samlesa 2.18.1 → 2.18.3

package/build/src/binding-artifact.js

@@ -384,7 +384,7 @@ async function parseLoginResponseResolve(params) {
         }
         samlContent = verifiedAssertionNode1;
         // 改进的postFlow函数中关于签名验证的部分
-        const verificationResult = libsaml.verifySignature(samlContent, verificationOptions, self);
+        const verificationResult = await libsaml.verifySignature(samlContent, verificationOptions, self);
         // 检查验证结果
         if (!verificationResult.status) {
             // 如果验证失败，根据具体情况返回错误

package/build/src/flow.js

@@ -151,105 +151,8 @@ async function postFlow(options) {
     // check status based on different scenarios
     await checkStatus(samlContent, parserType);
     /**检查签名顺序 */
-    /*
-        const [verified, verifiedAssertionNode, isDecryptRequired, noSignature] = libsaml.verifySignature(samlContent, verificationOptions);
-        decryptRequired = isDecryptRequired
-        if (isDecryptRequired && noSignature) {
-    
-            const result = await libsaml.decryptAssertion(self, samlContent);
-            samlContent = result[0];
-            extractorFields = getDefaultExtractorFields(parserType, result[1]);
-        }
-        if (!verified && !noSignature && !isDecryptRequired) {
-    
-            return Promise.reject('ERR_FAIL_TO_VERIFY_ETS_SIGNATURE');
-        }
-        if (!isDecryptRequired) {
-    
-            extractorFields = getDefaultExtractorFields(parserType, verifiedAssertionNode);
-        }
-        if (parserType === 'SAMLResponse' && isDecryptRequired && !noSignature) {
-            const result = await libsaml.decryptAssertion(self, samlContent);
-            samlContent = result[0];
-            extractorFields = getDefaultExtractorFields(parserType, result[1]);
-    console.log("走这里来了=========")
-            console.log(result[1])
-        }
-    
-    
-        const parseResult = {
-            samlContent: samlContent,
-            extract: extract(samlContent, extractorFields),
-        };
-        /!**
-         *  Validation part: validate the context of response after signature is verified and decrypted (optional)
-         *!/
-        const targetEntityMetadata = from.entityMeta;
-        const issuer = targetEntityMetadata.getEntityID();
-        const extractedProperties = parseResult.extract;
-        // unmatched issuer
-        if (
-            (parserType === 'LogoutResponse' || parserType === 'SAMLResponse')
-            && extractedProperties
-            && extractedProperties.issuer !== issuer
-        ) {
-            return Promise.reject('ERR_UNMATCH_ISSUER');
-        }
-    
-        // invalid session time
-        // only run the verifyTime when `SessionNotOnOrAfter` exists
-        if (
-            parserType === 'SAMLResponse'
-            && extractedProperties.sessionIndex.sessionNotOnOrAfter
-            && !verifyTime(
-                undefined,
-                extractedProperties.sessionIndex.sessionNotOnOrAfter,
-                self.entitySetting.clockDrifts
-            )
-        ) {
-            return Promise.reject('ERR_EXPIRED_SESSION');
-        }
-    
-        // invalid time
-        // 2.4.1.2 https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf
-        if (
-            parserType === 'SAMLResponse'
-            && extractedProperties.conditions
-            && !verifyTime(
-                extractedProperties.conditions.notBefore,
-                extractedProperties.conditions.notOnOrAfter,
-                self.entitySetting.clockDrifts
-            )
-        ) {
-            return Promise.reject('ERR_SUBJECT_UNCONFIRMED');
-        }
-        //valid destination
-        //There is no validation of the response here. The upper-layer application
-        // should verify the result by itself to see if the destination is equal to the SP acs and
-        // whether the response.id is used to prevent replay attacks.
