Skip to content

Added support to verify all signatures in a SAML message by using the… #161

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Dec 19, 2018
Merged

Added support to verify all signatures in a SAML message by using the… #161

merged 1 commit into from
Dec 19, 2018

Conversation

kevintuhumury
Copy link
Member

… corresponding KeyName instead of the KeyName of the first signature it finds in a SAML message.

  • Added a new set of key and certificate.
  • Added the new certificate as a signing certificate to the metadata of the Service Provider fixture.
  • Created a new fixture which contains an AuthnRequest signed with the newly added signing key (a) and added that AuthnRequest to an ArtifactResponse which is signed with the existing signing key (b), which both belong to the Service Provider.
  • Added functionality to support the verification of multiple signatures signed by a single issuer using multiple signing keys.
  • Verified that the resulting XML is valid.

@coveralls
Copy link

coveralls commented Dec 18, 2018
edited
Loading

Coverage Status

Coverage decreased (-0.001%) to 99.848% when pulling 2dbed14 on verify-multiple-signatures-with-corresponding-key-names into 4a7cdf9 on master.

@kevintuhumury kevintuhumury force-pushed the verify-multiple-signatures-with-corresponding-key-names branch from 8d37d9c to ece3474 Compare December 18, 2018 15:35
@kevintuhumury
Added support to verify all signatures in a SAML message by using the…
2dbed14 
… corresponding KeyName instead of the KeyName of the first signature it finds in a SAML message.

- Added a new set of key and certificate.
- Added the new certificate as a signing certificate to the metadata of the Service Provider fixture.
- Created a new fixture which contains an AuthnRequest signed with the newly added signing key (a) and added that AuthnRequest to an ArtifactResponse which is signed with the existing signing key (b), which both belong to the Service Provider.
- Added functionality to support the verification of multiple signatures signed by a single issuer using multiple signing keys.
- Verified that the resulting XML is valid.

Added the requirement that Nokogiri 1.8.5 or lower should be used. Nokogiri 1.9.0 and 1.9.1 (released during the last two days) cause a lot of errors on JRuby with the current master branch (so, even without these changes).
@kevintuhumury kevintuhumury force-pushed the verify-multiple-signatures-with-corresponding-key-names branch from ece3474 to 2dbed14 Compare December 19, 2018 15:19
@benoist benoist merged commit 8d4ad0e into master Dec 19, 2018
@kevintuhumury kevintuhumury deleted the verify-multiple-signatures-with-corresponding-key-names branch May 9, 2019 12:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@benoist benoist

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kevintuhumury @coveralls @benoist