OAEP Encryption in WSO2 Identity Server

What is OAEP encryption?

OAEP stands for Optimal Asymmetric Encryption Padding. It is a padding mechanism used along with RSA encryption. It provides dynamic padding with RSA encryption[1].

Random data is added to the plaintext to ensure that encrypting the same plaintext twice will generate different ciphertext. Therefore every time you encrypt a particular string with OAEP encryption, it will provide a different encrypted result.Hence the dynamic nature(element of randomness compared to plain text RSA encryption).

OAEP padding with RSA is a more secure encryption mechanism, which are passed in vulnerability scanning tests as well.

It helps to prevent attacks like Bleichenbacher’s Attack[2]

OAEP encryption support in WSO2 IS.

WSO2 IS now supports OAEP encryption by default from IS 5.5.0 version onwards. And also it is available in IS 5.1,5.2,5.3 and 5.4 versions as a WUM update.

Format of the OAEP encrypted ciphertext:

1.In WSO2 we include the OAEP ciphertext, in a self contained ciphertext.

This self-contained ciphertext is in a JSON format. It is in following format.

ex:-

{
c”: “gUyLjam+rT\/ehrOqxYkXuHHyQoHq7KqRgeBspiI9k70q6RAQCpGBeh0BLUmvtSjpho+l4OXaLVZXx2oF1Q+oQKoM9g1sSb9ZAz6dZFjOTsl9y4he9m3Zro3Al6c\/qybACQnkWBtGFQ44yRoL0UgdPPTfCW\/Opl1w88E0rhjUygJYWbxe7HHkdcrWQtEAd2+K3JshfcGkmp3TAG0KxvU1KineFv21aL8C6tFtnetAw5KvvWLZE62e8syGsone5iW945MC6eZpxXMxZKBm8IbFMs9migYgfgh4E9XMOg1PL47c5Wgz\/xH8dWWjE8oX1Q6Wqo4203GC0HYQCnYGps9GeQ==”,
t”: “RSA\/ECB\/OAEPwithSHA1andMGF1Padding”,
tp”: “501FC1432D87155DC431382AEB843ED558AD61B1”,
tpd”: “SHA-1”

}

c=Base64 encoded OAEP encrypted ciphertext

t=Cipher transformation scheme(includes encryption algorithm, padding etc)

tp=Thumbprint of the certificate

tpd=Digest used to generate certificate thumbprint.

This json self contained ciphertext is then base64 encoded.

So the final value would look something like below:

eyJjIjoiZ1V5TGphbStyVC9laHJPcXhZa1h1SEh5UW9IcTdLcVJnZUJzcGlJOWs3MHE2UkFRQ3BHQmVoMEJMVW12dFNqcGhvK2w0T1hhTFZaWHgyb0YxUStvUUtvTTlnMXNTYjlaQXo2ZFpGak9Uc2w5eTRoZTltM1pybzNBbDZjL3F5YkFDUW5rV0J0R0ZRNDR5Um9MMFVnZFBQVGZDVy9PcGwxdzg4RTByaGpVeWdKWVdieGU3SEhrZGNyV1F0RUFkMitLM0pzaGZjR2ttcDNUQUcwS3h2VTFLaW5lRnYyMWFMOEM2dEZ0bmV0QXc1S3Z2V0xaRTYyZThzeUdzb25lNWlXOTQ1TUM2ZVpweFhNeFpLQm04SWJGTXM5bWlnWWdmZ2g0RTlYTU9nMVBMNDdjNVdnei94SDhkV1dqRThvWDFRNldxbzQyMDNHQzBIWVFDbllHcHM5R2VRXHUwMDNkXHUwMDNkIiwidCI6IlJTQS9FQ0IvT0FFUHdpdGhTSEExYW5kTUdGMVBhZGRpbmciLCJ0cCI6IjUwMUZDMTQzMkQ4NzE1NURDNDMxMzgyQUVCODQzRUQ1NThBRDYxQjEiLCJ0cGQiOiJTSEEtMSJ9

How is OAEP enabled in WSO2 IS:

OAEP is enabled via a configuration file in WSO2 IS.

The filename is ‘carbon.properties’. Location of the file is ‘<IS_HOME>/repository/conf/carbon.properties’. This file is available by default from WSO2 IS 5.5 onwards.

Content of the file is ‘org.wso2.CipherTransformation=RSA/ECB/OAEPwithSHA1andMGF1Padding’

This line indicates the IS will be using OAEP encryption as it’s underlying encryption mechanism.