-        /!*
-            let destination = extractedProperties?.response?.destination
-            let isExit = self.entitySetting?.assertionConsumerService?.filter((item) => {
-                return item?.Location === destination
-            })
-            if (isExit?.length === 0) {
-                return Promise.reject('ERR_Destination_URL');
-            }
-            if (parserType === 'SAMLResponse') {
-                let destination = extractedProperties?.response?.destination
-                let isExit = self.entitySetting?.assertionConsumerService?.filter((item: { Location: any; }) => {
-                    return item?.Location === destination
-                })
-                if (isExit?.length === 0) {
-                    return Promise.reject('ERR_Destination_URL');
-                }
-            }
-        *!/
-    
-    
-        return Promise.resolve(parseResult);*/
     // 改进的postFlow函数中关于签名验证的部分
-    const verificationResult = libsaml.verifySignature(samlContent, verificationOptions, self);
+    const verificationResult = await libsaml.verifySignature(samlContent, verificationOptions, self);
     /*    console.log(verificationResult)
         console.log("解析对象")*/
     let resultObject = {
@@ -261,7 +164,8 @@ async function postFlow(options) {
         decrypted: true, //断言加密后断言是否解密成功，
         status: true, //是否全部通过验证,
         samlContent: 'xxx', //xxx是通过验证后 解密后的整个响应，
-        assertionContent: 'xxx', //xxx是通过验证后 解密后的整个响应中的assertion 断言部分字符串
+        assertionContent: 'xxx', //xxx是通过验证后 解密后的整个响应中的assertion 断言部分字符串,
+        signMethod: "", //xxx是通过验证后 解密后的整个响应中的assertion 断言部分字符串,
     };
     // 检查验证结果
     if (!verificationResult.status) {
@@ -347,7 +251,21 @@ async function postFlow(options) {
             }
         }
     */
-    return Promise.resolve(parseResult);
+    return Promise.resolve({
+        ...parseResult,
+        verificationResult: {
+            isMessageSigned: verificationResult?.isMessageSigned,
+            MessageSignatureStatus: verificationResult?.MessageSignatureStatus,
+            isAssertionSigned: verificationResult?.isAssertionSigned,
+            AssertionSignatureStatus: verificationResult?.AssertionSignatureStatus,
+            encrypted: verificationResult?.encrypted,
+            decrypted: verificationResult?.decrypted,
+            type: verificationResult?.type, // 添加类型字段
+            status: verificationResult?.status,
+            hasUnsafeSignatureAlgorithm: verificationResult?.hasUnsafeSignatureAlgorithm,
+            unsafeSignatureAlgorithm: verificationResult?.unsafeSignatureAlgorithm
+        },
+    });
 }
 // proceed the post Artifact flow
 async function postArtifactFlow(options) {
@@ -372,7 +290,7 @@ async function postArtifactFlow(options) {
     await checkStatus(samlContent, parserType);
     /**检查签名顺序 */
     // 改进的postFlow函数中关于签名验证的部分
-    const verificationResult = libsaml.verifySignature(samlContent, verificationOptions, self);
+    const verificationResult = await libsaml.verifySignature(samlContent, verificationOptions, self);
     console.log(verificationResult);
     console.log("最终结果====");
     // 检查验证结果

package/build/src/libsaml.js

@@ -7,7 +7,7 @@ import { X509Certificate } from 'node:crypto';
 import xml from 'xml';
 import utility, { flattenDeep, inflateString, isString } from './utility.js';
 import { algorithms, namespace, wording } from './urn.js';
-import { select } from 'xpath';
+import xpath, { select } from 'xpath';
 import nrsa from 'node-rsa';
 import { SignedXml } from 'xml-crypto';
 import * as xmlenc from 'xml-encryption';
@@ -48,6 +48,25 @@ const libSaml = () => {
         'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256': 'RSA-SHA256',
         'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512': 'RSA-SHA512',
     };
+    /**
+     * 检测是否使用了不安全的SHA1系列签名算法
+     * @param signatureAlgorithm 签名算法URI
+     * @returns {Object} 包含是否使用不安全算法和具体算法名称的对象
+     */
+    function checkUnsafeSignatureAlgorithm(signatureAlgorithm) {
+        const unsafeAlgorithms = [
+            'http://www.w3.org/2000/09/xmldsig#rsa-sha1',
+            'http://www.w3.org/2000/09/xmldsig#dsa-sha1',
+            'http://www.w3.org/2000/09/xmldsig#hmac-sha1',
+            'http://www.w3.org/2000/09/xmldsig#sha1'
+        ];
+        const isUnsafe = unsafeAlgorithms.some(alg => signatureAlgorithm.toLowerCase().includes('sha1') ||
+            signatureAlgorithm === 'http://www.w3.org/2000/09/xmldsig#rsa-sha1');
+        return {
+            hasUnsafeSignatureAlgorithm: isUnsafe,
+            unsafeSignatureAlgorithm: isUnsafe ? signatureAlgorithm : null
+        };
+    }
     /**
      * @desc Default login request template
      * @type {LoginRequestTemplate}
@@ -229,6 +248,7 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
         defaultLogoutResponseTemplate,
         defaultAttributeValueTemplate,
         validateAndInflateSamlResponse,
+        checkUnsafeSignatureAlgorithm,
         /**
          * @desc Replace the tag (e.g. {tag}) inside the raw XML
          * @param  {string} rawXML      raw XML string used to do keyword replacement
@@ -368,201 +388,6 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
                 };
             }
         },
-        /**
-         * @desc Verify the XML signature
-         * @param  {string} xml xml
-         * @param  {SignatureVerifierOptions} opts cert declares the X509 certificate
-         * @return {[boolean, string | null]} - A tuple where:
-         *   - The first element is `true` if the signature is valid, `false` otherwise.
