Skip to content

Commit bfe0966

Browse files
timleggetimlegge
committed
Sign Metadata
1 parent 1cd0003 commit bfe0966

File tree

2 files changed

+21
-3
lines changed

2 files changed

+21
-3
lines changed

lib/Net/SAML2/SP.pm

Lines changed: 20 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -311,11 +311,13 @@ Returns the metadata XML document for this SP.
311311
sub metadata {
312312
my ($self) = @_;
313313

314+
use Net::SAML2::Util qw/generate_id/;
315+
314316
my $x = XML::Generator->new(':pretty', conformance => 'loose');
315317
my $md = ['md' => 'urn:oasis:names:tc:SAML:2.0:metadata'];
316318
my $ds = ['ds' => 'http://www.w3.org/2000/09/xmldsig#'];
317319

318-
$x->EntityDescriptor(
320+
my $metadata = $x->EntityDescriptor(
319321
$md,
320322
{
321323
entityID => $self->id },
@@ -324,7 +326,8 @@ sub metadata {
324326
{ AuthnRequestsSigned => defined($self->authnreq_signed) ? $self->authnreq_signed : '1',
325327
WantAssertionsSigned => defined($self->want_assertions_signed) ? $self->want_assertions_signed : '1',
326328
errorURL => $self->url . $self->error_url,
327-
protocolSupportEnumeration => 'urn:oasis:names:tc:SAML:2.0:protocol' },
329+
protocolSupportEnumeration => 'urn:oasis:names:tc:SAML:2.0:protocol',
330+
ID => generate_id()},
328331
$x->KeyDescriptor(
329332
$md,
330333
{
@@ -405,6 +408,21 @@ sub metadata {
405408
),
406409
)
407410
);
411+
412+
use Net::SAML2::XML::Sig;
413+
414+
my $signer = Net::SAML2::XML::Sig->new({
415+
key => $self->key,
416+
cert => $self->cert,
417+
sig_hash => 'sha256',
418+
digest_hash => 'sha256',
419+
x509 => 1,
420+
});
421+
422+
# create a signature
423+
my $signed = $signer->sign($metadata);
424+
425+
return $signed;
408426
}
409427

410428
__PACKAGE__->meta->make_immutable;

lib/Net/SAML2/XML/Sig.pm

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1590,7 +1590,7 @@ sub _signedinfo_xml {
15901590

15911591
#return qq{<dsig:SignedInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
15921592
return qq{<dsig:SignedInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
1593-
<dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
1593+
<dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
15941594
<dsig:SignatureMethod Algorithm="$algorithm" />
15951595
$digest_xml
15961596
</dsig:SignedInfo>};

0 commit comments

Comments
 (0)