Thursday, April 15, 2010

SHA256 et al in openinfocard

I just added support for RSA-SHA256 etc to openinfocard's signature validation.
This came up during the RSA conference' OASIS IMI interop. The cards issued by ADFS2 are signed using RSA-SHA256. The team from the Government of British Columbia suggested to configure ADFS2 to use SHA1 for card signing but this way is better. Openinfocard is now more flexible in regard to signing algorithms. I added all DSA and RSA algorithms from http://www.w3.org/TR/2010/WD-xmlsec-algorithms-20100316/

Enjoy.

4 comments:

童紫勳 said...
This comment has been removed by a blog administrator.
Stephen said...

Just a note -
Looks like you site certificate has recently expired.
https://xmldap.org/sts/cardmanager/

Axel Nennker said...

I asked cmort to renew the certificate and install it then.

Ric said...

Axel

I was looking for a Firefox infocard client (used to use Higgins, but hasn't been updated forever and won't install in later versions FF) and came across yours. However, it doesn't install on a Mac (OS10.6.3) because of the FF Darwin build not being supported.
Do you have any suggestions for either getting your extension to work, or another one which might?