[OPENAM-1900] Provide support for more XML signatures types in SAML query string verification process - ForgeRock JIRA

Details

Type: New Feature
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: 10.0.0
Fix Version/s: 12.0.3, 13.0.0
Component/s: SAML
Labels:
- EDISON
- release-notes

Target Version/s:

12.0.3, 13.0.0

Sprint:
Sprint 82 - Sustaining, Sprint 83 - Sustaining, Sprint 84 - Sustaining, Sustaining Sprint 10, Sustaining Sprint 12, AM Sustaining Sprint 13
Epic Link:
SAML Improvements

Support Ticket IDs:

Description

Currently com.sun.identity.saml2.common.QuerySignatureUtil only supports the verification of these XML signatures:

http://www.w3.org/2000/09/xmldsig#rsa-sha1
http://www.w3.org/2000/09/xmldsig#dsa-sha1

Include support for the remaining set:

http://www.w3.org/2000/09/xmldsig#hmac-sha1
http://www.w3.org/2000/09/xmldsig#rsa-sha1
http://www.w3.org/2001/04/xmldsig-more#hmac-md5
http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160
http://www.w3.org/2001/04/xmldsig-more#hmac-sha256
http://www.w3.org/2001/04/xmldsig-more#hmac-sha384
http://www.w3.org/2001/04/xmldsig-more#hmac-sha512
http://www.w3.org/2001/04/xmldsig-more#rsa-md5
http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160
http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
http://www.w3.org/2001/04/xmldsig-more#rsa-sha512

Attachments

Issue Links

depends on

OPENAM-2673 Move away from using com.sun.org.apache.xml.internal.security packages for XML Signature API

Resolved

is related to

OPENAM-8627 Provide support for more XML signatures types in .NET fedlet

Resolved

Activity

People

Assignee:

Peter Major [X] (Inactive)

Reporter:

Mark de Reeper

Votes:

2 Vote for this issue

Watchers:

9 Start watching this issue

Dates

Created:

26/Nov/12 8:40 PM

Updated:

02/Aug/17 10:56 AM

Resolved:

13/Oct/15 3:05 PM

Time Tracking

Estimated:

8h

Remaining:

2h

Logged:

6h