Re: [saml-dev] SAMLResponse validation

[Peter Major <peter.major@forgerock.com>]

If the SAML response contains the signing certificate
(KeyInfo>X509Certificate) or the public key used (KeyInfo>KeyValue),
then there is still a possibility that the validation is done according
to spec. The SP implementation grabs the certificate from the SAML
response protocol message and then uses that to verify the signature. It
could be that the validation itself is done as an extra step and they
just make sure that the X509Certificate in the XML message is issued by
a trusted CA.
I suppose one reason why one would implement the SAML processing this
way is that key rollover becomes a bit simpler, just have to require the
Identity Provider to use the same CA for all of their signing keys.

It may be that their certificate validation logic is a bit "interesting"
though:
if they won't accept the signature when you have the MyIDP key uploaded,
then it could be that they try to find a trust anchor for the issuer of
your certificate, instead of trying to see if there is a trust anchor
with the cert itself or any of its issuers.

cheers,
Peter

2017. 06. 26. 13:30 keltezéssel, Peter Buus írta:
>> Strange.
>>
>> Are you sure that you sign the response with the private key associated with "MyIDP" (and not "MyCA")?
>>
>> If this is the case, then "MyCA" should not be able to verify the signature (but onle "MyIDP") and if your response does not contain "MyIDP", then the knowledge of "MyCA" 
>>  (alone) should not be able to guess "MyIDP".
> 
> Yes - I am sure the scenario is as described
> Yes - I am convinced that this is an obvious and severe error in the loadbalancers SAML validation
> No - I have not been able to make the vendor realize their error
> No - I have not been able to find the specification stating that you need to validate the SAML Assertion against the IDP certificate - and not just the issuing CA