diff --git a/resources/schemas/ws-securitypolicy-1.2.xsd b/resources/schemas/ws-securitypolicy-1.2.xsd
index 710acf4b..b52f120d 100644
--- a/resources/schemas/ws-securitypolicy-1.2.xsd
+++ b/resources/schemas/ws-securitypolicy-1.2.xsd
@@ -29,7 +29,7 @@ MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
 	blockDefault="#all" >
 
   <xs:import namespace="http://www.w3.org/2005/08/addressing" 
-		schemaLocation="http://www.w3.org/2006/03/addressing/ws-addr.xsd" />
+		schemaLocation="ws-addr.xsd" />
 
   <!--
 	4. Protection Assertions
@@ -78,6 +78,13 @@ MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
       </xs:documentation>
     </xs:annotation>
   </xs:element>
+  <xs:element name="ContentEncryptedElements" type="tns:SerElementsType" >
+    <xs:annotation>
+      <xs:documentation xml:lang="en">
+        4.2.3 ContentEncryptedElements Assertion
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
   <xs:element name="RequiredElements" type="tns:SerElementsType" >
     <xs:annotation>
       <xs:documentation xml:lang="en" >
@@ -94,6 +101,21 @@ MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
     <xs:anyAttribute namespace="##any" processContents="lax" />
   </xs:complexType>
 
+  <xs:element name="RequiredParts" type="tns:ReqPartsType" >
+    <xs:annotation>
+      <xs:documentation xml:lang="en">
+        4.3.2 RequiredParts Assertion
+      </xs:documentation>
+    </xs:annotation>
+  </xs:element>
+  <xs:complexType name="ReqPartsType">
+    <xs:sequence>
+      <xs:element name="Header" type="tns:HeaderType" minOccurs="0" maxOccurs="unbounded" />
+      <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax"/>
+    </xs:sequence>
+    <xs:anyAttribute namespace="##any" processContents="lax" />
+  </xs:complexType>
+  
   <!--
 	5. Token Assertions
 	-->
@@ -109,11 +131,11 @@ MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
   </xs:simpleType>
   <xs:simpleType name="IncludeTokenType">
     <xs:restriction base="xs:anyURI" >
-      <xs:enumeration value="http://docs.oasis-open.org/ws-sx/ws-trust/200702/ws-securitypolicy/IncludeToken/Never" />
-      <xs:enumeration value="http://docs.oasis-open.org/ws-sx/ws-trust/200702/ws-securitypolicy/IncludeToken/Once" />
-      <xs:enumeration value="http://docs.oasis-open.org/ws-sx/ws-trust/200702/ws-securitypolicy/IncludeToken/AlwaysToRecipient" />
-      <xs:enumeration value="http://docs.oasis-open.org/ws-sx/ws-trust/200702/ws-securitypolicy/IncludeToken/AlwaysToInitiator" />
-      <xs:enumeration value="http://docs.oasis-open.org/ws-sx/ws-trust/200702/ws-securitypolicy/IncludeToken/Always" />
+      <xs:enumeration value="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never" />
+      <xs:enumeration value="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Once" />
+      <xs:enumeration value="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient" />
+      <xs:enumeration value="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToInitiator" />
+      <xs:enumeration value="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always" />
     </xs:restriction>
   </xs:simpleType>
 
@@ -1194,7 +1216,7 @@ MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
       </xs:documentation>
     </xs:annotation>
   </xs:element>
-  <xs:element name="RequireAppiesTo" type="tns:QNameAssertionType">
+  <xs:element name="RequireAppliesTo" type="tns:QNameAssertionType">
     <xs:annotation>
       <xs:documentation xml:lang="en">
         10.1 Trust13 Assertion
@@ -1202,4 +1224,4 @@ MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
     </xs:annotation>
   </xs:element>
   
-</xs:schema>
\ No newline at end of file
+</xs:schema>
diff --git a/src/Constants.php b/src/Constants.php
index 1a84f602..e8e6596a 100644
--- a/src/Constants.php
+++ b/src/Constants.php
@@ -42,6 +42,11 @@ class Constants extends \SimpleSAML\SAML2\Constants
      */
     public const NS_SEC_EXT = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
 
+    /**
+     * The namespace for WS Security Policy.
+     */
+    public const NS_SEC_POLICY = 'http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702';
+
     /**
      * The namespace for WS-Security utilities protocol.
      */
diff --git a/src/Utils/XPath.php b/src/Utils/XPath.php
new file mode 100644
index 00000000..cba95d16
--- /dev/null
+++ b/src/Utils/XPath.php
@@ -0,0 +1,41 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\Utils;
+
+use DOMNode;
+use DOMXPath;
+use SimpleSAML\WSSecurity\Constants as C;
+
+/**
+ * Compilation of utilities for XPath.
+ *
+ * @package tvdijen/wssecurity
+ */
+class XPath extends \SimpleSAML\XMLSecurity\Utils\XPath
+{
+    /**
+     * Get a DOMXPath object that can be used to search for WS Security elements.
+     *
+     * @param \DOMNode $node The document to associate to the DOMXPath object.
+     *
+     * @return \DOMXPath A DOMXPath object ready to use in the given document, with several
+     *   ws-related namespaces already registered.
+     */
+    public static function getXPath(DOMNode $node): DOMXPath
+    {
+        $xp = parent::getXPath($node);
+
+        $xp->registerNamespace('addr', C::NS_ADDR);
+        $xp->registerNamespace('auth', C::NS_AUTH);
+        $xp->registerNamespace('fed', C::NS_FED);
+        $xp->registerNamespace('trust', C::NS_TRUST);
+        $xp->registerNamespace('policy', C::NS_POLICY);
+        $xp->registerNamespace('sp', C::NS_SEC_POLICY);
+        $xp->registerNamespace('wsse', C::NS_SEC_EXT);
+        $xp->registerNamespace('wsu', C::NS_SEC_UTIL);
+
+        return $xp;
+    }
+}
diff --git a/src/XML/sp/AbsXPath.php b/src/XML/sp/AbsXPath.php
new file mode 100644
index 00000000..b59ff705
--- /dev/null
+++ b/src/XML/sp/AbsXPath.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An AbsXPath element
+ *
+ * @package tvdijen/ws-security
+ */
+final class AbsXPath extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/AbstractEmptyType.php b/src/XML/sp/AbstractEmptyType.php
new file mode 100644
index 00000000..f3ad5444
--- /dev/null
+++ b/src/XML/sp/AbstractEmptyType.php
@@ -0,0 +1,64 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+use DOMElement;
+use SimpleSAML\Assert\Assert;
+use SimpleSAML\XML\Exception\InvalidDOMElementException;
+
+use function sprintf;
+
+/**
+ * Class representing WS security policy EmptyType.
+ *
+ * @package tvdijen/ws-security
+ */
+abstract class AbstractEmptyType extends AbstractSpElement
+{
+    /**
+     * AbstractEmptyType constructor.
+     */
+    final public function __construct()
+    {
+    }
+
+
+    /**
+     * Initialize an EmptyType.
+     *
+     * Note: this method cannot be used when extending this class, if the constructor has a different signature.
+     *
+     * @param \DOMElement $xml The XML element we should load.
+     * @return static
+     *
+     * @throws \SimpleSAML\XML\Exception\InvalidDOMElementException
+     *   if the qualified name of the supplied element is wrong
+     */
+    public static function fromXML(DOMElement $xml): static
+    {
+        $qualifiedName = static::getClassName(static::class);
+        Assert::eq(
+            $xml->localName,
+            $qualifiedName,
+            sprintf('Unexpected name for EmptyType: %s. Expected: %s.', $xml->localName, $qualifiedName),
+            InvalidDOMElementException::class
+        );
+
+
+        return new static();
+    }
+
+
+    /**
+     * Convert this element to XML.
+     *
+     * @param \DOMElement|null $parent The element we should append this element to.
+     * @return \DOMElement
+     */
+    public function toXML(DOMElement $parent = null): DOMElement
+    {
+        return $this->instantiateParentElement($parent);
+    }
+}
diff --git a/src/XML/sp/AbstractHeaderType.php b/src/XML/sp/AbstractHeaderType.php
new file mode 100644
index 00000000..08d65115
--- /dev/null
+++ b/src/XML/sp/AbstractHeaderType.php
@@ -0,0 +1,129 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+use DOMElement;
+use SimpleSAML\Assert\Assert;
+use SimpleSAML\XML\Exception\InvalidDOMElementException;
+use SimpleSAML\XML\ExtendableAttributesTrait;
+use SimpleSAML\XML\XsNamespace as NS;
+
+use function sprintf;
+
+/**
+ * Class representing WS security policy HeaderType.
