The key encryption padding algorithm is now configurable, the default
being changed to OAEP. It's possible to set the default through
./configure with:
--with-default-key-encryption-method=[rsa-pkcs1|rsa-oaep]
at initialization time with an environment variable:
LASSO_DEFAULT_KEY_ENCRYPTION_METHOD=[rsa-pkcs1|rsa-oaep]
or at runtime for a service provider:
lasso_provider_set_key_encryption_method(LassoProvider *provider,
LassoKeyEncryptionMethod key_encryption_method)
The setting is global for all encrypted nodes (Assertion or NameID).
ECP does not require an SP to know the remote IdP provider. Existing
code made the assumption the remote provider always was
necessary. Determination and setting of the remote consumer URL is
different in the presence of ECP. Rework the logic to reflect
differing requirements.
Signed-off-by: John Dennis <jdennis@redhat.com>
License: MIT
The compiler was complaining that 'compa' could be uninitialized.
USe this occasion to make the code simpler to understand and assign
actually meaningful values to the variable, even though the proper
actions are not implemented yet.
License: MIT
Signed-off-by: Simo Sorce <simo@redhat.com>
Instad of referring to an old FSF address, point the reader to the FSF
website where the latest licenses and addresses are published.
Signed-off-by: Simo Sorce <simo@redhat.com>
The old way of transmiting the assertion to return via the session is kept,
but a new way more semblable to the one used in the SAML 2.0 code is added.
After lasso_login_build_artifact_msg() you must save the return of
lasso_profile_get_artifact_message() linked to the value of the artifact
obtained via lasso_profile_get_artifact().
In the artifact-resolve endpoint you must find the artifact message
corresponding to the return value of lasso_profile_get_artifact()
reinstall the artifact message using lasso_profile_set_artifact_message()
just before calling lasso_login_build_response_msg().
This change is necessary for ID-FF 1.2 SSO profile to work with the
thin-sessions.
The new implementations of lasso_node_impl_init_from_xml now validate
namespace of all child nodes befores parsing. It stops on any error. For
node which implement their own parsing of an attribute or a node, it
must declare an XmlSnippet with an offset field set to 0. The 0 value is
invalid for public GObject structure (it's the place of the GObject
machinery like the reference count). The 0 offset can be used for
XmlSnippet in a private structure, so never set the offset to 0 with the
flag SNIPPET_PRIVATE, for a field which is parsed by you get_xmlNode
virtual method.
Other ameliorations in this commit is the possibility to set attributes
with namespace when using the flags SNIPPET_ATTRIBUTE|SNIPPET_ANY. The
syntax for an attribute is inspired by the element tree API from Python:
{namespace}attribute_name
an example:
{http://www.w3.org/2001/XMLSchema-instance}type
for the classic xsi:type attribute.
This commit complements the support for multiple signing certificate
support in the metadata files. The use-case is still key roll-over.
The structure LassoServerPrivateData was changed to accomodate multiple
decryption keys, and so:
xmlSecKey *encryption_private_key
became:
GList *encryption_private_keys
All uses of this key were replaced by a loop over this list, terminating
with the first key to be able to decrypt the content.
The private key passed to lasso_server_new() or
lasso_server_new_from_buffers() is first added to the list of decryption
keys. Any other call to
lasso_server_set_encryption_private_key_with_password() or
lasso_server_set_encryption_private_key() will add a new key to the
list.
Identity, Lecp, Login, Logout, NameIdentifierMapping, NameRegistration,
Session, AssertionQuery, Ecp and NameIdManagement objects were missing a
namespace association to their GObject class. It broke when you try to
dump a node created by lasso_node_new_from_dump.
There is two sources of advice for signature checking:
AuthnRequestsSigned attribute in service provider metadata files and
value of lasso_profile_get_signature_verify_hint().
If lasso_profile_get_signature_verify_hint() forbid to check signature,
we do not check.
If the SP advise to check signature, we check.
If lasso_profile_get_signature_verify_hint() forces to check signature,
we do not check.
In all other cases we only check if a signature is present, i.e. we
ignore the error LASSO_DS_ERROR_SIGNATURE_NOT_FOUND.
* server.c,serverprivate.h: add new private method
lasso_server_get_firs_providerID_by_role(server, role)w
* defederation.c: use new private method
lasso_server_get_first_providerID_by_role for find providerID
when the argument remote_providerID is null in
lasso_defederation_init_notification.
* lasso/id-ff/login.c (lasso_login_init_authn_request): use new private
method lasso_server_get_first_providerID_by_role.
* provider.h: add thre new provider role (authn,pdp,attribute) and
four new services (authn,assertionid,attribute,authz) and also
a ROLE_ANY value (-1) for catchall purpose and a ROLE_LAST for
array sizing.
* provider.h: add a LAST member to LassoMdProtocolType enum.
* providerprivate.h,provider.c:
- removes separate hashtable for descriptors depending on provider role,
use only one table named Descriptors.
- use the LAST members of enumerations to dimention static string arrays.
* provider.h: add a LAST member to the e
* provider.c:
add annotation for nullable arguments (necessary for bindings of
new_from_buffer).
* server.c: add annotations, allow to set encryption_private_key from
buffers
Benjamin Dauvergne
John Dennis
Frédéric Péters
Simo Sorce