-         *   - The second element is the cryptographically authenticated assertion node as a string, or `null` if not found.
-         */
-        // tslint:disable-next-line:no-shadowed-variable
-        verifySignature1(xml, opts) {
-            const { dom } = getContext();
-            const doc = dom.parseFromString(xml, 'application/xml');
-            const docParser = new DOMParser();
-            // In order to avoid the wrapping attack, we have changed to use absolute xpath instead of naively fetching the signature element
-            const LogoutResponseSignatureXpath = "/*[local-name()='LogoutResponse']/*[local-name()='Signature']";
-            const logoutRequestSignatureXpath = "/*[local-name()='LogoutRequest']/*[local-name()='Signature']";
-            // message signature (logout response / saml response)
-            const messageSignatureXpath = "/*[contains(local-name(), 'Response') or contains(local-name(), 'Request')]/*[local-name(.)='Signature']";
-            // assertion signature (logout response / saml response)
-            const assertionSignatureXpath = "/*[contains(local-name(), 'Response') or contains(local-name(), 'Request')]/*[local-name(.)='Assertion']/*[local-name(.)='Signature']";
-            // check if there is a potential malicious wrapping signature
-            const wrappingElementsXPath = "/*[contains(local-name(), 'Response')]/*[local-name(.)='Assertion']/*[local-name(.)='Subject']/*[local-name(.)='SubjectConfirmation']/*[local-name(.)='SubjectConfirmationData']//*[local-name(.)='Assertion' or local-name(.)='Signature']";
-            // const wrappingElementsXPath = "/*[contains(local-name(), 'Response')]/*[local-name(.)='Assertion']/*[local-name(.)='Subject']/*[local-name(.)='SubjectConfirmation']/*[local-name(.)='SubjectConfirmationData']//*[local-name(.)='Assertion' or local-name(.)='Signature']";
-            // @ts-expect-error misssing Node properties are not needed
-            const encryptedAssertions = select("/*[contains(local-name(), 'Response')]/*[local-name(.)='EncryptedAssertion']", doc);
-            const encAssertionNode = encryptedAssertions[0];
-            // select the signature node
-            let selection = [];
-            // @ts-expect-error misssing Node properties are not needed
-            const messageSignatureNode = select(messageSignatureXpath, doc);
-            // @ts-expect-error misssing Node properties are not needed
-            const assertionSignatureNode = select(assertionSignatureXpath, doc);
-            // @ts-expect-error misssing Node properties are not needed
-            const wrappingElementNode = select(wrappingElementsXPath, doc);
-            // @ts-expect-error misssing Node properties are not needed
-            const LogoutResponseSignatureElementNode = select(LogoutResponseSignatureXpath, doc);
-            // try to catch potential wrapping attack
-            if (wrappingElementNode.length !== 0) {
-                throw new Error('ERR_POTENTIAL_WRAPPING_ATTACK');
-            }
-            // 优先检测 LogoutRequest 签名
-            // @ts-expect-error missing Node properties
-            const logoutRequestSignature = select(logoutRequestSignatureXpath, doc);
-            if (logoutRequestSignature.length > 0) {
-                selection = selection.concat(logoutRequestSignature);
-            }
-            selection = selection.concat(messageSignatureNode);
-            selection = selection.concat(assertionSignatureNode);
-            selection = selection.concat(LogoutResponseSignatureElementNode);
-            // guarantee to have a signature in saml response
-            if (selection.length === 0) {
-                /** 判断有没有加密如果没有加密返回 [false, null]*/
-                if (encryptedAssertions.length > 0) {
-                    console.log("走加密了====");
-                    if (!Array.isArray(encryptedAssertions) || encryptedAssertions.length === 0) {
-                        return [false, null, false, true]; // we return false now
-                    }
-                    if (encryptedAssertions.length > 1) {
-                        throw new Error('ERR_MULTIPLE_ASSERTION');
-                    }
-                    return [false, null, true, true]; // return encryptedAssert
-                }
-            }
-            if (selection.length !== 0) {
-                console.log("走加密了1====");