+ *
+ * @package tvdijen/ws-security
+ */
+abstract class AbstractHeaderType extends AbstractSpElement
+{
+    use ExtendableAttributesTrait;
+
+    /** The namespace-attribute for the xs:anyAttribute element */
+    public const XS_ANY_ATTR_NAMESPACE = NS::ANY;
+
+
+    /**
+     * AbstractHeaderType constructor.
+     *
+     * @param string $namespace
+     * @param string|null $name
+     * @param list<\SimpleSAML\XML\Attribute> $namespacedAttributes
+     */
+    final public function __construct(
+        protected string $namespace,
+        protected ?string $name = null,
+        array $namespacedAttributes = []
+    ) {
+        Assert::nullOrValidURI($namespace);
+        Assert::validQName($name);
+
+        $this->setAttributesNS($namespacedAttributes);
+    }
+
+
+    /**
+     * Collect the value of the Name property.
+     *
+     * @return string|null
+     */
+    public function getName(): ?string
+    {
+        return $this->name;
+    }
+
+
+    /**
+     * Collect the value of the Namespace property.
+     *
+     * @return string
+     */
+    public function getNamespace(): string
+    {
+        return $this->namespace;
+    }
+
+
+    /**
+     * Initialize an HeaderType.
+     *
+     * Note: this method cannot be used when extending this class, if the constructor has a different signature.
+     *
+     * @param \DOMElement $xml The XML element we should load.
+     * @return static
+     *
+     * @throws \SimpleSAML\XML\Exception\InvalidDOMElementException
+     *   if the qualified name of the supplied element is wrong
+     */
+    public static function fromXML(DOMElement $xml): static
+    {
+        $qualifiedName = static::getClassName(static::class);
+        Assert::eq(
+            $xml->localName,
+            $qualifiedName,
+            sprintf('Unexpected name for HeaderType: %s. Expected: %s.', $xml->localName, $qualifiedName),
+            InvalidDOMElementException::class
+        );
+
+        $namespacedAttributes = self::getAttributesNSFromXML($xml);
+        foreach ($namespacedAttributes as $i => $attr) {
+            if ($attr->getNamespaceURI() === null) {
+                if ($attr->getAttrName() === 'Name' || $attr->getAttrName() === 'Namespace') {
+                    unset($namespacedAttributes[$i]);
+                }
+            }
+        }
+
+        return new static(
+            self::getAttribute($xml, 'Namespace'),
+            self::getOptionalAttribute($xml, 'Name', null),
+            $namespacedAttributes,
+        );
+    }
+
+
+    /**
+     * Convert this element to XML.
+     *
+     * @param \DOMElement|null $parent The element we should append this element to.
+     * @return \DOMElement
+     */
+    public function toXML(DOMElement $parent = null): DOMElement
+    {
+        $e = $this->instantiateParentElement($parent);
+
+        if ($this->getName() !== null) {
+            $e->setAttribute('Name', $this->getName());
+        }
+
+        $e->setAttribute('Namespace', $this->getNamespace());
+
+        foreach ($this->getAttributesNS() as $attr) {
+            $attr->toXML($e);
+        }
+
+        return $e;
+    }
+}
diff --git a/src/XML/sp/AbstractIssuedTokenType.php b/src/XML/sp/AbstractIssuedTokenType.php
new file mode 100644
index 00000000..e673aba0
--- /dev/null
+++ b/src/XML/sp/AbstractIssuedTokenType.php
@@ -0,0 +1,186 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+use DOMElement;
+use SimpleSAML\Assert\Assert;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\Exception\InvalidDOMElementException;
+use SimpleSAML\XML\Exception\MissingElementException;
+use SimpleSAML\XML\Exception\SchemaViolationException;
+use SimpleSAML\XML\Exception\TooManyElementsException;
+use SimpleSAML\XML\ExtendableAttributesTrait;
+use SimpleSAML\XML\ExtendableElementTrait;
+use SimpleSAML\XML\XsNamespace as NS;
+use ValueError;
+
+use function array_pop;
+use function is_string;
+use function sprintf;
+
+/**
+ * Class representing WS security policy IssuedTokenType.
+ *
+ * @package tvdijen/ws-security
+ */
+abstract class AbstractIssuedTokenType extends AbstractSpElement
+{
+    use ExtendableAttributesTrait;
+    use ExtendableElementTrait;
+    use IncludeTokenTypeTrait;
+
+    /** The namespace-attribute for the xs:any element */
+    public const XS_ANY_ELT_NAMESPACE = NS::OTHER;
+
+    /** The namespace-attribute for the xs:anyAttribute element */
+    public const XS_ANY_ATTR_NAMESPACE = NS::ANY;
+
+
+    /**
+     * IssuedTokenType constructor.
+     *
+     * @param \SimpleSAML\WSSecurity\XML\sp\RequestSecurityTokenTemplate
+     * @param \SimpleSAML\WSSecurity\XML\sp\Issuer|\SimpleSAML\WSSecurity\XML\sp\IssuerName|null $issuer
+     * @param \SimpleSAML\WSSecurity\XML\sp\IncludeToken|null $includeToken
+     * @param list<\SimpleSAML\XML\ElementInterface> $elts
+     * @param list<\SimpleSAML\XML\Attribute> $namespacedAttributes
+     */
+    final public function __construct(
+        protected RequestSecurityTokenTemplate $requestSecurityTokenTemplate,
+        protected Issuer|IssuerName|null $issuer,
+        ?IncludeToken $includeToken = null,
+        array $elts = [],
+        array $namespacedAttributes = []
+    ) {
+        $this->setIncludeToken($includeToken);
+        $this->setElements($elts);
+        $this->setAttributesNS($namespacedAttributes);
+    }
+
+
+    /**
+     * Collect the value of the Issuer property.
+     *
+     * @return \SimpleSAML\WSSecurity\XML\sp\Issuer|\SimpleSAML\WSSecurity\XML\sp\IssuerName|null
+     */
+    public function getIssuer(): Issuer|IssuerName|null
+    {
+        return $this->issuer;
+    }
+
+
+    /**
+     * Collect the value of the RequestSecurityTokenTemplate property.
+     *
+     * @return \SimpleSAML\WSSecurity\XML\sp\RequestSecurityTokenTemplate
+     */
+    public function getRequestSecurityTokenTemplate(): RequestSecurityTokenTemplate
+    {
+        return $this->requestSecurityTokenTemplate;
+    }
+
+
+    /**
+     * Initialize an IssuedTokenType.
+     *
+     * Note: this method cannot be used when extending this class, if the constructor has a different signature.
+     *
+     * @param \DOMElement $xml The XML element we should load.
+     * @return static
+     *
+     * @throws \SimpleSAML\XML\Exception\InvalidDOMElementException
+     *   if the qualified name of the supplied element is wrong
+     */
+    public static function fromXML(DOMElement $xml): static
+    {
+        $qualifiedName = static::getClassName(static::class);
+        Assert::eq(
+            $xml->localName,
+            $qualifiedName,
+            sprintf('Unexpected name for IssuedTokenType: %s. Expected: %s.', $xml->localName, $qualifiedName),
+            InvalidDOMElementException::class
+        );
+
+        $issuer = Issuer::getChildrenOfClass($xml);
+        $issuerName = IssuerName::getChildrenOfClass($xml);
+        $issuer = array_merge($issuer, $issuerName);
+
+        $requestSecurityTokenTemplate = RequestSecurityTokenTemplate::getChildrenOfClass($xml);
+        Assert::minCount($requestSecurityTokenTemplate, 1, MissingElementException::class);
+        Assert::maxCount($requestSecurityTokenTemplate, 1, TooManyElementsException::class);
+
+        try {
+            $includeToken = IncludeToken::from(self::getOptionalAttribute($xml, 'IncludeToken', null));
+        } catch (ValueError) {
+            self::getOptionalAttribute($xml, 'IncludeToken', null);
+        }
+
+        $elements = [];
+        foreach ($xml->childNodes as $element) {
+            if ($element->namespaceURI === static::NS) {
+                continue;
+            } elseif (!($element instanceof DOMElement)) {
+                continue;
+            }
+
+            $elements[] = new Chunk($element);
+        }
+
+        $namespacedAttributes = self::getAttributesNSFromXML($xml);
+        foreach ($namespacedAttributes as $i => $attr) {
+            if ($attr->getNamespaceURI() === null) {
+                if ($attr->getAttrName() === 'IncludeToken') {
+                    unset($namespacedAttributes[$i]);
+                    break;
+                }
+            }
+        }
+
+
+        return new static(
+            $requestSecurityTokenTemplate[0],
+            array_pop($issuer),
+            $includeToken,
+            $elements,
+            $namespacedAttributes,
+        );
+    }
+
+
+    /**
+     * Convert this element to XML.