What are the places OAEP encryption is used in WSO2 IS:

  1. BPS Profile password.

If you are using workflows in WSO2 IS you will be creating BPS profiles. These profiles will be stored in WF_BPS_PROFILE table in the database. The password of those profiles will be encrypted using the OAEP encryption algorithm.

2. Eventpublisher password.

The event publisher configurations are located at <IS_HOME>/repository/deployment/server/eventpublishers/ folder.

Ex configuration:

<eventPublisher name=”IsAnalytics-Publisher-wso2event-AuthenticationData” statistics=”disable” trace=”disable” xmlns=”http://wso2.org/carbon/eventpublisher">

<from streamName=”org.wso2.is.analytics.stream.OverallAuthentication” version=”1.0.0"/>

<mapping customMapping=”disable” type=”wso2event”/>

<to eventAdapterType=”wso2event”>

<property name=”username”>admin</property>

<property name=”protocol”>thrift</property>

<property name=”publishingMode”>non-blocking</property>

<property name=”publishTimeout”>0</property>

<property name=”receiverURL”>tcp://localhost:7612</property>

<property encrypted=”true” name=”password”>eyJjIjoiQTJDdytONk9iU1E1TWpwOVcveVh4KzFyODZBUi9MQU1OQzNPRTA1amwvdlpwc2U0eTl6VDMvbGxIQkduZnRycXpZK2h2WXJTekcxMkp3WGZFUlViNytGc1JRMWpQcTBCZFpZRitqdlpvZXJES09pemdxTHZyUmpHY3d6dVZheGVkSXJHN0lsR2cyUTg5UE5KNW82VWF6bndKSEtySDdFdXp4YXFUZy9pRlJxVXVaODNrMm1iaWVXUzB0MDIweG95bGJYYWc3MlFJZDI4ZDYyeURwUzdjYXZ4bytUa2doTlp4TWxkODRzNmQ4ZU5ObWViVlNJQkRjelNXTmpPYW1sdFdOdzQxM0N3bkp4d1p4U21MUnJ5ZUVXODMxQXdPeTlhd21wQ0pmelY0RTJ3d0hOU0NjRWtnSkdPQ1dSbWIzaXg3eWNLVFJ4TGluUGFQdlZOYnZpVDZ3XHUwMDNkXHUwMDNkIiwidCI6IlJTQS9FQ0IvT0FFUHdpdGhTSEExYW5kTUdGMVBhZGRpbmciLCJ0cCI6IjUwMUZDMTQzMkQ4NzE1NURDNDMxMzgyQUVCODQzRUQ1NThBRDYxQjEiLCJ0cGQiOiJTSEEtMSJ9</property>

</to>

</eventPublisher>

3. KeyStore passwords

The keystores used in identity server will be stored in the WSO2 registry at the path ‘/_system/governance/repository/security/key-stores/’.

When click the particular keystore and expands the properties section, it will show the encrypted password of the keystore. From IS 5.5 onwards we use OAEP encryption to encrypt those keystore passwords.

4. Oauth2 access tokens, refresh tokens , authorization codes and consumer secrets.

In order to enable encryption for Oauth2 tokens,codes and secrets, you need to have one more additional configuration.

In identity.xml you need to find the element <TokenPersistenceProcessor> and then replace its value with ‘org.wso2.carbon.identity.oauth.tokenprocessor.EncryptionDecryptionPersistenceProcessor’.

If this value is not set, the tokens, codes etc will be in plaintext format.

Ex: <TokenPersistenceProcessor>org.wso2.carbon.identity.oauth.tokenprocessor.EncryptionDecryptionPersistenceProcessor</TokenPersistenceProcessor>

With the introduction of OAEP encryption to OAuth2 implementation, we introduced 2 new columns called ACCESS_TOKEN_HASH and AUTHORIZATION_CODE_HASH in following tables:

-IDN_OAUTH2_ACCESS_TOKEN

-IDN_OAUTH2_AUTHORIZATION_CODE

This hash is used to do any search queries using the tokens or authorization codes when they are encrypted.Because OAEP encryption provides dynamic values we cannot search via the encrypted value. Thus, we use the hashed value of the tokens and codes to do any search queries.

The encrypted tokens, refresh tokens , authorization codes and consumer secrets will be stored in following columns respectively

IDN_OAUTH2_ACCESS_TOKEN.ACESS_TOKEN, IDN_OAUTH2_ACCESS_TOKEN.REFRESH_TOKEN, IDN_OAUTH2_AUTHORIZATION_CODE.AUTHORIZATION_CODE and IDN_OAUTH_CONSUMER_APPS.CONSUMER_SECRET

5. Secondary userstore password.

When creating secondary userstores from Identity Server management console, that userstore password get auto encrypted.

