Certificate validation for RSA is optional #226
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Now that the validation is optional, the previous name did not accurately reflected the intention.
This was referenced Oct 30, 2019
atezet
pushed a commit
to atezet/saml
that referenced
this pull request
Jul 9, 2022
* removed mandatory check for validating embedded certificate for rsa * Rename validateRSAKey to validateRSAKeyIfPresent Now that the validation is optional, the previous name did not accurately reflected the intention.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When the encryption method is RSA, the library expects that a certificate is embedded within the ACS either under
./KeyInfo/X509Data/X509Certificateor./KeyInfo/X509Data/X509IssuerSerialto verify that the public part of our private key is valid.After much investigation, it appears that this is not mandatory as per the SAML standard and it's just an optimisation to let the provider know ahead of time that the Key won't work.
To validate this, we did the following:
First, the SAML 2.0 Core Standard (section 2.3.4) states that the
<EncryptedAssertion>element must be compose of: at least one<xenc:EncryptedData>and zero or more of<xenc:EncryptedKey>Second, The only required elements are
<xenc:EncryptedData>and<xenc:EncryptedKey>. These need to be defined according to the [XMLEnc] specification.Third, Section 2.2 of the XMLenc standard describes an acceptable schema for both
EncryptedDataandEncryptedKey. For both of these, the<X509Data>element is not mandatory by any sorts. Also, the<EncryptedKey>definition reads:Finally, the algorithm
https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.html#rsa-oaep-mgf1pspecification makes no mention of a certificate validation process.To conclude, I think the original author's intention with this validation is referenced in this text of the XMLenc standard (section 3.5.1):
Which states that applications (or libraries in this case) can add additional validations but these are subjective.
Instead of supporting the Recipient element which is optional, we think the author attempted to find a certificate embedded within the payload and use that to verify the key
We believe this validation is an optimisation and is safe to keep it optional. This PR does that, which no-ops if we have failed to find an embedded certificate in the response.