+     *
+     * @param \DOMElement|null $parent The element we should append this element to.
+     * @return \DOMElement
+     */
+    public function toXML(DOMElement $parent = null): DOMElement
+    {
+        $e = $this->instantiateParentElement($parent);
+
+        if ($this->getIncludeToken() !== null) {
+            $e->setAttribute(
+                'IncludeToken',
+                is_string($this->getIncludeToken()) ? $this->getIncludeToken() : $this->getIncludeToken()->value,
+            );
+        }
+
+        if ($this->getIssuer() !== null) {
+            $this->getIssuer()->toXML($e);
+        }
+
+        $this->getRequestSecurityTokenTemplate()->toXML($e);
+
+        foreach ($this->getElements() as $elt) {
+            /** @psalm-var \SimpleSAML\XML\SerializableElementInterface $elt */
+            $elt->toXML($e);
+        }
+
+        foreach ($this->getAttributesNS() as $attr) {
+            $attr->toXML($e);
+        }
+
+        return $e;
+    }
+}
diff --git a/src/XML/sp/AbstractKeyValueTokenType.php b/src/XML/sp/AbstractKeyValueTokenType.php
new file mode 100644
index 00000000..4faa2d8f
--- /dev/null
+++ b/src/XML/sp/AbstractKeyValueTokenType.php
@@ -0,0 +1,157 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+use DOMElement;
+use SimpleSAML\Assert\Assert;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\Exception\InvalidDOMElementException;
+use SimpleSAML\XML\Exception\MissingElementException;
+use SimpleSAML\XML\Exception\SchemaViolationException;
+use SimpleSAML\XML\Exception\TooManyElementsException;
+use SimpleSAML\XML\ExtendableAttributesTrait;
+use SimpleSAML\XML\ExtendableElementTrait;
+use SimpleSAML\XML\XsNamespace as NS;
+use ValueError;
+
+use function array_pop;
+use function is_string;
+use function sprintf;
+
+/**
+ * Class representing WS security policy KeyValueTokenType.
+ *
+ * @package tvdijen/ws-security
+ */
+abstract class AbstractKeyValueTokenType extends AbstractSpElement
+{
+    use ExtendableAttributesTrait;
+    use ExtendableElementTrait;
+    use IncludeTokenTypeTrait;
+
+    /** The namespace-attribute for the xs:any element */
+    public const XS_ANY_ELT_NAMESPACE = NS::OTHER;
+
+    /** The namespace-attribute for the xs:anyAttribute element */
+    public const XS_ANY_ATTR_NAMESPACE = NS::ANY;
+
+
+    /**
+     * KeyValueTokenType constructor.
+     *
+     * @param \SimpleSAML\WSSecurity\XML\sp\IncludeToken|null $includeToken
+     * @param list<\SimpleSAML\XML\ElementInterface> $elts
+     * @param list<\SimpleSAML\XML\Attribute> $namespacedAttributes
+     */
+    final public function __construct(
+        ?IncludeToken $includeToken = null,
+        array $elts = [],
+        array $namespacedAttributes = []
+    ) {
+        $this->setIncludeToken($includeToken);
+        $this->setElements($elts);
+        $this->setAttributesNS($namespacedAttributes);
+    }
+
+
+    /**
+     * Test if an object, at the state it's in, would produce an empty XML-element
+     *
+     * @return bool
+     */
+    public function isEmptyElement(): bool
+    {
+        return empty($this->getIncludeToken())
+            && empty($this->getAttributesNS())
+            && empty($this->getElements());
+    }
+
+
+    /**
+     * Initialize an KeyValueTokenType.
+     *
+     * Note: this method cannot be used when extending this class, if the constructor has a different signature.
+     *
+     * @param \DOMElement $xml The XML element we should load.
+     * @return static
+     *
+     * @throws \SimpleSAML\XML\Exception\InvalidDOMElementException
+     *   if the qualified name of the supplied element is wrong
+     */
+    public static function fromXML(DOMElement $xml): static
+    {
+        $qualifiedName = static::getClassName(static::class);
+        Assert::eq(
+            $xml->localName,
+            $qualifiedName,
+            sprintf('Unexpected name for KeyValueTokenType: %s. Expected: %s.', $xml->localName, $qualifiedName),
+            InvalidDOMElementException::class
+        );
+
+        try {
+            $includeToken = IncludeToken::from(self::getOptionalAttribute($xml, 'IncludeToken', null));
+        } catch (ValueError) {
+            self::getOptionalAttribute($xml, 'IncludeToken', null);
+        }
+
+        $elements = [];
+        foreach ($xml->childNodes as $element) {
+            if ($element->namespaceURI === static::NS) {
+                continue;
+            } elseif (!($element instanceof DOMElement)) {
+                continue;
+            }
+
+            $elements[] = new Chunk($element);
+        }
+
+        $namespacedAttributes = self::getAttributesNSFromXML($xml);
+        foreach ($namespacedAttributes as $i => $attr) {
+            if ($attr->getNamespaceURI() === null) {
+                if ($attr->getAttrName() === 'IncludeToken') {
+                    unset($namespacedAttributes[$i]);
+                    break;
+                }
+            }
+        }
+
+
+        return new static(
+            $includeToken,
+            $elements,
+            $namespacedAttributes,
+        );
+    }
+
+
+    /**
+     * Convert this element to XML.
+     *
+     * @param \DOMElement|null $parent The element we should append this element to.
+     * @return \DOMElement
+     */
+    public function toXML(DOMElement $parent = null): DOMElement
+    {
+        $e = $this->instantiateParentElement($parent);
+
+        if ($this->getIncludeToken() !== null) {
+            $e->setAttribute(
+                'IncludeToken',
+                is_string($this->getIncludeToken()) ? $this->getIncludeToken() : $this->getIncludeToken()->value,
+            );
+        }
+
+        foreach ($this->getElements() as $elt) {
+            /** @psalm-var \SimpleSAML\XML\SerializableElementInterface $elt */
+            $elt->toXML($e);
+        }
+
+        foreach ($this->getAttributesNS() as $attr) {
+            $attr->toXML($e);
+        }
+
+        return $e;
+    }
+}
diff --git a/src/XML/sp/AbstractNestedPolicyType.php b/src/XML/sp/AbstractNestedPolicyType.php
new file mode 100644
index 00000000..e19c3ee6
--- /dev/null
+++ b/src/XML/sp/AbstractNestedPolicyType.php
@@ -0,0 +1,109 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+use DOMElement;
+use SimpleSAML\Assert\Assert;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\ExtendableAttributesTrait;
+use SimpleSAML\XML\ExtendableElementTrait;
+use SimpleSAML\XML\Exception\InvalidDOMElementException;
+use SimpleSAML\XML\XsNamespace as NS;
+
+/**
+ * Class representing sp:NestedPolicyType
+ *
+ * @package tvdijen/ws-security
+ */
+abstract class AbstractNestedPolicyType extends AbstractSpElement
+{
+    use ExtendableAttributesTrait;
+    use ExtendableElementTrait;
+
+    /** The namespace-attribute for the xs:any element */
+    public const XS_ANY_ELT_NAMESPACE = NS::OTHER;
+
+    /** The namespace-attribute for the xs:anyAttribute element */
+    public const XS_ANY_ATTR_NAMESPACE = NS::ANY;
+
+
+    /**
+     * Initialize an AbstractNestedPolicyType.
