1 files changed, 0 insertions, 195 deletions
diff --git a/xslt/check_uk_algorithms.xsl b/xslt/check_uk_algorithms.xsl
deleted file mode 100644
index 0a4c024f..00000000
--- a/xslt/check_uk_algorithms.xsl
+++ /dev/null
@@ -1,195 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
-    check_uk_algorithms.xsl
-
-    Checking ruleset for cryptographic algorithms. This is named as a UK
-    ruleset because the division between acceptable and unacceptable algorithms
-    is sometimes a judgement call; however, it should be generally
-    applicable.
-
-    The best reference for *all* URIs used as algorithm identifiers is the
-    XML Security Algorithm Cross-Reference at http://www.w3.org/TR/xmlsec-algorithms/
-    Algorithm lists here are in the same order as in that document.
-
-    Author: Ian A. Young <ian@iay.org.uk>
--->
-<xsl:stylesheet version="1.0"
-    xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"
-    xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
-    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
-    xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
-
-    <!--
-        Common support functions.
-    -->
-    <xsl:import href="check_framework.xsl"/>
-
-    <!--
-        *************************************
-        ***                               ***
-        ***   S I G N I N G M E T H O D   ***
-        ***                               ***
-        *************************************
-    -->
-
-    <!--
-        Check for known BAD SigningMethod algorithms.
-    -->
-    <xsl:template match="alg:SigningMethod[
-        @Algorithm = 'http://www.w3.org/2001/04/xmldsig-more#rsa-md5'
-        ]">
-        <xsl:call-template name="error">
-            <xsl:with-param name="m">
-                <xsl:text>insecure algorithm in SigningMethod: '</xsl:text>
-                <xsl:value-of select="@Algorithm"/>
-                <xsl:text>'</xsl:text>
-            </xsl:with-param>
-        </xsl:call-template>
-    </xsl:template>
-
-    <!--
-        Check for known GOOD SigningMethod algorithms.
-    -->
-    <xsl:template match="alg:SigningMethod[
-        @Algorithm = 'http://www.w3.org/2000/09/xmldsig#dsa-sha1' or
-        @Algorithm = 'http://www.w3.org/2009/xmldsig11#dsa-sha256' or
-        @Algorithm = 'http://www.w3.org/2000/09/xmldsig#rsa-sha1' or
-        @Algorithm = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha224' or
-        @Algorithm = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256' or
-        @Algorithm = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384' or
-        @Algorithm = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512' or
-        @Algorithm = 'http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160' or
-        @Algorithm = 'http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1' or
-        @Algorithm = 'http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224' or
-        @Algorithm = 'http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256' or
-        @Algorithm = 'http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384' or
-        @Algorithm = 'http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512'
-        ]">
-        <!-- do nothing -->
-    </xsl:template>
-
-    <!--
-        Misspelled or otherwise not known SigningMethod algorithms.
-    -->
-    <xsl:template match="alg:SigningMethod">
-        <xsl:call-template name="error">
-            <xsl:with-param name="m">
-                <xsl:text>unknown algorithm in SigningMethod: '</xsl:text>
-                <xsl:value-of select="@Algorithm"/>
-                <xsl:text>'</xsl:text>
-            </xsl:with-param>
-        </xsl:call-template>
-    </xsl:template>
-
-    <!--
-        ***********************************
-        ***                             ***
-        ***   D I G E S T M E T H O D   ***
-        ***                             ***
-        ***********************************
-    -->
-
-    <!--
-        Check for known BAD DigestMethod algorithms.
-    -->
-    <xsl:template match="alg:DigestMethod[
-        @Algorithm = 'http://www.w3.org/2001/04/xmldsig-more#md5'
-        ]">
-        <xsl:call-template name="error">
-            <xsl:with-param name="m">
-                <xsl:text>insecure algorithm in DigestMethod: '</xsl:text>
-                <xsl:value-of select="@Algorithm"/>
-                <xsl:text>'</xsl:text>
-            </xsl:with-param>
-        </xsl:call-template>
-    </xsl:template>
-
-    <!--
-        Check for known GOOD DigestMethod algorithms.
