xml-sig-unsigned-dsa-multiple-3.xml

1. <?xml version="1.0" encoding="utf-8"?>
2. <samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" ID="identifier_1" InResponseTo="identifier_1" Version="2.0" IssueInstant="2004-12-05T09:22:05Z" Destination="https://sp.example.com/SAML2/SSO/POST">
3.   <saml:Issuer>https://idp.example.org/SAML2</saml:Issuer>
4.   <samlp:Status>
5.     <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
6.   </samlp:Status>
7.   <saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" ID="identifier_2" Version="2.0" IssueInstant="2004-12-05T09:22:05Z">
8.     <saml:Issuer>https://idp.example.org/SAML2</saml:Issuer>
9.     <!-- a POSTed assertion MUST be signed -->
10.     <saml:Subject>
11.       <saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">
12. 3f7b3dcf-1674-4ecd-92c8-1544f346baf8
13. </saml:NameID>
14.       <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
15.         <saml:SubjectConfirmationData InResponseTo="identifier_1" Recipient="https://sp.example.com/SAML2/SSO/POST" NotOnOrAfter="2004-12-05T09:27:05Z"/>
16.       </saml:SubjectConfirmation>
17.     </saml:Subject>
18.     <saml:Conditions NotBefore="2004-12-05T09:17:05Z" NotOnOrAfter="2004-12-05T09:27:05Z">
19.       <saml:AudienceRestriction>
20.         <saml:Audience>https://sp.example.com/SAML2</saml:Audience>
21.       </saml:AudienceRestriction>
22.     </saml:Conditions>
23.     <saml:AuthnStatement AuthnInstant="2004-12-05T09:22:00Z" SessionIndex="identifier_3">
24.       <saml:AuthnContext>
25.         <saml:AuthnContextClassRef>
26. urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
27. </saml:AuthnContextClassRef>
28.       </saml:AuthnContext>
29.     </saml:AuthnStatement>
30. <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
31.             <dsig:SignedInfo xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
32.                 <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
33.                 <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
34.                 <dsig:Reference URI="#identifier_2">
35.                         <dsig:Transforms>
36.                             <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
37.                             <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
38.                         </dsig:Transforms>
39.                         <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
40.                         <dsig:DigestValue>N4rNgy3c1NNIrwby6/6s9USmfn0=</dsig:DigestValue>
41.                     </dsig:Reference>
42.             </dsig:SignedInfo>
43.             <dsig:SignatureValue>dmgOAZAEVmbDZr5r6OkW5y0nS4JLFJQMS4a2hFxc3p3279OtdE3HoA==</dsig:SignatureValue>
44.             <dsig:KeyInfo>
45.                              <dsig:KeyValue>
46. <dsig:DSAKeyValue>
47. <dsig:P>
48. 3F1cWxyKaQ3LvrmNQ3VhC8V1V6D8kG0BTaNDcBCOvv6QCs+C47dwl2XQYTFFFj2h
49. 4JDh9Lb0iN/7SeyX6TDm+lZzC+NaDzsM3MkEFDjGRD1Nmv7U9qKXlt926XAmnaJa
50. h+7TEMZnQpfp7sw3gx9ySg2wOrxcsJron2M9BaXNZqE=
51. </dsig:P>
52. <dsig:Q>
53. rV9QMZEZe+gHIYZ0bkmCtFTwKyc=
54. </dsig:Q>
55. <dsig:G>
56. p//HjldAAFBB4ZQJuoLIw62OZoLrZCJaTmcH+btMxz7y2GpagNemN6IAHfFiZ6eU
57. 5fSI+BZX2dnOTnG4rp4ZR2HSUQxk4SFTDduwidVx74KnOgGc6uC5h7sFI0EyGN5N
58. h0Sy8qVA2A4MGcYcN/mIRvzcNvpRDDzyw19EREK4tFg=
59. </dsig:G>
60. <dsig:Y>
61. Ncpnjk0HvI1GuGrgGS3WegzXVZw3eY/WHuopfkEams5n1GF/y0pewgiZBcQkLOcL
62. riwMWeg1NS87UNk0IWo9Md9OvYFL0Ss0cK6f8IPNDBFDX4QpRf/D8n10v78PWGjr
63. xlV5NRm2EVrEMSrFaUGlUlEuoxi0UrDLE/8yz7QXJZU=
64. </dsig:Y>
65. </dsig:DSAKeyValue>
66. </dsig:KeyValue>
67.                             </dsig:KeyInfo>
68.         </dsig:Signature></saml:Assertion>
69. <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
70.             <dsig:SignedInfo xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
71.                 <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
72.                 <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
73.                 <dsig:Reference URI="#identifier_1">
74.                         <dsig:Transforms>
75.                             <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
76.                             <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
77.                         </dsig:Transforms>
78.                         <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
79.                         <dsig:DigestValue></dsig:DigestValue>
80.                     </dsig:Reference>
81.             </dsig:SignedInfo>
82.             <dsig:SignatureValue></dsig:SignatureValue>
83.             <dsig:KeyInfo>
84.                              <dsig:KeyValue>
85. <dsig:DSAKeyValue>
86. <dsig:P>
87. </dsig:P>
88. <dsig:Q>
89. </dsig:Q>
90. <dsig:G>
91. </dsig:G>
92. <dsig:Y>
93. </dsig:Y>
94. </dsig:DSAKeyValue>
95. </dsig:KeyValue>
96.                             </dsig:KeyInfo>
97.         </dsig:Signature>
98.         </samlp:Response>