-                /** 判断有没有加密如果没有加密返回 [false, null]*/
-                if (logoutRequestSignature.length === 0 && LogoutResponseSignatureElementNode.length === 0 && encryptedAssertions.length > 0) {
-                    if (!Array.isArray(encryptedAssertions) || encryptedAssertions.length === 0) {
-                        return [false, null, true, false]; // we return false now
-                    }
-                    if (encryptedAssertions.length > 1) {
-                        throw new Error('ERR_MULTIPLE_ASSERTION');
-                    }
-                    return [false, null, true, false]; // return encryptedAssert
-                }
-            }
-            // need to refactor later on
-            for (const signatureNode of selection) {
-                const sig = new SignedXml();
-                let verified = false;
-                sig.signatureAlgorithm = opts.signatureAlgorithm;
-                if (!opts.keyFile && !opts.metadata) {
-                    throw new Error('ERR_UNDEFINED_SIGNATURE_VERIFIER_OPTIONS');
-                }
-                console.log("开始1");
-                if (opts.keyFile) {
-                    console.log("开始11");
-                    let publicCertResult = this.validateCertificate(fs.readFileSync(opts.keyFile));
-                    console.log(publicCertResult);
-                    console.log("结果");
-                    sig.publicCert = fs.readFileSync(opts.keyFile);
-                }
-                if (opts.metadata) {
-                    console.log("开始111");
-                    const certificateNode = select(".//*[local-name(.)='X509Certificate']", signatureNode);
-                    // certificate in metadata
-                    let metadataCert = opts.metadata.getX509Certificate(certUse.signing);
-                    // flattens the nested array of Certificates from each KeyDescriptor
-                    if (Array.isArray(metadataCert)) {
-                        metadataCert = flattenDeep(metadataCert);
-                    }
-                    else if (typeof metadataCert === 'string') {
-                        metadataCert = [metadataCert];
-                    }
-                    // normalise the certificate string
-                    metadataCert = metadataCert.map(utility.normalizeCerString);
-                    // no certificate in node  response nor metadata
-                    if (certificateNode.length === 0 && metadataCert.length === 0) {
-                        throw new Error('NO_SELECTED_CERTIFICATE');
-                    }
-                    // certificate node in response
-                    if (certificateNode.length !== 0) {
-                        const x509CertificateData = certificateNode[0].firstChild.data;
-                        const x509Certificate = utility.normalizeCerString(x509CertificateData);
-                        if (metadataCert.length >= 1 &&
-                            !metadataCert.find(cert => cert.trim() === x509Certificate.trim())) {
-                            // keep this restriction for rolling certificate usage
-                            // to make sure the response certificate is one of those specified in metadata
-                            throw new Error('ERROR_UNMATCH_CERTIFICATE_DECLARATION_IN_METADATA');
-                        }
-                        let publicCertResult = this.validateCertificate(x509Certificate);
-                        console.log(publicCertResult);
-                        console.log("结果");
-                        sig.publicCert = this.getKeyInfo(x509Certificate).getKey();
-                    }
-                    else {
-                        console.log("开始11111");
-                        // Select first one from metadata
-                        let publicCertResult = this.validateCertificate(metadataCert[0]);
-                        console.log(publicCertResult);
-                        console.log("结果");
-                        sig.publicCert = this.getKeyInfo(metadataCert[0]).getKey();
-                    }
-                }
-                sig.loadSignature(signatureNode);
-                verified = sig.checkSignature(doc.toString());
-                // immediately throw error when any one of the signature is failed to get verified
-                if (!verified) {
-                    throw new Error('ERR_FAILED_TO_VERIFY_SIGNATURE');
