search

perl-net-saml2 / perl-XML-Sig

XML::Sig - A Perl toolkit to help sign and verify XML Digital Signatures.
https://metacpan.org/pod/XML::Sig
1 stars 2 forks source link

Another example of XML::Sig versus samltool.com #8

Closed philiprbrenan closed 3 years ago

philiprbrenan commented 3 years ago

Another example of an XML (SAML) signed document that:

SamlTool

claims is valid, but which XML::Sig claims is invalid.

test.pl

image

timlegge commented 3 years ago

Pretty sure its related to multiple signatures. Drop the xml into https://tools.chilkat.io/xmlDsigVerify.cshtml and it will check each signature. It the originaly failed case there are three signatures, The signatures of the SignedInfo verify properly but only one of the digests verify. I have been rewriting the verify functions to ensure it deals with multiple signatures. The verification of SignedInfo works now I just need to figure out the digest issue

philiprbrenan commented 3 years ago

https://tools.chilkat.io/xmlDsigVerify.cshtml#generatedCode also confirms that the signature is valid:

image

timlegge commented 3 years ago

Can you send me that XML? There is only one signature so that shoots my theory to ...

On Wed, Nov 25, 2020 at 10:02 AM philip r brenan notifications@github.com wrote:

https://tools.chilkat.io/xmlDsigVerify.cshtml#generatedCode also confirms that the signature is valid:

[image: image] https://user-images.githubusercontent.com/7548378/100237418-d2648d80-2f26-11eb-8bbb-8f889edd885b.png

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/perl-net-saml2/perl-XML-Sig/issues/8#issuecomment-733724937, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAH3N6ZDUKEIF23FUIJK5VDSRUFARANCNFSM4UCMPI7A .

timlegge commented 3 years ago

Duplicate of #5