Open kuter opened 4 years ago
Which kind of distribution / xmlsec1 release you're using?
I'm using xmlsec1 1.2.30 from openSUSE Tumbleweed repositiories .. but according to the docs https://www.aleksey.com/xmlsec/xmldsig.html xmlsec1 does not support ECDA security algorithm at all.
Bad news, you should consider to build a new CryptoBackend! Often discusses replacing xmlsec1 with something different but still nothing on the horizon
There seems to be some support for ecdsa sigs:
$ xmlsec1 --version
xmlsec1 1.2.30 (openssl)
$ xmlsec1 --list-transforms | grep -io ecdsa........
ecdsa-sha1","
ecdsa-sha224"
ecdsa-sha256"
ecdsa-sha384"
ecdsa-sha512"
see also,
I have not tested it, but it might be worth trying out to support this.
What I'm trying to do is to integrate with SAML IDP which requires signing certificate with ECDSA key. I've already run code from
example/
with RSA keys and everything works as I expect.Code Version
Expected Behavior
Send an signed XML request using
xmlsec1
to IDP.Current Behavior
I'm using modified version of sp_conf.example, I've done few changes and my config looks like:
now when I'm trying to log in I got error:
Steps to Reproduce
Try to sign a request with ECDSA key.