Fix: Behat tests fail with signature validation errors

Since simplesamlphp/saml2 3.2.0 RSA_SHA256 is the default, this somehow breaks verification with a key that is loaded with RSA_SHA1, where this worked before. Because all signatures should in fact be signed using RSA SHA-265, we should use that. This works with saml2 version before 3.2.0 as well. Tested with surfnet/stepup-saml-bundle 4.1.2
OpenConext · Jul 31, 2019 · debc3fd · debc3fd
1 parent 4099bce
commit debc3fd
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/Features/Context/GsspContext.php b/src/Features/Context/GsspContext.php
@@ -528,7 +528,7 @@ private static function loadPrivateKey(PrivateKey $key)
      */
     private static function loadPublicKey($publicKey)
     {
-        $key = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, ['type' => 'public']);
+        $key = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, ['type' => 'public']);
         $key->loadKey($publicKey, true);
 
         return $key;