-    -->
-    <xsl:template match="alg:DigestMethod[
-        @Algorithm = 'http://www.w3.org/2000/09/xmldsig#sha1' or
-        @Algorithm = 'http://www.w3.org/2001/04/xmldsig-more#sha224' or
-        @Algorithm = 'http://www.w3.org/2001/04/xmlenc#sha256' or
-        @Algorithm = 'http://www.w3.org/2001/04/xmldsig-more#sha384' or
-        @Algorithm = 'http://www.w3.org/2001/04/xmlenc#sha512' or
-        @Algorithm = 'http://www.w3.org/2001/04/xmlenc#ripemd160'
-        ]">
-        <!-- do nothing -->
-    </xsl:template>
-
-    <!--
-        Misspelled or otherwise not known DigestMethod algorithms.
-    -->
-    <xsl:template match="alg:DigestMethod">
-        <xsl:call-template name="error">
-            <xsl:with-param name="m">
-                <xsl:text>unknown algorithm in DigestMethod: '</xsl:text>
-                <xsl:value-of select="@Algorithm"/>
-                <xsl:text>'</xsl:text>
-            </xsl:with-param>
-        </xsl:call-template>
-    </xsl:template>
-
-    <!--
-        *******************************************
-        ***                                     ***
-        ***   E N C R Y P T I O N M E T H O D   ***
-        ***                                     ***
-        *******************************************
-    -->
-
-    <!--
-        Check for known BAD EncryptionMethod algorithms.
-
-        This list is of symmetric key encryption algorithms *and*
-        key transport algorithms.
-    -->
-    <xsl:template match="md:EncryptionMethod[
-        @Algorithm = 'http://www.w3.org/2001/04/xmlenc#rsa-1_5'
-        ]">
-        <xsl:call-template name="error">
-            <xsl:with-param name="m">
-                <xsl:text>insecure algorithm in EncryptionMethod: '</xsl:text>
-                <xsl:value-of select="@Algorithm"/>
-                <xsl:text>'</xsl:text>
-            </xsl:with-param>
-        </xsl:call-template>
-    </xsl:template>
-
-    <!--
-        Check for known GOOD EncryptionMethod algorithms.
-
-        This list is of symmetric key encryption algorithms *and*
-        key transport algorithms.
-    -->
-    <xsl:template match="md:EncryptionMethod[
-        @Algorithm = 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc' or
-        @Algorithm = 'http://www.w3.org/2001/04/xmlenc#aes128-cbc' or
-        @Algorithm = 'http://www.w3.org/2001/04/xmlenc#aes192-cbc' or
-        @Algorithm = 'http://www.w3.org/2001/04/xmlenc#aes256-cbc' or
-        @Algorithm = 'http://www.w3.org/2009/xmlenc11#aes128-gcm' or
-        @Algorithm = 'http://www.w3.org/2009/xmlenc11#aes192-gcm' or
-        @Algorithm = 'http://www.w3.org/2009/xmlenc11#aes256-gcm' or
-        @Algorithm = 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p' or
-        @Algorithm = 'http://www.w3.org/2009/xmlenc11#rsa-oaep'
-        ]">
-        <!-- do nothing -->
-    </xsl:template>
-
-    <!--
-        Misspelled or otherwise not known EncryptionMethod algorithms.
-    -->
-    <xsl:template match="md:EncryptionMethod">
-        <xsl:call-template name="error">
-            <xsl:with-param name="m">
-                <xsl:text>unknown algorithm in EncryptionMethod: '</xsl:text>
-                <xsl:value-of select="@Algorithm"/>
-                <xsl:text>'</xsl:text>
-            </xsl:with-param>
-        </xsl:call-template>
-    </xsl:template>
-
-</xsl:stylesheet>