From 7fdc4f066e1ec9994c548991222b1779fd2f58e0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andreas=20=C3=85kre=20Solberg?= <andreas.solberg@uninett.no> Date: Fri, 1 Feb 2008 13:11:15 +0000 Subject: [PATCH] Fixed two bugs with signing Shib 1.3 responses. 1) certificate chain bug 2) switched to sign responses instead of assertions git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@235 44740490-163a-0410-bde0-09ae8108e29a --- lib/SimpleSAML/Bindings/Shib13/HTTPPost.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php b/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php index e9355a7b8..da1a408f3 100644 --- a/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php +++ b/lib/SimpleSAML/Bindings/Shib13/HTTPPost.php @@ -72,7 +72,8 @@ class SimpleSAML_Bindings_Shib13_HTTPPost { $privatekey = $this->configuration->getBaseDir() . '/cert/' . $idpmd['privatekey']; $publiccert = $this->configuration->getBaseDir() . '/cert/' . $idpmd['certificate']; - $certchain_pem_file = $this->configuration->getBaseDir() . '/cert/' . $idpmd['certificatechain']; + $certchain_pem_file = isset($idpmd['certificatechain']) ? + $this->configuration->getBaseDir() . '/cert/' . $idpmd['certificatechain'] : null; $privatek = file_get_contents($privatekey); @@ -116,7 +117,7 @@ class SimpleSAML_Bindings_Shib13_HTTPPost { */ - $objXMLSecDSig->addReferenceList(array($firstassertionroot), XMLSecurityDSig::SHA1, + $objXMLSecDSig->addReferenceList(array($responseroot), XMLSecurityDSig::SHA1, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature', XMLSecurityDSig::EXC_C14N), array('id_name' => 'ResponseID')); -- GitLab