And a respective secondary userstore file is created in the location ‘<IS_HOME>/repository/deployment/server/userstores’.

For tenants it will be created in the location

‘<IS_HOME>/repository/tenants/userstores’

Ex configuration:

<UserStoreManager class=”org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager”>

<Property name=”ConnectionURL”>ldap://localhost:10389</Property>

<Property name=”ConnectionName”>uid=admin,ou=system</Property>

<Property encrypted=”true” name=”ConnectionPassword”>eyJjIjoiTVhZYUJMakFUMjA3NzNoWXQ3Z3lLaWw5UHJuUFhnNzJkcGdZaWJ1U21DUXNaaWwwUnFWSWZZN2xNdHVhM2xUU3k0K0EyU3lhdU9PS1N6TGg2b21WVFB6blNNbWdUaEZrU2xZdjgveDkyMkhFUW9EdlN1T3E1RzdDd2Q5SVV4VkY4VHk3U0dmZSt1WUtwTTRMQ2xxQXhFZmhabUdKTDYvUlRUaFZBYlBodTdYYnNWSmtTQVNSeEhEejVPZU90ODd5cVlKQWxpMDQrWU1mdXpvY0loaGdsSXJSN3hDRFVjV3NmK3JZUE1na1kwT3IrNS9OVkRaZHJwTTdzOStvSU55TThwdUlENUVqQWxuNCs4aUhseFBpQndKaHRvL1gxWENDeHFnT2dRRXBzK2Vzd053RllKMmFvZXIxQ0VNelhyOGhTV2JZeXppMW0veVJIOVFnNStqVUh3XHUwMDNkXHUwMDNkIiwidCI6IlJTQS9FQ0IvT0FFUHdpdGhTSEExYW5kTUdGMVBhZGRpbmciLCJ0cCI6IjUwMUZDMTQzMkQ4NzE1NURDNDMxMzgyQUVCODQzRUQ1NThBRDYxQjEiLCJ0cGQiOiJTSEEtMSJ9</Property>

When the property encrypted=true is enabled, the userstore password will be encrypted using OAEP.

Migrating from an older version of IS which does not use OAEP encryption:

If you are planning to migrate from an older version of IS like IS 5.2 / 5.3 etc to a newer version which supports OAEP encryption by default (IS 5.5 onwards), we have provided migration for RSA to OAEP encryption in IS 5.5 onwards migration clients[4].

Example migration-config.yaml in the migration client which showcases the migrations for OAEP encryption

version: “5.5.0”
migratorConfigs:
-
name: “SchemaMigrator”
order: 1
parameters:
location: “step1”
schema: “identity”
-
name: “SchemaMigrator”
order: 2
parameters:
location: “step1”
schema: “consent”
-
name: “OAuthDataMigrator”
order: 3
parameters:
schema: “identity”

-
name: “BPSProfileDataMigrator”
order: 4
parameters:
schema: “identity”

-
name: “UserStorePasswordMigrator”
order: 5
parameters:
schema: “identity”

-
name: “SysLogPropertiesMigrator”
order: 6
-
name: “SchemaMigrator”
order: 7
parameters:
location: “step2”
schema: “identity”
-
name: “PolicySubscriberDataMigrator”
order: 8
parameters:
schema: “identity”
-
name: “KeyStorePasswordMigrator”
order: 9
parameters:
schema: “identity”

-
name: “SecurityPolicyPasswordMigrator”
order: 10
parameters:
schema: “identity”
-
name: “EventPublisherMigrator”
order: 11

[1]https://medium.com/blue-space/improving-the-security-of-rsa-with-oaep-e854a5084918

[2]https://crypto.stackexchange.com/questions/12688/can-you-explain-bleichenbachers-cca-attack-on-pkcs1-v1-5

[3]https://docs.wso2.com/display/IS560/Adding+a+Workflow+Engine

[4]https://docs.wso2.com/display/IS550/Upgrading+from+the+Previous+Release

[5]https://docs.wso2.com/display/IS560/Upgrading+from+the+Previous+Release

[6]https://docs.wso2.com/display/IS550/Upgrading+From+an+Older+Version+of+WSO2+IS

[7]https://docs.wso2.com/display/IS560/Upgrading+From+an+Older+Version+of+WSO2+IS

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Denuwanthi Hasanthika

Denuwanthi Hasanthika

Graduate of University of Moratuwa, Department of Computer Science and Engineering. Associate Technical Lead at WSO2 Identity Server team.