Added configuration so the test idp can change sign and digest algorithm.

If

SIGN_ALG = None
DIGEST_ALG = None

in service_conf sha1 will be used.

Author: Hans Hörberg

example/idp2/idp.py

@@ -51,6 +51,7 @@
 from idp_user import USERS
 from idp_user import EXTRA
 from mako.lookup import TemplateLookup
+import saml2.xmldsig as ds
 
 logger = logging.getLogger("saml2.idp")
 logger.setLevel(logging.WARNING)
@@ -1067,6 +1068,18 @@ def application(environ, start_response):
     HOST = CONFIG.HOST
     PORT = CONFIG.PORT
 
+    sign_alg = None
+    digest_alg = None
+    try:
+        sign_alg = CONFIG.SIGN_ALG
+    except:
+        pass
+    try:
+        digest_alg = CONFIG.DIGEST_ALG
+    except:
+        pass
+    ds.DefaultSignature(sign_alg, digest_alg)
+
     SRV = wsgiserver.CherryPyWSGIServer((HOST, PORT), application)
 
     _https = ""

example/idp2/idp_conf.py.example

@@ -8,6 +8,7 @@ from saml2.saml import NAME_FORMAT_URI
 from saml2.saml import NAMEID_FORMAT_TRANSIENT
 from saml2.saml import NAMEID_FORMAT_PERSISTENT
 import os.path
+import saml2.xmldsig as ds
 
 try:
     from saml2.sigver import get_xmlsec_binary
@@ -39,6 +40,11 @@ else:
 SERVER_CERT = "pki/mycert.pem"
 SERVER_KEY = "pki/mykey.pem"
 CERT_CHAIN = ""
+SIGN_ALG = None
+DIGEST_ALG = None
+#SIGN_ALG = ds.SIG_RSA_SHA512
+#DIGEST_ALG = ds.DIGEST_SHA512
+
 
 CONFIG = {
     "entityid": "%s/idp.xml" % BASE,