Retired hash function in SAML Response
Description
The application's SAML Consumer Service accepts SAML responses signed with cryptographically weak or retired hash functions (such as SHA-1 or MD5). SAML responses contain authentication assertions that establish user identity and privileges. When weak hash functions are used for digital signatures, attackers may be able to forge valid SAML responses through collision attacks, allowing them to impersonate legitimate users or escalate their own privileges.
Remediation
Update the SAML Service Provider configuration to reject SAML responses signed with retired hash functions and require modern, secure algorithms:
1. Configure Accepted Signature Algorithms:
Update your SAML SP configuration to only accept SHA-256 or stronger hash functions. Reject SHA-1, MD5, and other deprecated algorithms.
Example for SimpleSAMLphp:
// config/authsources.php
'default-sp' => [
'saml:SP',
'signature.algorithm' => 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',
'signature.whitelist' => [
'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',
'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384',
'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512',
],
];
Example for Shibboleth SP:
<ApplicationDefaults entityID="https://sp.example.org/shibboleth"
signing="true"
signatureAlg="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256">
<Sessions ... >
<SessionInitiator type="SAML2" ... />
</Sessions>
</ApplicationDefaults>
2. Coordinate with Identity Provider:
Contact your SAML Identity Provider (IdP) administrator to ensure they configure their systems to sign responses using SHA-256 or stronger algorithms.
3. Test Thoroughly:
After configuration changes, verify that SAML authentication works correctly and that responses with weak signatures are properly rejected.