+     *
+     * @param \SimpleSAML\XML\Chunk[] $elements
+     * @param \SimpleSAML\XML\Attribute[] $attributes
+     */
+    public function __construct(array $elements = [], array $attributes = [])
+    {
+        $this->setElements($elements);
+        $this->setAttributesNS($attributes);
+    }
+
+
+
+    /**
+     * Test if an object, at the state it's in, would produce an empty XML-element
+     *
+     * @return bool
+     */
+    public function isEmptyElement(): bool
+    {
+        return empty($this->getAttributesNS())
+            && empty($this->getElements());
+    }
+
+
+    /**
+     * Convert XML into a AbstractNestedPolicyType
+     *
+     * @param \DOMElement $xml The XML element we should load
+     * @return static
+     *
+     * @throws \SimpleSAML\XML\Exception\InvalidDOMElementException
+     *   if the qualified name of the supplied element is wrong
+     */
+    public static function fromXML(DOMElement $xml): static
+    {
+        Assert::same($xml->localName, static::getLocalName(), InvalidDOMElementException::class);
+        Assert::same($xml->namespaceURI, static::NS, InvalidDOMElementException::class);
+
+        $elements = [];
+        foreach ($xml->childNodes as $element) {
+            if ($element->namespaceURI === static::NS) {
+                continue;
+            } elseif (!($element instanceof DOMElement)) {
+                continue;
+            }
+
+            $elements[] = new Chunk($element);
+        }
+
+        return new static($elements, self::getAttributesNSFromXML($xml));
+    }
+
+
+    /**
+     * Convert this AbstractNestedPolicyType to XML.
+     *
+     * @param \DOMElement|null $parent The element we should append this AbstractNestedPolicyType to.
+     * @return \DOMElement
+     */
+    public function toXML(DOMElement $parent = null): DOMElement
+    {
+        $e = $this->instantiateParentElement($parent);
+
+        foreach ($this->getAttributesNS() as $attr) {
+            $attr->toXML($e);
+        }
+
+        foreach ($this->getElements() as $element) {
+            /** @psalm-var \SimpleSAML\XML\SerializableElementInterface $element */
+            $element->toXML($e);
+        }
+
+        return $e;
+    }
+}
diff --git a/src/XML/sp/AbstractQNameAssertionType.php b/src/XML/sp/AbstractQNameAssertionType.php
new file mode 100644
index 00000000..c22c4d6e
--- /dev/null
+++ b/src/XML/sp/AbstractQNameAssertionType.php
@@ -0,0 +1,83 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+use DOMElement;
+use SimpleSAML\Assert\Assert;
+use SimpleSAML\XML\Exception\InvalidDOMElementException;
+use SimpleSAML\XML\Exception\SchemaViolationException;
+use SimpleSAML\XML\ExtendableAttributesTrait;
+use SimpleSAML\XML\XsNamespace as NS;
+
+use function sprintf;
+
+/**
+ * Class representing WS security policy QNameAssertionType.
+ *
+ * @package tvdijen/ws-security
+ */
+abstract class AbstractQNameAssertionType extends AbstractSpElement
+{
+    use ExtendableAttributesTrait;
+
+    /** The namespace-attribute for the xs:anyAttribute element */
+    public const XS_ANY_ATTR_NAMESPACE = NS::ANY;
+
+
+    /**
+     * AbstractQNameAssertionType constructor.
+     *
+     * @param list<\SimpleSAML\XML\Attribute> $namespacedAttributes
+     */
+    final public function __construct(
+        array $namespacedAttributes = []
+    ) {
+        $this->setAttributesNS($namespacedAttributes);
+    }
+
+
+    /**
+     * Initialize an QNameAssertionType.
+     *
+     * Note: this method cannot be used when extending this class, if the constructor has a different signature.
+     *
+     * @param \DOMElement $xml The XML element we should load.
+     * @return static
+     *
+     * @throws \SimpleSAML\XML\Exception\InvalidDOMElementException
+     *   if the qualified name of the supplied element is wrong
+     */
+    public static function fromXML(DOMElement $xml): static
+    {
+        $qualifiedName = static::getClassName(static::class);
+        Assert::eq(
+            $xml->localName,
+            $qualifiedName,
+            sprintf('Unexpected name for QNameAssertion: %s. Expected: %s.', $xml->localName, $qualifiedName),
+            InvalidDOMElementException::class
+        );
+
+
+        return new static(self::getAttributesNSFromXML($xml));
+    }
+
+
+    /**
+     * Convert this element to XML.
+     *
+     * @param \DOMElement|null $parent The element we should append this element to.
+     * @return \DOMElement
+     */
+    public function toXML(DOMElement $parent = null): DOMElement
+    {
+        $e = $this->instantiateParentElement($parent);
+
+        foreach ($this->getAttributesNS() as $attr) {
+            $attr->toXML($e);
+        }
+
+        return $e;
+    }
+}
diff --git a/src/XML/sp/AbstractReqPartsType.php b/src/XML/sp/AbstractReqPartsType.php
new file mode 100644
index 00000000..65f1ee32
--- /dev/null
+++ b/src/XML/sp/AbstractReqPartsType.php
@@ -0,0 +1,145 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+use DOMElement;
+use SimpleSAML\Assert\Assert;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\Exception\InvalidDOMElementException;
+use SimpleSAML\XML\Exception\TooManyElementsException;
+use SimpleSAML\XML\ExtendableAttributesTrait;
+use SimpleSAML\XML\ExtendableElementTrait;
+use SimpleSAML\XML\XsNamespace as NS;
+
+use function array_pop;
+use function sprintf;
+
+/**
+ * Class representing WS security policy AbstractReqPartsType.
+ *
+ * @package tvdijen/ws-security
+ */
+abstract class AbstractReqPartsType extends AbstractSpElement
+{
+    use ExtendableElementTrait;
+    use ExtendableAttributesTrait;
+
+    /** The namespace-attribute for the xs:any element */
+    public const XS_ANY_ELT_NAMESPACE = NS::OTHER;
+
+    /** The namespace-attribute for the xs:anyAttribute element */
+    public const XS_ANY_ATTR_NAMESPACE = NS::ANY;
+
+
+    /**
+     * AbstractReqPartsType constructor.
+     *
+     * @param \SimpleSAML\WSSecurity\XML\sp\Header[] $header
+     * @param \SimpleSAML\XML\Chunk[] $details
+     * @param \SimpleSAML\XML\Attribute[] $namespacedAttributes
+     */
+    final public function __construct(
+        protected array $header = [],
+        array $details = [],
+        array $namespacedAttributes = []
+    ) {
+        $this->setElements($details);
+        $this->setAttributesNS($namespacedAttributes);
+    }
+
+
+    /**
+     * Collect the Header
+     *
+     * @return \SimpleSAML\WSSecurity\XML\sp\Header[]
+     */
+    public function getHeader(): array
+    {
+        return $this->header;
+    }
+
+
+    /**
+     * Test if an object, at the state it's in, would produce an empty XML-element
+     *
+     * @return bool
+     */
+    public function isEmptyElement(): bool
+    {
+        return empty($this->getElements())
+            && empty($this->getHeader())
+            && empty($this->getAttributesNS());
+    }
+
+
+    /**
+     * Initialize an ReqPartsType.
+     *
+     * Note: this method cannot be used when extending this class, if the constructor has a different signature.
+     *
+     * @param \DOMElement $xml The XML element we should load.
+     * @return static
+     *
+     * @throws \SimpleSAML\XML\Exception\InvalidDOMElementException
+     *   if the qualified name of the supplied element is wrong
+     */
+    public static function fromXML(DOMElement $xml): static
+    {
+        $qualifiedName = static::getClassName(static::class);
+        Assert::eq(
+            $xml->localName,
+            $qualifiedName,
+            sprintf('Unexpected name for Empty: %s. Expected: %s.', $xml->localName, $qualifiedName),
+            InvalidDOMElementException::class
+        );
+
+        $header = Header::getChildrenOfClass($xml);
+        Assert::maxcount($header, 1, TooManyElementsException::class);
+
+        $details = [];
+        foreach ($xml->childNodes as $detail) {
+            if (!($detail instanceof DOMElement)) {
+                continue;
+            } elseif ($detail->namespaceURI === static::NS) {
+                continue;
+            }
+
+            $details[] = new Chunk($detail);
+        }
+
+        return new static(
+            $header,
+            $details,
+            self::getAttributesNSFromXML($xml),
+        );
+    }
+
+
+    /**
+     * Convert this element to XML.
+     *
+     * @param \DOMElement|null $parent The element we should append this element to.