-                }
-                // attempt is made to get the signed Reference as a string();
-                // note, we don't have access to the actual signedReferences API unfortunately
-                // mainly a sanity check here for SAML. (Although ours would still be secure, if multiple references are used)
-                if (!(sig.getSignedReferences().length >= 1)) {
-                    throw new Error('NO_SIGNATURE_REFERENCES');
-                }
-                const signedVerifiedXML = sig.getSignedReferences()[0];
-                const rootNode = docParser.parseFromString(signedVerifiedXML, 'application/xml').documentElement;
-                // process the verified signature:
-                // case 1, rootSignedDoc is a response:
-                if (rootNode?.localName === 'Response') {
-                    // try getting the Xml from the first assertion
-                    const EncryptedAssertions = select("./*[local-name()='EncryptedAssertion']", 
-                    // @ts-expect-error misssing Node properties are not needed
-                    rootNode);
-                    const assertions = select("./*[local-name()='Assertion']", 
-                    // @ts-expect-error misssing Node properties are not needed
-                    rootNode);
-                    /**第三个参数代表是否加密*/
-                    // now we can process the assertion as an assertion
-                    if (EncryptedAssertions.length === 1) {
-                        /** 已加密*/
-                        return [true, EncryptedAssertions[0].toString(), true, false];
-                    }
-                    if (assertions.length === 1) {
-                        return [true, assertions[0].toString(), false, false];
-                    }
-                }
-                else if (rootNode?.localName === 'Assertion') {
-                    return [true, rootNode.toString(), false, false];
-                }
-                else if (rootNode?.localName === 'EncryptedAssertion') {
-                    return [true, rootNode.toString(), true, false];
-                }
-                else if (rootNode?.localName === 'LogoutRequest') {
-                    return [true, rootNode.toString(), false, false];
-                }
-                else if (rootNode?.localName === 'LogoutResponse') {
-                    return [true, rootNode.toString(), false, false];
-                }
-                else {
-                    return [true, null, false, false]; // signature is valid. But there is no assertion node here. It could be metadata node, hence return null
-                }
-            }
-            // something has gone seriously wrong if we are still here
-            return [false, null, false, true]; // return encryptedAssert
-            /*   throw new Error('ERR_ZERO_SIGNATURE');*/
-        },
-        /**
-         * 改进的SAML签名验证函数，支持多种签名和加密组合场景
-         * @param xml SAML XML内容
-         * @param opts 验证选项
-         * @param self
-         * @returns 验证结果对象
-         */
         /**
          * 改进的SAML签名验证函数，支持多种签名和加密组合场景
          * @param xml SAML XML内容
@@ -570,7 +395,7 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
          * @param self
          * @returns 验证结果对象
          */
-        verifySignature(xml, opts, self) {
+        async verifySignature(xml, opts, self) {
             const { dom } = getContext();
             const doc = dom.parseFromString(xml, 'application/xml');
             const docParser = new DOMParser();
@@ -638,6 +463,10 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
                         type = 'Unknown';
                     }
             }
+            let hasUnsafeSignatureAlgorithm = false;
+            let unsafeSignatureAlgorithm = '';
+            console.log({ hasUnsafeSignatureAlgorithm, unsafeSignatureAlgorithm });
+            console.log("检查结果=====");
             // 特殊情况：带未签名断言的未签名SAML响应，应该拒绝
             if (!isMessageSigned && !isAssertionSigned && !encrypted) {
                 return {
@@ -650,7 +479,9 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
                     type, // 添加类型字段
                     status: false, // 明确拒绝未签名未加密的响应
                     samlContent,
-                    assertionContent
+                    assertionContent,
+                    hasUnsafeSignatureAlgorithm,
+                    unsafeSignatureAlgorithm
