From 8c901a8f84748a2a2e273a729b16077d8dbcd606 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Hans=20Ho=CC=88rberg?= Date: Fri, 6 Nov 2015 12:41:30 +0100 Subject: [PATCH] Added configuration so the test idp can change sign and digest algorithm. If SIGN_ALG = None DIGEST_ALG = None in service_conf sha1 will be used. --- example/idp2/idp.py | 13 +++++++++++++ example/idp2/idp_conf.py.example | 6 ++++++ 2 files changed, 19 insertions(+) diff --git a/example/idp2/idp.py b/example/idp2/idp.py index f3db83e..4d67a8d 100755 --- a/example/idp2/idp.py +++ b/example/idp2/idp.py @@ -51,6 +51,7 @@ from saml2.sigver import encrypt_cert_from_item from idp_user import USERS from idp_user import EXTRA from mako.lookup import TemplateLookup +import saml2.xmldsig as ds logger = logging.getLogger("saml2.idp") logger.setLevel(logging.WARNING) @@ -1067,6 +1068,18 @@ if __name__ == '__main__': HOST = CONFIG.HOST PORT = CONFIG.PORT + sign_alg = None + digest_alg = None + try: + sign_alg = CONFIG.SIGN_ALG + except: + pass + try: + digest_alg = CONFIG.DIGEST_ALG + except: + pass + ds.DefaultSignature(sign_alg, digest_alg) + SRV = wsgiserver.CherryPyWSGIServer((HOST, PORT), application) _https = "" diff --git a/example/idp2/idp_conf.py.example b/example/idp2/idp_conf.py.example index 1a2e4ec..dda1733 100644 --- a/example/idp2/idp_conf.py.example +++ b/example/idp2/idp_conf.py.example @@ -8,6 +8,7 @@ from saml2.saml import NAME_FORMAT_URI from saml2.saml import NAMEID_FORMAT_TRANSIENT from saml2.saml import NAMEID_FORMAT_PERSISTENT import os.path +import saml2.xmldsig as ds try: from saml2.sigver import get_xmlsec_binary @@ -39,6 +40,11 @@ else: SERVER_CERT = "pki/mycert.pem" SERVER_KEY = "pki/mykey.pem" CERT_CHAIN = "" +SIGN_ALG = None +DIGEST_ALG = None +#SIGN_ALG = ds.SIG_RSA_SHA512 +#DIGEST_ALG = ds.DIGEST_SHA512 + CONFIG = { "entityid": "%s/idp.xml" % BASE,