SWAMID-525, Keyrollover part 1 for 4 SP:s at math.su.se

1 files changed, 65 insertions, 0 deletions

diff --git a/swamid-2.0/utmanande.math.su.se-shibboleth.xml b/swamid-2.0/utmanande.math.su.se-shibboleth.xml
index b43ee515..f0780720 100644
--- a/swamid-2.0/utmanande.math.su.se-shibboleth.xml
+++ b/swamid-2.0/utmanande.math.su.se-shibboleth.xml
@@ -11,6 +11,22 @@
         <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
       </samla:Attribute>
     </mdattr:EntityAttributes>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
   </md:Extensions>
   <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
     <md:Extensions>
@@ -58,6 +74,55 @@ cltjAaJBgU+QoDEuKsQtzVwmR/JfWYaVaMDXCh+QwOgvP3MIq8pA
 </ds:X509Certificate>
         </ds:X509Data>
       </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </md:KeyDescriptor>
+    <md:KeyDescriptor use="encryption">
+      <ds:KeyInfo>
+        <ds:KeyName>utmanande.math.su.se</ds:KeyName>
+        <ds:X509Data>
+          <ds:X509SubjectName>CN=utmanande.math.su.se</ds:X509SubjectName>
+          <ds:X509Certificate>MIIEDjCCAnagAwIBAgIUFF+lEan5ovGKkrij2nx/uJaaUfgwDQYJKoZIhvcNAQEL
+BQAwHzEdMBsGA1UEAxMUdXRtYW5hbmRlLm1hdGguc3Uuc2UwHhcNMjExMTMwMTIz
+MDE4WhcNMzExMTI4MTIzMDE4WjAfMR0wGwYDVQQDExR1dG1hbmFuZGUubWF0aC5z
+dS5zZTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANUahgFAc18xu4nC
+JFByXjuN3Zv7GapFqTwh6NKq11PWfCsBRGFWwv/px1Cv22OdBLPZzLQvHS4hYAhj
+u0Hq4o4ZDLy0QZhd35oOwSmuYzLnUZYiZ2cP/7/kbQWPh45oTILfNiAHKSPOLhR9
+Okl6sAaBaJvCzw8XttABjcVMMxrCvs1QY5VNEmOQ73wtVZ9sS3DHDj+DH2N0y/Aj
+VCFVxRJo2aXzbQ8oH/Fv9djFw7jO13uXegbDekT8d2a5U0SehhVzscDbyVfV05OX
+KfZF0nDXAPx8mJwdc3hhNJ1/m61IcdK+/lasW+dWx/iYDkSk1hYgvFuhR/YCo8uM
+e6sft3iUr1zT4obAmKHETx5Rp/zSAQqV8JD12Ai5NIXImGz1EhlHZg7yaDEYv/nf
+qjjJnIE+nFb8mwve2rriUVMzk3Bo1AvJW7oBHTHNKEINKUhYBIiDCOd/4i9eIQpw
+QRzpV5rVH51x4IFtCkixmth+wlHQyn9gLcGNr3CuicXhsGaErQIDAQABo0IwQDAf
+BgNVHREEGDAWghR1dG1hbmFuZGUubWF0aC5zdS5zZTAdBgNVHQ4EFgQU4EUK2kEo
++cj+JrM5F8gddZn0LzYwDQYJKoZIhvcNAQELBQADggGBAEBG21OiVxb72AMfIFwf
+P8S86FEG++V1ZWSCMvlFtwOyG5lDxSKvtUJ1LOjnJauqJwTODGdAx2oEgwugcC0y
+XBPy/2q8PZ8lekqN7BNWDxl3GZAslaL1OpILdGydqVReDRPpBF56rkIUP3VdmHiE
+jkFhm/xZflRqek2QBi1HaaHzpkYlUkq/Y3OmP2jq7t5qjJEXbLWAFL5ApTNWRJ4s
+/pA/Qjeeviu9uREBSFocVotxjnCfF8PigG+jzObuV1GS3MyCLg/Xz3zAc7YKTyio
+toqOLSrpUNDssKvaE9EnjgZhiIQ+UwoUVP70Yd4AYZ2FMJoCNpo3TpLeKq+6kxJt
+jMtgWn2yugXnQhnbFgyL19luWzkmtR6DKj+Sf+SUYMjop/viGL88l8wgN90fMAZM
+7QW14LbuqYMosEHOkf3XuVYX7nImMG8LaZxIQX8U77RJ7/1mTpVcDg/dgAvdFDLU
+UWAgYN1/WaIEogIgRbj/RgT6fZue7+m+1tnXfE1qV3/2jA==
+</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
     </md:KeyDescriptor>
     <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://utmanande.math.su.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://utmanande.math.su.se/Shibboleth.sso/SLO/Artifact"/>