+     * @return \DOMElement
+     */
+    public function toXML(DOMElement $parent = null): DOMElement
+    {
+        $e = $this->instantiateParentElement($parent);
+
+        foreach ($this->getHeader() as $header) {
+            $header->toXML($e);
+        }
+
+        foreach ($this->getElements() as $elt) {
+            /** @psalm-var \SimpleSAML\XML\SerializableElementInterface $elt */
+            $elt->toXML($e);
+        }
+
+        foreach ($this->getAttributesNS() as $attr) {
+            $attr->toXML($e);
+        }
+
+        return $e;
+    }
+}
diff --git a/src/XML/sp/AbstractRequestSecurityTokenTemplateType.php b/src/XML/sp/AbstractRequestSecurityTokenTemplateType.php
new file mode 100644
index 00000000..09217385
--- /dev/null
+++ b/src/XML/sp/AbstractRequestSecurityTokenTemplateType.php
@@ -0,0 +1,155 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+use DOMElement;
+use SimpleSAML\Assert\Assert;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\Exception\InvalidDOMElementException;
+use SimpleSAML\XML\Exception\SchemaViolationException;
+use SimpleSAML\XML\ExtendableAttributesTrait;
+use SimpleSAML\XML\ExtendableElementTrait;
+use SimpleSAML\XML\XsNamespace as NS;
+
+use function sprintf;
+
+/**
+ * Class representing WS security policy RequestSecurityTokenTemplateType.
+ *
+ * @package tvdijen/ws-security
+ */
+abstract class AbstractRequestSecurityTokenTemplateType extends AbstractSpElement
+{
+    use ExtendableAttributesTrait;
+    use ExtendableElementTrait;
+
+    /** The namespace-attribute for the xs:any element */
+    public const XS_ANY_ELT_NAMESPACE = NS::OTHER;
+
+    /** The namespace-attribute for the xs:anyAttribute element */
+    public const XS_ANY_ATTR_NAMESPACE = NS::ANY;
+
+
+    /**
+     * AbstractRequestSecurityTokenTemplateType constructor.
+     *
+     * @param string|null $trustVersion
+     * @param list<\SimpleSAML\XML\ElementInterface> $elts
+     * @param list<\SimpleSAML\XML\Attribute> $namespacedAttributes
+     */
+    final public function __construct(
+        protected ?string $trustVersion = null,
+        array $elts = [],
+        array $namespacedAttributes = []
+    ) {
+        Assert::nullOrValidURI($trustVersion);
+
+        $this->setElements($elts);
+        $this->setAttributesNS($namespacedAttributes);
+    }
+
+
+    /**
+     * Collect the value of the trustVersion property.
+     *
+     * @return string|null
+     */
+    public function getTrustVersion(): ?string
+    {
+        return $this->trustVersion;
+    }
+
+
+    /**
+     * Test if an object, at the state it's in, would produce an empty XML-element
+     *
+     * @return bool
+     */
+    public function isEmptyElement(): bool
+    {
+        return empty($this->trustVersion) && empty($this->elements) && empty($this->namespacedAttributes);
+    }
+
+
+    /**
+     * Initialize an RequestSecurityTokenTemplateType.
+     *
+     * Note: this method cannot be used when extending this class, if the constructor has a different signature.
+     *
+     * @param \DOMElement $xml The XML element we should load.
+     * @return static
+     *
+     * @throws \SimpleSAML\XML\Exception\InvalidDOMElementException
+     *   if the qualified name of the supplied element is wrong
+     */
+    public static function fromXML(DOMElement $xml): static
+    {
+        $qualifiedName = static::getClassName(static::class);
+        Assert::eq(
+            $xml->localName,
+            $qualifiedName,
+            sprintf(
+                'Unexpected name for RequestSecurityTokenTemplateType: %s. Expected: %s.',
+                $xml->localName,
+                $qualifiedName,
+            ),
+            InvalidDOMElementException::class
+        );
+
+        $elements = [];
+        foreach ($xml->childNodes as $element) {
+            if ($element->namespaceURI === static::NS) {
+                continue;
+            } elseif (!($element instanceof DOMElement)) {
+                continue;
+            }
+
+            $elements[] = new Chunk($element);
+        }
+
+        $namespacedAttributes = self::getAttributesNSFromXML($xml);
+        foreach ($namespacedAttributes as $i => $attr) {
+            if ($attr->getNamespaceURI() === null) {
+                if ($attr->getAttrName() === 'TrustVersion') {
+                    unset($namespacedAttributes[$i]);
+                    break;
+                }
+            }
+        }
+
+        return new static(
+            self::getOptionalAttribute($xml, 'TrustVersion', null),
+            $elements,
+            $namespacedAttributes,
+        );
+    }
+
+
+    /**
+     * Convert this element to XML.
+     *
+     * @param \DOMElement|null $parent The element we should append this element to.
+     * @return \DOMElement
+     */
+    public function toXML(DOMElement $parent = null): DOMElement
+    {
+        $e = $this->instantiateParentElement($parent);
+
+        if ($this->getTrustVersion() !== null) {
+            $e->setAttribute('TrustVersion', $this->getTrustVersion());
+        }
+
+        foreach ($this->getElements() as $elt) {
+            /** @psalm-var \SimpleSAML\XML\SerializableElementInterface $elt */
+            $elt->toXML($e);
+        }
+
+        foreach ($this->getAttributesNS() as $attr) {
+            $attr->toXML($e);
+        }
+
+        return $e;
+    }
+}
diff --git a/src/XML/sp/AbstractSePartsType.php b/src/XML/sp/AbstractSePartsType.php
new file mode 100644
index 00000000..179cb8c7
--- /dev/null
+++ b/src/XML/sp/AbstractSePartsType.php
@@ -0,0 +1,187 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+use DOMElement;
+use SimpleSAML\Assert\Assert;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\Exception\InvalidDOMElementException;
+use SimpleSAML\XML\Exception\TooManyElementsException;
+use SimpleSAML\XML\ExtendableAttributesTrait;
+use SimpleSAML\XML\ExtendableElementTrait;
+use SimpleSAML\XML\XsNamespace as NS;
+
+use function array_pop;
+use function sprintf;
+
+/**
+ * Class representing WS security policy AbstractSePartsType.
+ *
+ * @package tvdijen/ws-security
+ */
+abstract class AbstractSePartsType extends AbstractSpElement
+{
+    use ExtendableElementTrait;
+    use ExtendableAttributesTrait;
+
+    /** The namespace-attribute for the xs:any element */
+    public const XS_ANY_ELT_NAMESPACE = NS::OTHER;
+
+    /** The namespace-attribute for the xs:anyAttribute element */
+    public const XS_ANY_ATTR_NAMESPACE = NS::ANY;
+
+
+    /**
+     * AbstractSePartsType constructor.
+     *
+     * @param \SimpleSAML\WSSecurity\XML\sp\Body|null $body
+     * @param \SimpleSAML\WSSecurity\XML\sp\Header[] $header
+     * @param \SimpleSAML\WSSecurity\XML\sp\Attachments|null $attachments
+     * @param \SimpleSAML\XML\Chunk[] $details
+     * @param \SimpleSAML\XML\Attribute[] $namespacedAttributes
+     */
+    final public function __construct(
+        protected ?Body $body = null,
+        protected array $header = [],
+        protected ?Attachments $attachments = null,
+        array $details = [],
+        array $namespacedAttributes = []
+    ) {
+        $this->setElements($details);
+        $this->setAttributesNS($namespacedAttributes);
+    }
+
+
+    /**
+     * Collect the Body
+     *
+     * @return \SimpleSAML\WSSecurity\XML\sp\Body|null
+     */
+    public function getBody(): ?Body
+    {
+        return $this->body;
+    }
+
+
+    /**
+     * Collect the Header
+     *
+     * @return \SimpleSAML\WSSecurity\XML\sp\Header[]
+     */
+    public function getHeader(): array
+    {
+        return $this->header;
+    }
+
+
+    /**
+     * Collect the Attachments
+     *
+     * @return \SimpleSAML\WSSecurity\XML\sp\Attachments|null
+     */
+    public function getAttachments(): ?Attachments
+    {
+        return $this->attachments;
+    }
+
+
+    /**
+     * Test if an object, at the state it's in, would produce an empty XML-element
+     *
+     * @return bool
+     */
+    public function isEmptyElement(): bool
+    {
+        return empty($this->getElements())
+            && empty($this->getBody())
+            && empty($this->getHeader())
+            && empty($this->getAttachments())
+            && empty($this->getAttributesNS());
+    }
+
+
+    /**
+     * Initialize an SePartsType.
