Is your feature request related to a problem? Please describe.
This issue is to ask what the maintainers intend to do about cryptographic obsolescence to future-proof this project.
The https://github.com/amdonov/xmlsig library used by this project has not been updated for 6 years. It lacks current cryptographic algorithms and over time the algorithms it supports are likely to be undermined by cryptoanalytical attacks. In particular, SHA256 is the only modern hash algorithm supported: when that is deprecated (just as MD5 and SHA1 were before it), there are no other good options left to use, resulting in a risk of forgery of SAML responses allowing unauthorised access.
Describe the solution you'd like
Replace the old https://github.com/amdonov/xmlsig library with one that's actively maintained. Is there a reason for not using https://github.com/russellhaering/goxmldsig for all operations?
Describe alternatives you've considered
We can live with this for the time being, but long-term the only good option is to replace the obsolete library.
I have some background in cryptography and golang myself, if necessary I'd be willing to maintain a fork if that helps? e.g. see my PR here.
Additional context
Over time, cryptoanalysts develop new mathematical attacks against cryptographic algorithms and computing power continues to get cheaper. This results in cryptographic algorithms which are "good enough" today being deprecated over time. For example:
These have lead to deprecations of such algorithms, for example:
It's very likely that the set of crypto algorithms in the XML signature libraries used here will one day become deprecated too.
This repository depends on two XML signature projects:
- https://github.com/russellhaering/goxmldsig
- https://github.com/amdonov/xmlsig
The goxmldsig library appears to be updated periodically and supports various newer algorithms such as SHA384 and SHA512.
However, https://github.com/amdonov/xmlsig has not had a commit for 6 years and does not appear to be maintained any more. It supports DSA and RSA encryption and SHA1 and SHA256 hashing only, omitting several newer algorithms included in the XML Signature Syntax and Processing Version 2.0 standard (from 2015) and the corresponding RFC 4051, notably ECDSA encryption and SHA384 and SHA512 hashing. It's a risk to rely on this obsolete library.
As noted above SHA1 is already deprecated, so SHA256 is the only viable signature algorithm for people concerned about cryptographic security. If a flaw is discovered in SHA256, users of Zitadel SAML won't have any available alternative algorithm to safely use. Cryptanalysis of the SHA2 family is already in progress. How long before it becomes deprecated too?
Is your feature request related to a problem? Please describe.
This issue is to ask what the maintainers intend to do about cryptographic obsolescence to future-proof this project.
The https://github.com/amdonov/xmlsig library used by this project has not been updated for 6 years. It lacks current cryptographic algorithms and over time the algorithms it supports are likely to be undermined by cryptoanalytical attacks. In particular, SHA256 is the only modern hash algorithm supported: when that is deprecated (just as MD5 and SHA1 were before it), there are no other good options left to use, resulting in a risk of forgery of SAML responses allowing unauthorised access.
Describe the solution you'd like
Replace the old https://github.com/amdonov/xmlsig library with one that's actively maintained. Is there a reason for not using https://github.com/russellhaering/goxmldsig for all operations?
Describe alternatives you've considered
We can live with this for the time being, but long-term the only good option is to replace the obsolete library.
I have some background in cryptography and golang myself, if necessary I'd be willing to maintain a fork if that helps? e.g. see my PR here.
Additional context
Over time, cryptoanalysts develop new mathematical attacks against cryptographic algorithms and computing power continues to get cheaper. This results in cryptographic algorithms which are "good enough" today being deprecated over time. For example:
These have lead to deprecations of such algorithms, for example:
It's very likely that the set of crypto algorithms in the XML signature libraries used here will one day become deprecated too.
This repository depends on two XML signature projects:
The goxmldsig library appears to be updated periodically and supports various newer algorithms such as SHA384 and SHA512.
However, https://github.com/amdonov/xmlsig has not had a commit for 6 years and does not appear to be maintained any more. It supports DSA and RSA encryption and SHA1 and SHA256 hashing only, omitting several newer algorithms included in the XML Signature Syntax and Processing Version 2.0 standard (from 2015) and the corresponding RFC 4051, notably ECDSA encryption and SHA384 and SHA512 hashing. It's a risk to rely on this obsolete library.
As noted above SHA1 is already deprecated, so SHA256 is the only viable signature algorithm for people concerned about cryptographic security. If a flaw is discovered in SHA256, users of Zitadel SAML won't have any available alternative algorithm to safely use. Cryptanalysis of the SHA2 family is already in progress. How long before it becomes deprecated too?