Skip to content

Patch for Util.java to fix decoding issue when message > 2048 #110

Closed
mhou1981 wants to merge 2 commits into
SAML-Toolkits:masterfrom
mhou1981:patch-1
Closed

Patch for Util.java to fix decoding issue when message > 2048 #110
mhou1981 wants to merge 2 commits into
SAML-Toolkits:masterfrom
mhou1981:patch-1

Conversation

@mhou1981

@mhou1981 mhou1981 commented Jun 20, 2017

Copy link
Copy Markdown

Fix the base64decodedInflated where return input string after base 64 decode is greater than 2048 bytes will cause decompressed XML to have invalid format.

mhou1981 and others added 2 commits June 19, 2017 16:59
@mhou1981
Update Util.java
07fb450 
Fix the base64decodedInflated where return input string after base 64 decode is greater than 2048 bytes will cause decompressed XML to have invalid format.
@mhou1981
Update Util.java
acb423e 
Reduce operation needed to find the best match for byte array length
@coveralls

coveralls commented Jun 20, 2017

Copy link
Copy Markdown

Coverage Status

Coverage increased (+0.006%) to 95.073% when pulling acb423e on mhou1981:patch-1 into 05bf024 on onelogin:master.

@pitbulk

pitbulk commented Jun 20, 2017

Copy link
Copy Markdown
Contributor

Can you provide a test with a message > 2048?

@mhou1981

mhou1981 commented Jun 20, 2017 via email

Copy link
Copy Markdown
Author

@mhou1981

mhou1981 commented Jun 20, 2017

Copy link
Copy Markdown
Author

For example:
<samlp:LogoutResponse xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Destination="http://michael.local:8080/java-saml-tookit-jspsample/sls.jsp" ID="_58d7f4baf0e04d7c90fd2099adcc04be" InResponseTo="ONELOGIN_8bfebea7-bf9f-415e-854e-aca6dab0999d" IssueInstant="2017-06-20T00:41:10Z" Version="2.0"> <saml:Issuer>http://myserver.local:8080/saml-idp/zmpxknvsko8vndkd/metadata/</saml:Issuer> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod> <ds:Reference URI="#_58d7f4baf0e04d7c90fd2099adcc04be"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Transform> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod> <ds:DigestValue>ZKk+LhpVTW62SqmQZSc4DSI2As0=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue><!-- Signature in 344 characters --></ds:SignatureValue> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate><!-- Certificate in 1844 characters --></ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </ds:Signature> <samlp:Status> <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"></samlp:StatusCode> </samlp:Status> </samlp:LogoutResponse>

@pitbulk

pitbulk commented Jun 21, 2017

Copy link
Copy Markdown
Contributor

Ok, I had not experienced that issue since java-saml uses only base64decodedInflated on HTTP-Redirect binding where Signature is not embed on the XML.

@pitbulk pitbulk closed this in cb2d132 Jun 21, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mhou1981 @coveralls @pitbulk