+     *
+     * Note: this method cannot be used when extending this class, if the constructor has a different signature.
+     *
+     * @param \DOMElement $xml The XML element we should load.
+     * @return static
+     *
+     * @throws \SimpleSAML\XML\Exception\InvalidDOMElementException
+     *   if the qualified name of the supplied element is wrong
+     */
+    public static function fromXML(DOMElement $xml): static
+    {
+        $qualifiedName = static::getClassName(static::class);
+        Assert::eq(
+            $xml->localName,
+            $qualifiedName,
+            sprintf('Unexpected name for Empty: %s. Expected: %s.', $xml->localName, $qualifiedName),
+            InvalidDOMElementException::class
+        );
+
+        $body = Body::getChildrenOfClass($xml);
+
+        $header = Header::getChildrenOfClass($xml);
+        Assert::maxcount($header, 1, TooManyElementsException::class);
+
+        $attachments = Attachments::getChildrenOfClass($xml);
+
+        $details = [];
+        foreach ($xml->childNodes as $detail) {
+            if (!($detail instanceof DOMElement)) {
+                continue;
+            } elseif ($detail->namespaceURI === static::NS) {
+                continue;
+            }
+
+            $details[] = new Chunk($detail);
+        }
+
+        return new static(
+            array_pop($body),
+            $header,
+            array_pop($attachments),
+            $details,
+            self::getAttributesNSFromXML($xml),
+        );
+    }
+
+
+    /**
+     * Convert this element to XML.
+     *
+     * @param \DOMElement|null $parent The element we should append this element to.
+     * @return \DOMElement
+     */
+    public function toXML(DOMElement $parent = null): DOMElement
+    {
+        $e = $this->instantiateParentElement($parent);
+
+        if ($this->getBody() !== null) {
+            $this->getBody()->toXML($e);
+        }
+
+        foreach ($this->getHeader() as $header) {
+            $header->toXML($e);
+        }
+
+        if ($this->getAttachments() !== null) {
+            $this->getAttachments()->toXML($e);
+        }
+
+        foreach ($this->getElements() as $elt) {
+            /** @psalm-var \SimpleSAML\XML\SerializableElementInterface $elt */
+            $elt->toXML($e);
+        }
+
+        foreach ($this->getAttributesNS() as $attr) {
+            $attr->toXML($e);
+        }
+
+        return $e;
+    }
+}
diff --git a/src/XML/sp/AbstractSecureConversationTokenType.php b/src/XML/sp/AbstractSecureConversationTokenType.php
new file mode 100644
index 00000000..782c3b7f
--- /dev/null
+++ b/src/XML/sp/AbstractSecureConversationTokenType.php
@@ -0,0 +1,180 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+use DOMElement;
+use SimpleSAML\Assert\Assert;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\Exception\InvalidDOMElementException;
+use SimpleSAML\XML\Exception\MissingElementException;
+use SimpleSAML\XML\Exception\SchemaViolationException;
+use SimpleSAML\XML\Exception\TooManyElementsException;
+use SimpleSAML\XML\ExtendableAttributesTrait;
+use SimpleSAML\XML\ExtendableElementTrait;
+use SimpleSAML\XML\XsNamespace as NS;
+use ValueError;
+
+use function array_pop;
+use function is_string;
+use function sprintf;
+
+/**
+ * Class representing WS security policy SecureConversationTokenType.
+ *
+ * @package tvdijen/ws-security
+ */
+abstract class AbstractSecureConversationTokenType extends AbstractSpElement
+{
+    use ExtendableAttributesTrait;
+    use ExtendableElementTrait;
+    use IncludeTokenTypeTrait;
+
+    /** The namespace-attribute for the xs:any element */
+    public const XS_ANY_ELT_NAMESPACE = NS::OTHER;
+
+    /** The namespace-attribute for the xs:anyAttribute element */
+    public const XS_ANY_ATTR_NAMESPACE = NS::ANY;
+
+
+    /**
+     * SecureConversationTokenType constructor.
+     *
+     * @param \SimpleSAML\WSSecurity\XML\sp\Issuer|\SimpleSAML\WSSecurity\XML\sp\IssuerName|null $issuer
+     * @param \SimpleSAML\WSSecurity\XML\sp\IncludeToken|null $includeToken
+     * @param list<\SimpleSAML\XML\ElementInterface> $elts
+     * @param list<\SimpleSAML\XML\Attribute> $namespacedAttributes
+     */
+    final public function __construct(
+        protected Issuer|IssuerName|null $issuer,
+        ?IncludeToken $includeToken = null,
+        array $elts = [],
+        array $namespacedAttributes = []
+    ) {
+        $this->setIncludeToken($includeToken);
+        $this->setElements($elts);
+        $this->setAttributesNS($namespacedAttributes);
+    }
+
+
+    /**
+     * Collect the value of the Issuer property.
+     *
+     * @return \SimpleSAML\WSSecurity\XML\sp\Issuer|\SimpleSAML\WSSecurity\XML\sp\IssuerName|null
+     */
+    public function getIssuer(): Issuer|IssuerName|null
+    {
+        return $this->issuer;
+    }
+
+
+    /**
+     * Test if an object, at the state it's in, would produce an empty XML-element
+     *
+     * @return bool
+     */
+    public function isEmptyElement(): bool
+    {
+        return empty($this->getIssuer())
+            && empty($this->getIncludeToken())
+            && empty($this->getAttributesNS())
+            && empty($this->getElements());
+    }
+
+
+    /**
+     * Initialize an SecureConversationTokenType.
+     *
+     * Note: this method cannot be used when extending this class, if the constructor has a different signature.
+     *
+     * @param \DOMElement $xml The XML element we should load.
+     * @return static
+     *
+     * @throws \SimpleSAML\XML\Exception\InvalidDOMElementException
+     *   if the qualified name of the supplied element is wrong
+     */
+    public static function fromXML(DOMElement $xml): static
+    {
+        $qualifiedName = static::getClassName(static::class);
+        Assert::eq(
+            $xml->localName,
+            $qualifiedName,
+            sprintf('Unexpected name for IssuedTokenType: %s. Expected: %s.', $xml->localName, $qualifiedName),
+            InvalidDOMElementException::class
+        );
+
+        $issuer = Issuer::getChildrenOfClass($xml);
+        $issuerName = IssuerName::getChildrenOfClass($xml);
+        $issuer = array_merge($issuer, $issuerName);
+
+        try {
+            $includeToken = IncludeToken::from(self::getOptionalAttribute($xml, 'IncludeToken', null));
+        } catch (ValueError) {
+            self::getOptionalAttribute($xml, 'IncludeToken', null);
+        }
+
+        $elements = [];
+        foreach ($xml->childNodes as $element) {
+            if ($element->namespaceURI === static::NS) {
+                continue;
+            } elseif (!($element instanceof DOMElement)) {
+                continue;
+            }
+
+            $elements[] = new Chunk($element);
+        }
+
+        $namespacedAttributes = self::getAttributesNSFromXML($xml);
+        foreach ($namespacedAttributes as $i => $attr) {
+            if ($attr->getNamespaceURI() === null) {
+                if ($attr->getAttrName() === 'IncludeToken') {
+                    unset($namespacedAttributes[$i]);
+                    break;
+                }
+            }
+        }
+
+
+        return new static(
+            array_pop($issuer),
+            $includeToken,
+            $elements,
+            $namespacedAttributes,
+        );
+    }
+
+
+    /**
+     * Convert this element to XML.
+     *
+     * @param \DOMElement|null $parent The element we should append this element to.
