Activate tree walk for prefix inclusion (requires xmlsec patch), correct test data.

author cantor <cantor@fb386ef7-a10c-0410-8ebf-fd3f8e989ab0>

Tue, 10 Apr 2007 00:43:46 +0000 (00:43 +0000)

committer cantor <cantor@fb386ef7-a10c-0410-8ebf-fd3f8e989ab0>

Tue, 10 Apr 2007 00:43:46 +0000 (00:43 +0000)
author cantor <cantor@fb386ef7-a10c-0410-8ebf-fd3f8e989ab0>
Tue, 10 Apr 2007 00:43:46 +0000 (00:43 +0000)
committer cantor <cantor@fb386ef7-a10c-0410-8ebf-fd3f8e989ab0>
Tue, 10 Apr 2007 00:43:46 +0000 (00:43 +0000)
diff --git a/saml/signature/ContentReference.cpp b/saml/signature/ContentReference.cpp

index 452ee09..80f248a 100644 (file)
--- a/saml/signature/ContentReference.cpp
+++ b/saml/signature/ContentReference.cpp
@@ -57,7 +57,7 @@ void ContentReference::createReferences(DSIGSignature* sig)
      ref->appendEnvelopedSignatureTransform();
      DSIGTransformC14n* c14n=ref->appendCanonicalizationTransform(m_c14n ? m_c14n : DSIGConstants::s_unicodeStrURIEXC_C14N_NOC);
      if (!m_c14n || m_c14n == DSIGConstants::s_unicodeStrURIEXC_C14N_NOC || m_c14n == DSIGConstants::s_unicodeStrURIEXC_C14N_COM) {
-        //addPrefixes(m_signableObject);
+        addPrefixes(m_signableObject);
  #ifdef HAVE_GOOD_STL
          xstring prefixes;
          for (set<xstring>::const_iterator p = m_prefixes.begin(); p!=m_prefixes.end(); ++p)
diff --git a/samltest/data/signature/SAML1Assertion.xml b/samltest/data/signature/SAML1Assertion.xml

index 47513be..20c6ea4 100644 (file)
--- a/samltest/data/signature/SAML1Assertion.xml
+++ b/samltest/data/signature/SAML1Assertion.xml
@@ -9,15 +9,17 @@ AuthenticationMethod="method"
  <ds:Reference URI="#ident">
  <ds:Transforms>
  <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
-<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ds saml"/>
+</ds:Transform>
  </ds:Transforms>
  <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
  <ds:DigestValue>j2GRm2UDOBvxwlzvX0fjXYeAGIA=</ds:DigestValue>
  </ds:Reference>
  </ds:SignedInfo>
-<ds:SignatureValue>AA5098JC4gfdAf2bvPQRZ9Ld/VehXAB3uhp0r4js4i6fMB3hGMs4VnE9iEJEsPDD
-0Kj4cfewxHij/kHrWcxpKMMqIgGlqKYZhuQHfFt8GzDeeFIgu1R675jcN4uCOoWl
-3aRVd9hgPRsXzf7/RkMiXHIsU/NjUPRKf7GjNt2jNT0=</ds:SignatureValue>
+<ds:SignatureValue>noFPfzQYxU1saeMUTiuX0SuMtNfI78cBqrzsxB7SnwJ2ea/DBrG4FnXQ3swQLfsv
+OX1Sy3zvUSWDte91Tr+SAVD0oUsk+wx5dQrDX9aQnYq5b8snbWpJRskiQYKFYfGG
+sIovi2m9YOS7FuyOHemMlDc+AMiLFz+wYL6mNXNKuL8=</ds:SignatureValue>
  <ds:KeyInfo><ds:KeyName>sp.example.org</ds:KeyName><ds:X509Data><ds:X509Certificate>MIICjzCCAfigAwIBAgIJAKk8t1hYcMkhMA0GCSqGSIb3DQEBBAUAMDoxCzAJBgNV
  BAYTAlVTMRIwEAYDVQQKEwlJbnRlcm5ldDIxFzAVBgNVBAMTDnNwLmV4YW1wbGUu
  b3JnMB4XDTA1MDYyMDE1NDgzNFoXDTMyMTEwNTE1NDgzNFowOjELMAkGA1UEBhMC
diff --git a/samltest/data/signature/SAML1Request.xml b/samltest/data/signature/SAML1Request.xml

