt?
lt/encCipherDatagt
ltencEncryptionPropertiesgt?
lt/encEncryptedDatagt

36
XML Encryption Encrypting

Select the algorithm (and parameters) to use in
encrypting the item.
Obtain the key and create dsKeyInfo if necessary
Encrypt the data and prepend any appropriate
initialization vector (IV).
Build CipherData element
If to be stored within CipherValue element, then
encrypted data is base64 encoded.
If encrypted data is external, then create
CipherReference with URI and any transforms.
Build EncryptedData or EncryptedKey structure

37
XML Encryption Example
ltpaymentgt ltorder_numbergt1001lt/order_numbergt
ltcustomergtJoe Smithlt/customergt ltcreditcardgt
ltnumbergt4111 1111 1111 1111lt/numbergt
ltexpiration_monthgt01lt/expiration_monthgt
ltexpiration_yeargt2007lt/expiration_yeargt
ltccv2gt123lt/ccv2gt lt/creditcardgt lt/paymentgt
38
XML Encryption ExampleElement / Shared Secret Key
lt?xml version"1.0"?gt ltpaymentgt
ltorder_numbergt1001lt/order_numbergt
ltcustomergtJoe Smithlt/customergt ltEncryptedData
xmlns"http//www.w3.org/2001/04/xmlenc"
Type"http//www.w3.org/2001/04/xmlenc
Element"gt ltEncryptionMethod
Algorithm"http//www.w3.org/2001/04/xmlenctri
pledes-cbc"/gt ltCipherDatagt
ltCipherValuegtC5X1I65RCXlt/CipherValuegt
lt/CipherDatagt lt/EncryptedDatagt lt/paymentgt
39
XML Encryption Example Code

require('xmlseclibs.php')
/ Using a shared secret key for encryption /
key 'secret'
doc new DOMDocument()
xpath new DOMXPath(doc -gtload('payment.xml'))
creditcard xpath-gtquery("//creditcard")-gtitem(
0)
enc new XMLSecEnc()
enc-gtsetNode(creditcard)
enc-gttype XMLSecEncElement
/ Use the libraries to encrypt the credit card
element within the document /
objKey new XMLSecurityKey(XMLSecurityKeyTRIPL
EDES_CBC)
objKey-gtloadKey(key)
encNode enc-gtencryptNode(objKey)
print encNode-gtownerDocument-gtsaveXML()

40
XML Encryption ExampleElement Content / Shared
Secret Key
lt?xml version"1.0"?gt ltpaymentgt
ltorder_numbergt1001lt/order_numbergt
ltcustomergtJoe Smithlt/customergt
ltcreditcardgtltEncryptedData
xmlns"http//www.w3.org/2001/04/xmlenc"
Type"http//www.w3.org
/2001/04/xmlencContent"gt
ltEncryptionMethod
Algorithm"http//www.w3.org/2001/04/xmlenctriple
des-cbc"/gt ltCipherDatagt
ltCipherValuegtC5X1I65RCXlt/CipherValuegt
lt/CipherDatagt lt/EncryptedDatagtlt/creditcardgt lt/p
aymentgt
41
XML Encryption ExampleArbitrary Data with Shared
Secret Key
lt?xml version'1.0'?gt ltEncryptedData
xmlns'http//www.w3.org/2001/04/xmlenc'
xmlnsds'http//www.w3.org/2000/09/xmldsig
' MimeType'text/xml'gt
ltCipherDatagt ltCipherValuegt...C5X1I65RCX...lt/Ci
pherValuegt lt/CipherDatagt lt/EncryptedDatagt
42
XML Encryption Decrypting

Determine encryption algorithm and parameters.
Obtain the decryption key information.
Obtain the data to decrypt.
If CipherData has a CipherValue child then
base-64 decode its contents.
If CipherData has a CipherReference child,
retrieve the data and apply any Transforms.
Depending upon algorithm and parameters, strip
any IV from the data to use for decryption.
Decrypt the cipher data with the encryption
algorithm, parameters, and keying material.