                 };
             }
             // 处理最外层有签名且断言加密的情况（关键逻辑补充）
@@ -660,6 +491,12 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
                     const result = this.decryptAssertionSync(self, xml, opts);
                     // 更新文档为解密后的版本
                     samlContent = result[0];
+                    let res = await this.isValidXml(samlContent).catch((error) => {
+                        return Promise.reject('ERR_EXCEPTION_VALIDATE_XML');
+                    });
+                    if (res !== true) {
+                        return Promise.reject('ERR_EXCEPTION_VALIDATE_XML');
+                    }
                     assertionContent = result[1];
                     // 更新验证状态
                     decrypted = true;
@@ -669,6 +506,11 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
                     const decryptedDoc = dom.parseFromString(samlContent, 'application/xml');
                     // 2. 验证最外层消息签名（使用解密后的文档）
                     const signatureNode = messageSignatureNode[0];
+                    // @ts-expect-error misssing Node properties are not needed
+                    const signatureAlgorithm = xpath.select1(".//*[local-name(.)='SignatureMethod']/@Algorithm", signatureNode);
+                    let checkResult = checkUnsafeSignatureAlgorithm(signatureAlgorithm.value || '');
+                    hasUnsafeSignatureAlgorithm = checkResult.hasUnsafeSignatureAlgorithm;
+                    unsafeSignatureAlgorithm = checkResult.unsafeSignatureAlgorithm ?? "";
                     const sig = new SignedXml();
                     if (!opts.keyFile && !opts.metadata) {
                         throw new Error('ERR_UNDEFINED_SIGNATURE_VERIFIER_OPTIONS');
@@ -707,11 +549,8 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
                     sig.loadSignature(signatureNode);
                     // 使用解密后的文档验证最外层签名.默认采用的都是采用的先签名后加密的顺序，对应sp应该先解密 然后验证签名。 如果解密后验证外层签名失败有可能是先加密后签名，此时sp应该直接验证没解密的外层签名
                     MessageSignatureStatus = sig.checkSignature(decryptedDoc.toString());
-                    console.log(MessageSignatureStatus);
-                    console.log("验证MessageSignatureStatus==========================");
                     if (!MessageSignatureStatus) {
                         /** 签名验证失败 再直接验证外层*/
-                        throw new Error('ERR_FAILED_TO_VERIFY_MESSAGE_SIGNATURE_AFTER_DECRYPTION');
                         let MessageSignatureStatus2 = sig.checkSignature(xml);
                         if (!MessageSignatureStatus2) {
                             throw new Error('ERR_FAILED_TO_VERIFY_MESSAGE_SIGNATURE_AFTER_DECRYPTION');
@@ -735,6 +574,11 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
             // 处理最外层有签名但断言未加密的情况
             else if (isMessageSigned && !encrypted) {
                 const signatureNode = messageSignatureNode[0];
+                // @ts-expect-error misssing Node properties are not needed
+                const signatureAlgorithm = xpath.select1(".//*[local-name(.)='SignatureMethod']/@Algorithm", signatureNode);
+                let checkResult = checkUnsafeSignatureAlgorithm(signatureAlgorithm.value || '');
+                hasUnsafeSignatureAlgorithm = checkResult.hasUnsafeSignatureAlgorithm;
+                unsafeSignatureAlgorithm = checkResult.unsafeSignatureAlgorithm ?? "";
                 const sig = new SignedXml();
                 if (!opts.keyFile && !opts.metadata) {
                     throw new Error('ERR_UNDEFINED_SIGNATURE_VERIFIER_OPTIONS');
@@ -768,7 +612,8 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
                         sig.publicCert = this.getKeyInfo(metadataCert[0]).getKey();
                     }
                 }
-                sig.signatureAlgorithm = opts.signatureAlgorithm;
+                console.log(doc.toString());
+                sig.signatureAlgorithm = signatureAlgorithm.value;
                 // @ts-expect-error misssing Node properties are not needed
                 sig.loadSignature(signatureNode);
                 MessageSignatureStatus = sig.checkSignature(doc.toString());
@@ -779,6 +624,11 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
             // 验证断言级签名（如果存在且未加密）
             if (isAssertionSigned && !encrypted) {
                 const signatureNode = assertionSignatureNode[0];
+                // @ts-expect-error misssing Node properties are not needed