index f6e1c30..b104f3b 100644 (file)
--- a/samltest/data/signature/SAML1Request.xml
+++ b/samltest/data/signature/SAML1Request.xml
@@ -6,15 +6,17 @@ MajorVersion="1" MinorVersion="1" RequestID="ident"><ds:Signature xmlns:ds="http
  <ds:Reference URI="#ident">
  <ds:Transforms>
  <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
-<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ds saml samlp"/>
+</ds:Transform>
  </ds:Transforms>
  <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
  <ds:DigestValue>pqhIt8nUldh3KVL6IEewRxKXYhM=</ds:DigestValue>
  </ds:Reference>
  </ds:SignedInfo>
-<ds:SignatureValue>UE5p832pLFYvMloRofN3y0rrFY7B8zOcF7+CHYyxFn6pqgPeEYGqkbUWlV15/tJ5
-wXJ3LiLQroYQI3XHPvKRSV4OtF9ZFm4QDK7RNd6gnUmHed6Zje//e6z2ekA0UzTl
-IeWCuD84mWemMJzRAhSFKcnqJDBHA61Krvg1kf/2c2E=</ds:SignatureValue>
+<ds:SignatureValue>LZjrLObm21F7WoLEpuzKs9d+R9+qqyh1YOiwc5P1vfFDadrk+bPCQFR/RpkjJpNw
+fnUONvYshTjltqLqHSNCNbBoYdK1AZxP8/ucqIK1jqi88FDao2ZccenEscDnjjrW
+ZwoFCcR5Mx5oie5wmBzKqStjh0aGP5JVXW2gerULpLI=</ds:SignatureValue>
  <ds:KeyInfo><ds:KeyName>sp.example.org</ds:KeyName><ds:X509Data><ds:X509Certificate>MIICjzCCAfigAwIBAgIJAKk8t1hYcMkhMA0GCSqGSIb3DQEBBAUAMDoxCzAJBgNV
  BAYTAlVTMRIwEAYDVQQKEwlJbnRlcm5ldDIxFzAVBgNVBAMTDnNwLmV4YW1wbGUu
  b3JnMB4XDTA1MDYyMDE1NDgzNFoXDTMyMTEwNTE1NDgzNFowOjELMAkGA1UEBhMC
diff --git a/samltest/data/signature/SAML1Response.xml b/samltest/data/signature/SAML1Response.xml

index f53846e..b8327bc 100644 (file)
--- a/samltest/data/signature/SAML1Response.xml
+++ b/samltest/data/signature/SAML1Response.xml
@@ -5,15 +5,17 @@
  <ds:Reference URI="#rident">
  <ds:Transforms>
  <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
-<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ds saml samlp"/>
+</ds:Transform>
  </ds:Transforms>
  <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-<ds:DigestValue>TfMZL9tjX6BFJb1whHodLQw94aE=</ds:DigestValue>
+<ds:DigestValue>a1JVnl2vz52nlT82b41eAQ+n3Fw=</ds:DigestValue>
  </ds:Reference>
  </ds:SignedInfo>
-<ds:SignatureValue>SvahDxYpqSJI16CjJt2YWQO6DHvrtL9aNCsxwpEG4rRjkUshipwUHMngulnQHyX6
-BiJ5NrdAWd2HMaUOIiwg1e0Xi/H5BGwdyPPOM7kA05EOdnNO2wWcWgjRSUTa7f9g
-a3SHSk63QckMJBkm1neUijbktD2sk0yX6Zm0oyKWlYI=</ds:SignatureValue>
+<ds:SignatureValue>yOjXJOlHT8GsJjTdkWrVRvdxVie3aOjLYn5OoS55SHBw7ekeXdlu/eKlLHpM6x+s
+8uxTb0jnnnClIFqM69K3MMpZ1no2C5+pm5ySqZyo/lJi5MWmjx1jL7LRY8vRgm3s
+JnQkq1BeeUm7UWM6Pt3FlocAQ9opYgqwE0oxx52TQWA=</ds:SignatureValue>
  <ds:KeyInfo><ds:KeyName>sp.example.org</ds:KeyName><ds:X509Data><ds:X509Certificate>MIICjzCCAfigAwIBAgIJAKk8t1hYcMkhMA0GCSqGSIb3DQEBBAUAMDoxCzAJBgNV
  BAYTAlVTMRIwEAYDVQQKEwlJbnRlcm5ldDIxFzAVBgNVBAMTDnNwLmV4YW1wbGUu
  b3JnMB4XDTA1MDYyMDE1NDgzNFoXDTMyMTEwNTE1NDgzNFowOjELMAkGA1UEBhMC
@@ -39,15 +41,17 @@ AuthenticationMethod="method"><saml:Subject><saml:NameIdentifier>John Doe</saml:
  <ds:Reference URI="#aident">
  <ds:Transforms>
  <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
-<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ds saml"/>
+</ds:Transform>
  </ds:Transforms>
  <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
  <ds:DigestValue>/owFROXYYru5+/j0TpHEz+hjXqY=</ds:DigestValue>
  </ds:Reference>
  </ds:SignedInfo>
-<ds:SignatureValue>d4SsRgDSjboTRA2YUD68TPp+17AqRmxbY/LrWJhueIC/JY+Ct7+Fd6bugUXliIeD
-NVRDACsEB7PqYWZ99+Ecf8XAmQYCw5elj8mWxPp0o+UVHtBZOR2bC+/YjNitSM+x
-G/F3JgZqfunUcg7mcj6WEAUt4pjKhjaTY8Z7QJltdKc=</ds:SignatureValue>
+<ds:SignatureValue>xttzgmYBtjqoxeKRkScW6dIkE5pGyBeTcajAevaquJeAKrRcagu2on/4Apq5xsse
+tgdkQnMUV+yPHKw+t0tXGUJCnL286/ePGdz2TAVIg5idT7H6TxFLgUbCO4xoKH4h
+zGQjxxPZvXbb7z9XTAqIkyW1QbaC20i+IOkk1ZQiBEU=</ds:SignatureValue>
  <ds:KeyInfo><ds:KeyName>sp.example.org</ds:KeyName><ds:X509Data><ds:X509Certificate>MIICjzCCAfigAwIBAgIJAKk8t1hYcMkhMA0GCSqGSIb3DQEBBAUAMDoxCzAJBgNV
  BAYTAlVTMRIwEAYDVQQKEwlJbnRlcm5ldDIxFzAVBgNVBAMTDnNwLmV4YW1wbGUu
  b3JnMB4XDTA1MDYyMDE1NDgzNFoXDTMyMTEwNTE1NDgzNFowOjELMAkGA1UEBhMC
diff --git a/samltest/data/signature/SAML2Assertion.xml b/samltest/data/signature/SAML2Assertion.xml

