Is there support for AES-128-GCM and AES-256-GCM

[melgart]

Hi @pitbulk -- this is a question related to PRs #255 and #203 -- neither of which give definitive answers.

Does python3-saml currently support AES-128-GCM and AES-256-GCM as encryption methods? I have a customer that has upgraded to Shibboleth 4 which uses AES-128-GCM as the default encryption algorithm. They specifically want AES-256-GCM, but I just need to know if python3-saml supports either of these out of the box.

[pitbulk]

python3-saml uses xmlsec which it seems added gcm support on 2020: https://github.com/mehcode/python-xmlsec/pull/154

Give a try and see if you are able to decrypt with gcm algorithm.

[melgart]

@pitbulk You were right, of course. python3-saml works just fine with the right version of xmlsec. In my case, I tested successfully with xmlsec 1.2.34. Thank you for the help here. 🙏🏻