+                const signatureAlgorithm = xpath.select1(".//*[local-name(.)='SignatureMethod']/@Algorithm", signatureNode);
+                let checkResult = checkUnsafeSignatureAlgorithm(signatureAlgorithm.value || '');
+                hasUnsafeSignatureAlgorithm = checkResult.hasUnsafeSignatureAlgorithm;
+                unsafeSignatureAlgorithm = checkResult.unsafeSignatureAlgorithm ?? "";
                 const sig = new SignedXml();
                 if (!opts.keyFile && !opts.metadata) {
                     throw new Error('ERR_UNDEFINED_SIGNATURE_VERIFIER_OPTIONS');
@@ -812,6 +662,7 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
                         sig.publicCert = this.getKeyInfo(metadataCert[0]).getKey();
                     }
                 }
+                // 检测不安全的签名算法
                 sig.signatureAlgorithm = opts.signatureAlgorithm;
                 // @ts-expect-error misssing Node properties are not needed
                 sig.loadSignature(signatureNode);
@@ -841,6 +692,12 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
                 // 解密断言
                 try {
                     const result = this.decryptAssertionSync(self, xml, opts);
+                    let res = await this.isValidXml(samlContent).catch((error) => {
+                        return Promise.reject('ERR_EXCEPTION_VALIDATE_XML');
+                    });
+                    if (res !== true) {
+                        return Promise.reject('ERR_EXCEPTION_VALIDATE_XML');
+                    }
                     samlContent = result[0];
                     assertionContent = result[1];
                     decrypted = true;
@@ -864,6 +721,7 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
             status = (!isMessageSigned || MessageSignatureStatus) &&
                 (!isAssertionSigned || AssertionSignatureStatus) &&
                 (!encrypted || decrypted);
+            // 最终检测不安全的签名算法
             return {
                 isMessageSigned,
                 MessageSignatureStatus,
@@ -874,7 +732,9 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
                 type, // 添加类型字段
                 status,
                 samlContent,
-                assertionContent
+                assertionContent,
+                hasUnsafeSignatureAlgorithm,
+                unsafeSignatureAlgorithm
             };
         },
         verifySignatureSoap(xml, opts) {
@@ -940,6 +800,8 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
             for (const signatureNode of selection) {
                 const sig = new SignedXml();
                 let verified = false;
+                // 检测不安全的签名算法
+                const { hasUnsafeSignatureAlgorithm, unsafeSignatureAlgorithm } = checkUnsafeSignatureAlgorithm(opts.signatureAlgorithm || '');
                 sig.signatureAlgorithm = opts.signatureAlgorithm;
                 if (!opts.keyFile && !opts.metadata) {
                     throw new Error('ERR_UNDEFINED_SIGNATURE_VERIFIER_OPTIONS');
@@ -992,25 +854,25 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
                         // @ts-expect-error
                         const assertions = select("./*[local-name()='Assertion']", rootNode);
                         if (encryptedAssert.length === 1) {
-                            return [true, encryptedAssert[0].toString(), true, false];
+                            return [true, encryptedAssert[0].toString(), true, false, hasUnsafeSignatureAlgorithm, unsafeSignatureAlgorithm];
                         }
                         if (assertions.length === 1) {
-                            return [true, assertions[0].toString(), false, false];
+                            return [true, assertions[0].toString(), false, false, hasUnsafeSignatureAlgorithm, unsafeSignatureAlgorithm];
                         }
-                        return [true, null, false, true]; // 签名验证成功但未找到断言
+                        return [true, null, false, true, hasUnsafeSignatureAlgorithm, unsafeSignatureAlgorithm]; // 签名验证成功但未找到断言
                     case 'Assertion':
-                        return [true, rootNode.toString(), false, false];
+                        return [true, rootNode.toString(), false, false, hasUnsafeSignatureAlgorithm, unsafeSignatureAlgorithm];
                     case 'EncryptedAssertion':