index 6ad4709..2398f64 100644 (file)
--- a/samltest/data/signature/SAML2Assertion.xml
+++ b/samltest/data/signature/SAML2Assertion.xml
@@ -6,15 +6,17 @@ Version="2.0"><saml:Issuer>issuer</saml:Issuer><ds:Signature xmlns:ds="http://ww
  <ds:Reference URI="#ident">
  <ds:Transforms>
  <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
-<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ds saml"/>
+</ds:Transform>
  </ds:Transforms>
  <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
  <ds:DigestValue>8DSEsWJl4wOiwY15f7fAurDWpbo=</ds:DigestValue>
  </ds:Reference>
  </ds:SignedInfo>
-<ds:SignatureValue>zgKU42nQKyB9m8RkDz1I2r7h0N9pc5ys9kve7oN9/Dugrn583/3bMgQBfk1rw4Pq
-BfztAZNcf2lstzvgpVB9fVTsTUuEDtT0mhc+f5t8kbCkABGu0SrfCnDjbYpmEeLC
-j8rJO4aSZIV4tN21aAkQyys28l4oB3KGTTDASjEPVgQ=</ds:SignatureValue>
+<ds:SignatureValue>rOtKGQFdqy51HXwY20wEPgkITlwllm//yJkIWTQdWbMSA+Eb9B+NWOSj+8MEWe5b
+jaM1lJ8as3hbetUMKNPKO2mX1M08cveth7mPG9VsJVArvLsn8UYyNX7WUDzCUu0G
+aVHlZYCFeixUPS/NaXVWvtb7CUyNV4vPnsPYIEI1+gQ=</ds:SignatureValue>
  <ds:KeyInfo><ds:KeyName>sp.example.org</ds:KeyName><ds:X509Data><ds:X509Certificate>MIICjzCCAfigAwIBAgIJAKk8t1hYcMkhMA0GCSqGSIb3DQEBBAUAMDoxCzAJBgNV
  BAYTAlVTMRIwEAYDVQQKEwlJbnRlcm5ldDIxFzAVBgNVBAMTDnNwLmV4YW1wbGUu
  b3JnMB4XDTA1MDYyMDE1NDgzNFoXDTMyMTEwNTE1NDgzNFowOjELMAkGA1UEBhMC
author	cantor <cantor@fb386ef7-a10c-0410-8ebf-fd3f8e989ab0>
	Tue, 10 Apr 2007 00:43:46 +0000 (00:43 +0000)
committer	cantor <cantor@fb386ef7-a10c-0410-8ebf-fd3f8e989ab0>
	Tue, 10 Apr 2007 00:43:46 +0000 (00:43 +0000)
saml/signature/ContentReference.cpp		patch \| blob \| history
samltest/data/signature/SAML1Assertion.xml		patch \| blob \| history
samltest/data/signature/SAML1Request.xml		patch \| blob \| history
samltest/data/signature/SAML1Response.xml		patch \| blob \| history
samltest/data/signature/SAML2Assertion.xml		patch \| blob \| history