Decryption fails when an EncryptedKey is referenced from EncryptedData using a RetrievalMethod lacking a Type attribute #1
Description
When an EncryptedKey element is referenced from an EncryptedData element using a RetrievalMethod without a Type attribute, decryption fails (see example below).
This is because currently, the Type attribute is required to exist and have a fixed value of http://www.w3.org/2001/04/xmlenc#EncryptedKey. See:
https://github.com/robrichards/xmlseclibs/blob/master/src/XMLSecEnc.php#L464
However, the Type attribute is not required according to the XSD:
See for instance section 4.5.3 "The RetrievalMethod Element” of:
https://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod
The Type attribute Schema Definition indicates that this attribute is optional.
An example where this issue is a problem:
<saml2:EncryptedID xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<xenc:EncryptedData Id="_A" Type="http://www.w3.org/2001/04/xmlenc#Element">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
<ds:KeyInfo>
<ds:RetrievalMethod URI="#_B"/>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>...</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
<xenc:EncryptedKey Id="_B" Recipient="urn:sp">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
</xenc:EncryptionMethod>
<ds:KeyInfo>
<ds:KeyName>...</ds:KeyName>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>...</xenc:CipherValue>
</xenc:CipherData>
<xenc:ReferenceList>
<xenc:DataReference URI="#_A"/>
</xenc:ReferenceList>
</xenc:EncryptedKey>
</saml2:EncryptedID>
The code in the function staticLocateKeyInfo that tries to locate a KeyInfo element containing a decryption key (_B in this case) returns when the RetrievalMethod element lacks a Type attribute:
This means xmlseclibs is not able to retrieve the symmetric key (_B) that is needed to decrypt the nameid.
Interestingly, in the 2002 version of the xmlsec spec, the Type attribute was both optional and fixed to http://www.w3.org/2001/04/xmlenc#EncryptedKey, which would make a good default when a value was missing:
https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.html#sec-ds-RetrievalMethod
However, this was dropped later:
https://www.w3.org/TR/xmlenc-core/#sec-ds-RetrievalMethod
Unclear what the correct behaviour should be. Making the Type attribute default to http://www.w3.org/2001/04/xmlenc#EncryptedKey would fix above problem (but will it introduce others?).