43
XML Encryption Decrypting Example (Infocard)

ltEncryptedData xmlns"http//www.w3.org/2001/04/xm
lenc"
Type"http//www.w3.org/200
1/04/xmlencElement"gt
ltEncryptionMethod Algorithm"http//www.w3.org/
2001/04/xmlencaes256-cbc"/gt
ltKeyInfo xmlns"http//www.w3.org/2000/09/xmlds
ig"gt
lteEncryptedKey xmlnse"http//www.w3.org/2
001/04/xmlenc"gt
lteEncryptionMethod Algorithm"http//www
.w3.org/2001/04/xmlencrsa-oaep-mgf1p"gt
ltDigestMethod Algorithm"http//www.w3
.org/2000/09/xmldsigsha1"/gt
lt/eEncryptionMethodgt
ltKeyInfogt
ltoSecurityTokenReference
xmlnso"/oasis-200401-wss-wssecurity-secext-1.0.
xsd"gt
. . .lt/oSecurityTokenReferencegt
lt/KeyInfogt
lteCipherDatagt
lteCipherValuegtkXja26CSDKssMeqJcsJttLg
lt/eCipherValuegt
lt/eCipherDatagt
lt/eEncryptedKeygt
lt/KeyInfogt

44
XML Encryption Code (Infocard)

require('xmlseclibs.php')
define('PRIVATE_KEY', 'site_sslprivate.key')
define('SAML_ASSERT_NS', 'urnoasisnamestcSAML
1.0assertion')
encdom new DOMDocument()
encdom-gtloadXML(xmlToken)
objenc new XMLSecEnc()
encData objenc-gtlocateEncryptedData(encdom)
if (! encData)
throw new Exception("Cannot locate Encrypted
Data")
objenc-gtsetNode(encData)
objenc-gttype encData-gtgetAttribute("Type")

45
XML Encryption Code (Infocard)

key NULL
objKey objenc-gtlocateKey()
if (objKey)
if (objKeyInfo objenc-gtlocateKeyInfo(objKey)
)
if (objKeyInfo-gtisEncrypted)
objencKey objKeyInfo-gtencryptedCtx
objKeyInfo-gtloadKey(PRIVATE_KEY, TRUE)
key objencKey-gtdecryptKey(objKeyInfo)
if (empty(objKey) empty(key))
throw new Exception("Error loading key to handle
Decryption")
objKey-gtloadKey(key)
token NULL
if (decrypt objenc-gtdecryptNode(objKey,
FALSE))
token new DOMDocument()
token-gtloadXML(decrypt)

46
XML Encryption Code (Infocard)

ltsamlAssertion ... AssertionID"uuid17818733-c53
4-42d9-a6f6-4bb1c32d0de7"gt
lt!-- SAML related information --gt
ltSignature xmlns"http//www.w3.org/2000/09/xmld
sig"gt
ltSignedInfogt
ltCanonicalizationMethod Algorithm"http//ww
w.w3.org/2001/10/xml-exc-c14n"/gt
ltSignatureMethod Algorithm"http//www.w3.or
g/2000/09/xmldsigrsa-sha1"/gt
ltReference URI"uuid17818733-c534-42d9-a6f
6-4bb1c32d0de7"gt
ltTransformsgt . . . lt/Transformsgt
ltDigestMethod Algorithm"http//www.w3.org
/2000/09/xmldsigsha1"/gt
ltDigestValuegteHLrK4QSEkrDhHXZYHgGJMkPAU4lt
/DigestValuegt
lt/Referencegt
lt/SignedInfogt
ltSignatureValuegt0uDR9pr/TusV...lt/SignatureValu
egt
ltKeyInfogtltKeyValuegt
ltRSAKeyValuegt
ltModulusgt8llAGAvlPuG...lt/Modulusgt
ltExponentgtAQABlt/Exponentgt
lt/RSAKeyValuegt
lt/KeyValuegtlt/KeyInfogt

47
XML Encryption Code (Infocard)

/ Validate the SAML token /
objXMLSecDSig new XMLSecurityDSig()
objXMLSecDSig-gtidKeys 'AssertionID'
objDSig objXMLSecDSig-gtlocateSignature(token)
/ Canonicalize the signed info /
objXMLSecDSig-gtcanonicalizeSignedInfo()
retVal NULL
if (objDSig) retVal objXMLSecDSig-gtvalidate
Reference()
if (! retVal) throw new Exception("SAML
Validation Failed")
objKey objXMLSecDSig-gtlocateKey()
/ Additional Key handling here /
if (empty(objKey)) throw new Exception("Error
loading key to handle Signature")
if (! objXMLSecDSig-gtverify(objKey))

48
Signing and Encrypting

Sign and then Encrypt
Provides signature protection
Allows for encryption algorithm to be changed
without affecting signature
Incurs additional overhead as you must decrypt
before you can verify
Encrypt and then Sign
Immediately know if data has been tampered with
Document can no longer be shared with other
parties without revealing decryption key
Sender identity is revealed

49
Questions?
50
XML Encryption in WS-Security