+     * @return \DOMElement
+     */
+    public function toXML(DOMElement $parent = null): DOMElement
+    {
+        $e = $this->instantiateParentElement($parent);
+
+        if ($this->getIncludeToken() !== null) {
+            $e->setAttribute(
+                'IncludeToken',
+                is_string($this->getIncludeToken()) ? $this->getIncludeToken() : $this->getIncludeToken()->value,
+            );
+        }
+
+        if ($this->getIssuer() !== null) {
+            $this->getIssuer()->toXML($e);
+        }
+
+        foreach ($this->getElements() as $elt) {
+            /** @psalm-var \SimpleSAML\XML\SerializableElementInterface $elt */
+            $elt->toXML($e);
+        }
+
+        foreach ($this->getAttributesNS() as $attr) {
+            $attr->toXML($e);
+        }
+
+        return $e;
+    }
+}
diff --git a/src/XML/sp/AbstractSerElementsType.php b/src/XML/sp/AbstractSerElementsType.php
new file mode 100644
index 00000000..fb61e72f
--- /dev/null
+++ b/src/XML/sp/AbstractSerElementsType.php
@@ -0,0 +1,159 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+use DOMElement;
+use SimpleSAML\Assert\Assert;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\Exception\InvalidDOMElementException;
+use SimpleSAML\XML\Exception\SchemaViolationException;
+use SimpleSAML\XML\ExtendableAttributesTrait;
+use SimpleSAML\XML\ExtendableElementTrait;
+use SimpleSAML\XML\XsNamespace as NS;
+
+use function sprintf;
+
+/**
+ * Class representing WS security policy SetElementsType.
+ *
+ * @package tvdijen/ws-security
+ */
+abstract class AbstractSerElementsType extends AbstractSpElement
+{
+    use ExtendableAttributesTrait;
+    use ExtendableElementTrait;
+
+    /** The namespace-attribute for the xs:any element */
+    public const XS_ANY_ELT_NAMESPACE = NS::OTHER;
+
+    /** The namespace-attribute for the xs:anyAttribute element */
+    public const XS_ANY_ATTR_NAMESPACE = NS::ANY;
+
+
+    /**
+     * AbstractSerElementsType constructor.
+     *
+     * @param list<\SimpleSAML\WSSecurity\XML\sp\XPath> $xpath
+     * @param string|null $xpathVersion
+     * @param list<\SimpleSAML\XML\ElementInterface> $elts
+     * @param list<\SimpleSAML\XML\Attribute> $namespacedAttributes
+     */
+    final public function __construct(
+        protected array $xpath,
+        protected ?string $xpathVersion = null,
+        array $elts = [],
+        array $namespacedAttributes = []
+    ) {
+        Assert::minCount($xpath, 1, SchemaViolationException::class);
+        Assert::nullOrValidURI($xpathVersion);
+
+        $this->setElements($elts);
+        $this->setAttributesNS($namespacedAttributes);
+    }
+
+
+    /**
+     * Collect the value of the XPath property.
+     *
+     * @return list<\SimpleSAML\WSSecurity\XML\sp\XPath>
+     */
+    public function getXPath(): array
+    {
+        return $this->xpath;
+    }
+
+
+    /**
+     * Collect the value of the XPathVersion property.
+     *
+     * @return string|null
+     */
+    public function getXPathVersion(): ?string
+    {
+        return $this->xpathVersion;
+    }
+
+
+    /**
+     * Initialize an SerElementsType.
+     *
+     * Note: this method cannot be used when extending this class, if the constructor has a different signature.
+     *
+     * @param \DOMElement $xml The XML element we should load.
+     * @return static
+     *
+     * @throws \SimpleSAML\XML\Exception\InvalidDOMElementException
+     *   if the qualified name of the supplied element is wrong
+     */
+    public static function fromXML(DOMElement $xml): static
+    {
+        $qualifiedName = static::getClassName(static::class);
+        Assert::eq(
+            $xml->localName,
+            $qualifiedName,
+            sprintf('Unexpected name for SerElementsType: %s. Expected: %s.', $xml->localName, $qualifiedName),
+            InvalidDOMElementException::class
+        );
+
+        $elements = [];
+        foreach ($xml->childNodes as $element) {
+            if ($element->namespaceURI === static::NS) {
+                continue;
+            } elseif (!($element instanceof DOMElement)) {
+                continue;
+            }
+
+            $elements[] = new Chunk($element);
+        }
+
+        $namespacedAttributes = self::getAttributesNSFromXML($xml);
+        foreach ($namespacedAttributes as $i => $attr) {
+            if ($attr->getNamespaceURI() === null) {
+                if ($attr->getAttrName() === 'XPathVersion') {
+                    unset($namespacedAttributes[$i]);
+                    break;
+                }
+            }
+        }
+
+        return new static(
+            XPath::getChildrenOfClass($xml),
+            self::getOptionalAttribute($xml, 'XPathVersion', null),
+            $elements,
+            $namespacedAttributes,
+        );
+    }
+
+
+    /**
+     * Convert this element to XML.
+     *
+     * @param \DOMElement|null $parent The element we should append this element to.
+     * @return \DOMElement
+     */
+    public function toXML(DOMElement $parent = null): DOMElement
+    {
+        $e = $this->instantiateParentElement($parent);
+
+        if ($this->getXPathVersion() !== null) {
+            $e->setAttribute('XPathVersion', $this->getXPathVersion());
+        }
+
+        foreach ($this->getXPath() as $xpath) {
+            $xpath->toXML($e);
+        }
+
+        foreach ($this->getElements() as $elt) {
+            /** @psalm-var \SimpleSAML\XML\SerializableElementInterface $elt */
+            $elt->toXML($e);
+        }
+
+        foreach ($this->getAttributesNS() as $attr) {
+            $attr->toXML($e);
+        }
+
+        return $e;
+    }
+}
diff --git a/src/XML/sp/AbstractSpElement.php b/src/XML/sp/AbstractSpElement.php
new file mode 100644
index 00000000..019b8991
--- /dev/null
+++ b/src/XML/sp/AbstractSpElement.php
@@ -0,0 +1,22 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+use SimpleSAML\XML\AbstractElement;
+use SimpleSAML\WSSecurity\Constants as C;
+
+/**
+ * Abstract class to be implemented by all the classes in this namespace
+ *
+ * @package tvdijen/ws-security
+ */
+abstract class AbstractSpElement extends AbstractElement
+{
+    /** @var string */
+    public const NS = C::NS_SEC_POLICY;
+
+    /** @var string */
+    public const NS_PREFIX = 'sp';
+}
diff --git a/src/XML/sp/AbstractSpnegoContextTokenType.php b/src/XML/sp/AbstractSpnegoContextTokenType.php
new file mode 100644
index 00000000..cf47d5b2
--- /dev/null
+++ b/src/XML/sp/AbstractSpnegoContextTokenType.php
@@ -0,0 +1,180 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+use DOMElement;
+use SimpleSAML\Assert\Assert;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\Exception\InvalidDOMElementException;
+use SimpleSAML\XML\Exception\MissingElementException;
+use SimpleSAML\XML\Exception\SchemaViolationException;
+use SimpleSAML\XML\Exception\TooManyElementsException;
+use SimpleSAML\XML\ExtendableAttributesTrait;
+use SimpleSAML\XML\ExtendableElementTrait;
+use SimpleSAML\XML\XsNamespace as NS;
+use ValueError;
+
+use function array_pop;
+use function is_string;
+use function sprintf;
+
+/**
+ * Class representing WS security policy SpnegoContextTokenType.
+ *
+ * @package tvdijen/ws-security
+ */
+abstract class AbstractSpnegoContextTokenType extends AbstractSpElement
+{
+    use ExtendableAttributesTrait;
+    use ExtendableElementTrait;
+    use IncludeTokenTypeTrait;
+
+    /** The namespace-attribute for the xs:any element */
+    public const XS_ANY_ELT_NAMESPACE = NS::OTHER;
+
+    /** The namespace-attribute for the xs:anyAttribute element */
+    public const XS_ANY_ATTR_NAMESPACE = NS::ANY;
+
+
+    /**
+     * SpnegoContextTokenType constructor.
+     *
+     * @param \SimpleSAML\WSSecurity\XML\sp\Issuer|\SimpleSAML\WSSecurity\XML\sp\IssuerName|null $issuer
+     * @param \SimpleSAML\WSSecurity\XML\sp\IncludeToken|null $includeToken
+     * @param list<\SimpleSAML\XML\ElementInterface> $elts
+     * @param list<\SimpleSAML\XML\Attribute> $namespacedAttributes
+     */
+    final public function __construct(
+        protected Issuer|IssuerName|null $issuer,
+        ?IncludeToken $includeToken = null,
+        array $elts = [],
+        array $namespacedAttributes = []
+    ) {
+        $this->setIncludeToken($includeToken);
+        $this->setElements($elts);
+        $this->setAttributesNS($namespacedAttributes);
+    }
+
+
+    /**
+     * Collect the value of the Issuer property.
