Re: XML Signature Validation in Perl

in reply to XML Signature Validation in Perl

This is curios https://grep.cpan.me/?q=x509_key shows "x509_key" mentioned in XML::Sig and Net::SAML::XML::Sig

Comment on Re: XML Signature Validation in Perl

Replies are listed 'Best First'.
Re^2: XML Signature Validation in Perl by akalinux (Initiate) on May 03, 2019 at 23:49 UTC
I was running into the exact same problem. So wrote a module that will handle this without the "namespace" errors. Link here: XML::Sig::OO Here is the slice of code you need to validate the xml: `use Net::SAML2::Protocol::Assertion; use XML::Sig::OO; use MIME::Base64; # Lets assume we have a post binding response my $saml_response=..... my $xml=decode_base64($saml_response); my $v=XML::Sig::OO->new(xml=>$xml,cacert=>'idp_cert.pem'); my $result=$v->validate; die $result unless $result; # we can now use the asertion knowing it was from our idp my $assertion=Net::SAML2::Protocol::Assertion->new_from_xml(xml=>$xml)` [download]	[reply] [d/l]

Replies are listed 'Best First'.

Re^2: XML Signature Validation in Perl
by akalinux (Initiate) on May 03, 2019 at 23:49 UTC

XML::Sig::OO

use Net::SAML2::Protocol::Assertion;
use XML::Sig::OO;
use MIME::Base64;
 
# Lets assume we have a post binding response
my $saml_response=.....
 
my $xml=decode_base64($saml_response);
 
my $v=XML::Sig::OO->new(xml=>$xml,cacert=>'idp_cert.pem');
my $result=$v->validate;
die $result unless $result;
 
# we can now use the asertion knowing it was from our idp
my $assertion=Net::SAML2::Protocol::Assertion->new_from_xml(xml=>$xml)
[download]

[reply]
[d/l]

In Section Seekers of Perl Wisdom