IBM Verify

 View Only

New encryption key transport algorithm choice for SAML 2.0 Parnter in ISVA

  • 1.  New encryption key transport algorithm choice for SAML 2.0 Parnter in ISVA

    Posted Fri October 13, 2023 11:01 AM

    Hello community.

    We a configuration set up on our ISVA (IBM Security Verify Access), where we have a partner to a federation, that uses key transport algorithm to encrypt data before sending it to our outside partner. We have to make a new implementation with possibility to choose an algorithm that is not listed in existing configuration. 

    The title of the algorithm we want to be able to choose is "RSASSA-PSS". Right now the only possibilities that are available are "RSA-v1.5" and "RSA-OAEP". Those algorithms do not satisfy the needs of this business case, therefore we are looking for the possibilities to either have it as a choice or to have some workaround, so we can encrypt data with that algorithm, so our customer is able to decrypt it on their side. 

    I know that ISVA itself supports any algorithm that is specified in configuration, but we cant find a way to enable it for our SAML 2.0.

    Is there anyone who has stumbled upon this similar problem? Or is there a workaround that can be implemented to bypass that limitation? I will attach the screenshot to have a visual image of an issue. More information and attachments can be provided if necessary. 



    ------------------------------
    David Møller
    ------------------------------