-                        return [true, rootNode.toString(), true, false];
+                        return [true, rootNode.toString(), true, false, hasUnsafeSignatureAlgorithm, unsafeSignatureAlgorithm];
                     case 'ArtifactResolve':
                     case 'ArtifactResponse':
                         // 提取SOAP消息内部的实际内容
-                        return [true, rootNode.toString(), false, false];
+                        return [true, rootNode.toString(), false, false, hasUnsafeSignatureAlgorithm, unsafeSignatureAlgorithm];
                     default:
-                        return [true, null, false, true]; // 签名验证成功但未找到可识别的内容
+                        return [true, null, false, true, hasUnsafeSignatureAlgorithm, unsafeSignatureAlgorithm]; // 签名验证成功但未找到可识别的内容
                 }
             }
-            return [false, null, encryptedAssertions.length > 0, false];
+            return [false, null, encryptedAssertions.length > 0, false, false, null];
         },
         /**
          * @desc Helper function to create the key section in metadata (abstraction for signing and encrypt use)
@@ -1240,6 +1102,8 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
             if (!decryptedResult) {
                 throw new Error('ERR_UNDEFINED_DECRYPTED_ASSERTION');
             }
+            let hasUnsafeSignatureAlgorithm = false;
+            let unsafeSignatureAlgorithm = "";
             // 解密完成后，检查解密后的断言是否还有签名需要验证
             const decryptedAssertionDoc = dom.parseFromString(decryptedResult, 'application/xml');
             let AssertionSignatureStatus = false;
@@ -1249,6 +1113,11 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
             if (assertionSignatureNode.length > 0 && opts) {
                 // 解密后的断言有签名，需要验证
                 const signatureNode = assertionSignatureNode[0];
+                // @ts-expect-error misssing Node properties are not needed
+                const signatureAlgorithm = xpath.select1(".//*[local-name(.)='SignatureMethod']/@Algorithm", signatureNode);
+                let checkResult = checkUnsafeSignatureAlgorithm(signatureAlgorithm.value || '');
+                hasUnsafeSignatureAlgorithm = checkResult.hasUnsafeSignatureAlgorithm;
+                unsafeSignatureAlgorithm = checkResult.unsafeSignatureAlgorithm ?? "";
                 const sig = new SignedXml();
                 if (!opts.keyFile && !opts.metadata) {
                     throw new Error('ERR_UNDEFINED_SIGNATURE_VERIFIER_OPTIONS');
@@ -1282,6 +1151,10 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
                         sig.publicCert = this.getKeyInfo(metadataCert[0]).getKey();
                     }
                 }
+                // 检测不安全的签名算法
+                let checkSafeResult = checkUnsafeSignatureAlgorithm(opts.signatureAlgorithm || '');
+                hasUnsafeSignatureAlgorithm = checkSafeResult.hasUnsafeSignatureAlgorithm;
+                unsafeSignatureAlgorithm = checkSafeResult.unsafeSignatureAlgorithm ?? "";
                 sig.signatureAlgorithm = opts.signatureAlgorithm;
                 // @ts-expect-error misssing Node properties are not needed
                 sig.loadSignature(signatureNode);
@@ -1289,8 +1162,6 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
                 const assertionDocForVerification = dom.parseFromString(decryptedResult, 'application/xml');
                 const assertionValid = sig.checkSignature(assertionDocForVerification.toString());
                 AssertionSignatureStatus = assertionValid;
-                console.log(AssertionSignatureStatus);
-                console.log("验证通过了====");
                 if (!assertionValid) {
                     throw new Error('ERR_FAILED_TO_VERIFY_DECRYPTED_ASSERTION_SIGNATURE');
                 }
@@ -1301,7 +1172,9 @@ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="{ID}"
             doc.documentElement.replaceChild(rawAssertionDoc.documentElement, encAssertionNode);
             return [doc.toString(), decryptedResult, {
                     isAssertionSigned: !!(assertionSignatureNode.length > 0 && opts),
-                    AssertionSignatureStatus: AssertionSignatureStatus
+                    AssertionSignatureStatus: AssertionSignatureStatus,
+                    hasUnsafeSignatureAlgorithm,
+                    unsafeSignatureAlgorithm
                 }];
         },
         /**