summaryrefslogtreecommitdiff
path: root/metadata
diff options
context:
space:
mode:
authorBjörn Mattsson <bjorn@sunet.se>2023-11-20 07:37:07 +0100
committerBjörn Mattsson <bjorn@sunet.se>2023-11-20 07:37:07 +0100
commit6d002e1f62b48d4365cfe89b72d10fe92227e45a (patch)
tree3c758e4024dce59da3d60b871abd4ab777a3fdeb /metadata
parentb0b355c62476d775c508e89e66332b5f80a30ccc (diff)
Added missing file
Diffstat (limited to 'metadata')
-rw-r--r--metadata/xslt/check_algsupport.xsl64
1 files changed, 64 insertions, 0 deletions
diff --git a/metadata/xslt/check_algsupport.xsl b/metadata/xslt/check_algsupport.xsl
new file mode 100644
index 00000000..b9a0962d
--- /dev/null
+++ b/metadata/xslt/check_algsupport.xsl
@@ -0,0 +1,64 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+ check_algsupport.xsl
+
+ Checking ruleset for the SAML V2.0 Metadata Profile for Algorithm Support.
+
+ Author: Ian A. Young <ian@iay.org.uk>
+
+-->
+<xsl:stylesheet version="1.0"
+ xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"
+ xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
+
+ <!--
+ Common support functions.
+ -->
+ <xsl:import href="check_framework.xsl"/>
+
+ <!--
+ 2.3 md:EncryptionMethod should appear only in md:KeyDescriptor elements
+ whose @use is omitted or set to "encryption", i.e., not "signing".
+ -->
+ <xsl:template match="md:EncryptionMethod[../@use='signing']">
+ <xsl:call-template name="error">
+ <xsl:with-param name="m">EncryptionMethod should not be present on 'signing' KeyDescriptor</xsl:with-param>
+ </xsl:call-template>
+ </xsl:template>
+
+ <!--
+ Check for duplicate SigningMethod or DigestMethod algorithms in any given list.
+ -->
+ <xsl:template match="md:Extensions[alg:*]">
+
+ <!-- check individual alg:SigningMethod and alg:DigestMethod elements -->
+ <xsl:apply-templates/>
+ </xsl:template>
+
+ <!--
+ 2.4 Check for misplaced SigningMethod or DigestMethod elements.
+ -->
+ <xsl:template match="alg:*[not(parent::md:Extensions)]">
+ <xsl:call-template name="error">
+ <xsl:with-param name="m">
+ <xsl:text>alg:</xsl:text>
+ <xsl:value-of select="local-name()"/>
+ <xsl:text> must only appear within an Extensions element</xsl:text>
+ </xsl:with-param>
+ </xsl:call-template>
+ </xsl:template>
+
+ <!--
+ Check for duplicate EncryptionMethod elements in any given list.
+ -->
+ <xsl:template match="md:KeyDescriptor[md:EncryptionMethod]">
+
+ <!-- check individual md:EncryptionMethod elements -->
+ <xsl:apply-templates/>
+ </xsl:template>
+
+</xsl:stylesheet>