2

I am implementing an IDP using LightSAML Core package in Laravel framework. Basically, I need to send a SAML Response to a recipient, however I need to implement a symmetric and an asymmetric encryption: When an assertion is created, I need to generate a random symmetric key and encrypt the assertion with that key. Then I need to encrypt the dynamic key using the recipient's public key, and include the resulting encrypted dynamic key in the Response. The problem I am facing is (1) generating the random symmetric key and (2) encrypting the assertion with it.

As described in LightSAML docs, an Assertion is normally encrypted with the certificate of the recipient (i.e. their public key). However, in this case it needs to be a random symmetric key. Now, this answer suggests that a symmetric key is nothing but a random set of bytes. But how do use that random string to encrypt an Assertion, if the LightSAML API requires a certificate file (NOT just a string) for encryption? Do I need to create a certificate file from that random symmetric key?

Next, to encrypt the dynamic key using the recipient's public key, how would I go about it? I was thinking openssl_public_encrypt by giving it random symmetric key string and plain-text recipient's public key, but is there a better way? How would I include that encrypted key string in the response?

Lastly, when the Response is signed, it should be signed with my private key. However, LightSAML requires not just my private key, but also my public key. How so? Why is my public key even needed here? Should I not use the encrypted symmetric key (i.e. symmetric key encrypted with recipient's public key)?

Community
  • 1
  • 1
Alex
  • 3,719
  • 7
  • 35
  • 57
  • 2
    Random symmetric key is encrypted with public key of the service provider, and assertions are encrypted with that symmetric key. LightSAML does this for you transparently. You don't have to do anything more than written in the docs. You need to sign the message with your private key IF SP wants signed messages. SP verifies the signature using your PUBLIC key which you deliver in IdP metadata. – Mjh Dec 29 '16 at 16:43

1 Answers1

1

LightSAML does what you described - it generates a random symmetric key, encrypts it with your private key and uses this random symmetric key to encrypt the assertions. What you linked from the docs is a convenience method that does all of this for you if you provide your private key.

When the response is signed, it uses your private key. This is done when SP wants signed messages and is used when transport isn't SSL / TLS. Reason why LightSAML wants your public key is to verify the signature. It's just an example in the docs on how to sign and verify the message.

Flow is: - sign message with IdP's private key - verify signature on SP with IdP's public key

Public keys between IdP and SP are exchanged during metadata exchange.

Mjh
  • 2,904
  • 1
  • 17
  • 16