+     *
+     * @return \SimpleSAML\WSSecurity\XML\sp\Issuer|\SimpleSAML\WSSecurity\XML\sp\IssuerName|null
+     */
+    public function getIssuer(): Issuer|IssuerName|null
+    {
+        return $this->issuer;
+    }
+
+
+    /**
+     * Test if an object, at the state it's in, would produce an empty XML-element
+     *
+     * @return bool
+     */
+    public function isEmptyElement(): bool
+    {
+        return empty($this->getIssuer())
+            && empty($this->getIncludeToken())
+            && empty($this->getAttributesNS())
+            && empty($this->getElements());
+    }
+
+
+    /**
+     * Initialize an SpnegoContextTokenType.
+     *
+     * Note: this method cannot be used when extending this class, if the constructor has a different signature.
+     *
+     * @param \DOMElement $xml The XML element we should load.
+     * @return static
+     *
+     * @throws \SimpleSAML\XML\Exception\InvalidDOMElementException
+     *   if the qualified name of the supplied element is wrong
+     */
+    public static function fromXML(DOMElement $xml): static
+    {
+        $qualifiedName = static::getClassName(static::class);
+        Assert::eq(
+            $xml->localName,
+            $qualifiedName,
+            sprintf('Unexpected name for IssuedTokenType: %s. Expected: %s.', $xml->localName, $qualifiedName),
+            InvalidDOMElementException::class
+        );
+
+        $issuer = Issuer::getChildrenOfClass($xml);
+        $issuerName = IssuerName::getChildrenOfClass($xml);
+        $issuer = array_merge($issuer, $issuerName);
+
+        try {
+            $includeToken = IncludeToken::from(self::getOptionalAttribute($xml, 'IncludeToken', null));
+        } catch (ValueError) {
+            self::getOptionalAttribute($xml, 'IncludeToken', null);
+        }
+
+        $elements = [];
+        foreach ($xml->childNodes as $element) {
+            if ($element->namespaceURI === static::NS) {
+                continue;
+            } elseif (!($element instanceof DOMElement)) {
+                continue;
+            }
+
+            $elements[] = new Chunk($element);
+        }
+
+        $namespacedAttributes = self::getAttributesNSFromXML($xml);
+        foreach ($namespacedAttributes as $i => $attr) {
+            if ($attr->getNamespaceURI() === null) {
+                if ($attr->getAttrName() === 'IncludeToken') {
+                    unset($namespacedAttributes[$i]);
+                    break;
+                }
+            }
+        }
+
+
+        return new static(
+            array_pop($issuer),
+            $includeToken,
+            $elements,
+            $namespacedAttributes,
+        );
+    }
+
+
+    /**
+     * Convert this element to XML.
+     *
+     * @param \DOMElement|null $parent The element we should append this element to.
+     * @return \DOMElement
+     */
+    public function toXML(DOMElement $parent = null): DOMElement
+    {
+        $e = $this->instantiateParentElement($parent);
+
+        if ($this->getIncludeToken() !== null) {
+            $e->setAttribute(
+                'IncludeToken',
+                is_string($this->getIncludeToken()) ? $this->getIncludeToken() : $this->getIncludeToken()->value,
+            );
+        }
+
+        if ($this->getIssuer() !== null) {
+            $this->getIssuer()->toXML($e);
+        }
+
+        foreach ($this->getElements() as $elt) {
+            /** @psalm-var \SimpleSAML\XML\SerializableElementInterface $elt */
+            $elt->toXML($e);
+        }
+
+        foreach ($this->getAttributesNS() as $attr) {
+            $attr->toXML($e);
+        }
+
+        return $e;
+    }
+}
diff --git a/src/XML/sp/AbstractTokenAssertionType.php b/src/XML/sp/AbstractTokenAssertionType.php
new file mode 100644
index 00000000..eb9ed4b2
--- /dev/null
+++ b/src/XML/sp/AbstractTokenAssertionType.php
@@ -0,0 +1,157 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+use DOMElement;
+use SimpleSAML\Assert\Assert;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\Exception\InvalidDOMElementException;
+use SimpleSAML\XML\Exception\MissingElementException;
+use SimpleSAML\XML\Exception\SchemaViolationException;
+use SimpleSAML\XML\Exception\TooManyElementsException;
+use SimpleSAML\XML\ExtendableAttributesTrait;
+use SimpleSAML\XML\ExtendableElementTrait;
+use SimpleSAML\XML\XsNamespace as NS;
+use ValueError;
+
+use function array_pop;
+use function is_string;
+use function sprintf;
+
+/**
+ * Class representing WS security policy TokenAssertionType.
+ *
+ * @package tvdijen/ws-security
+ */
+abstract class AbstractTokenAssertionType extends AbstractSpElement
+{
+    use ExtendableAttributesTrait;
+    use ExtendableElementTrait;
+    use IncludeTokenTypeTrait;
+
+    /** The namespace-attribute for the xs:any element */
+    public const XS_ANY_ELT_NAMESPACE = NS::OTHER;
+
+    /** The namespace-attribute for the xs:anyAttribute element */
+    public const XS_ANY_ATTR_NAMESPACE = NS::ANY;
+
+
+    /**
+     * TokenAssertionType constructor.
+     *
+     * @param \SimpleSAML\WSSecurity\XML\sp\IncludeToken|null $includeToken
+     * @param list<\SimpleSAML\XML\ElementInterface> $elts
+     * @param list<\SimpleSAML\XML\Attribute> $namespacedAttributes
+     */
+    final public function __construct(
+        ?IncludeToken $includeToken = null,
+        array $elts = [],
+        array $namespacedAttributes = []
+    ) {
+        $this->setIncludeToken($includeToken);
+        $this->setElements($elts);
+        $this->setAttributesNS($namespacedAttributes);
+    }
+
+
+    /**
+     * Test if an object, at the state it's in, would produce an empty XML-element
+     *
+     * @return bool
+     */
+    public function isEmptyElement(): bool
+    {
+        return empty($this->getIncludeToken())
+            && empty($this->getAttributesNS())
+            && empty($this->getElements());
+    }
+
+
+    /**
+     * Initialize an TokenAssertionType.
+     *
+     * Note: this method cannot be used when extending this class, if the constructor has a different signature.
+     *
+     * @param \DOMElement $xml The XML element we should load.
+     * @return static
+     *
+     * @throws \SimpleSAML\XML\Exception\InvalidDOMElementException
+     *   if the qualified name of the supplied element is wrong
+     */
+    public static function fromXML(DOMElement $xml): static
+    {
+        $qualifiedName = static::getClassName(static::class);
+        Assert::eq(
+            $xml->localName,
+            $qualifiedName,
+            sprintf('Unexpected name for TokenAssertionType: %s. Expected: %s.', $xml->localName, $qualifiedName),
+            InvalidDOMElementException::class
+        );
+
+        try {
+            $includeToken = IncludeToken::from(self::getOptionalAttribute($xml, 'IncludeToken', null));
+        } catch (ValueError) {
+            self::getOptionalAttribute($xml, 'IncludeToken', null);
+        }
+
+        $elements = [];
+        foreach ($xml->childNodes as $element) {
+            if ($element->namespaceURI === static::NS) {
+                continue;
+            } elseif (!($element instanceof DOMElement)) {
+                continue;
+            }
+
+            $elements[] = new Chunk($element);
+        }
+
+        $namespacedAttributes = self::getAttributesNSFromXML($xml);
+        foreach ($namespacedAttributes as $i => $attr) {
+            if ($attr->getNamespaceURI() === null) {
+                if ($attr->getAttrName() === 'IncludeToken') {
+                    unset($namespacedAttributes[$i]);
+                    break;
+                }
+            }
+        }
+
+
+        return new static(
+            $includeToken,
+            $elements,
+            $namespacedAttributes,
+        );
+    }
+
+
+    /**
+     * Convert this element to XML.
+     *
+     * @param \DOMElement|null $parent The element we should append this element to.
+     * @return \DOMElement
+     */
+    public function toXML(DOMElement $parent = null): DOMElement
+    {
+        $e = $this->instantiateParentElement($parent);
+
+        if ($this->getIncludeToken() !== null) {
+            $e->setAttribute(
+                'IncludeToken',
+                is_string($this->getIncludeToken()) ? $this->getIncludeToken() : $this->getIncludeToken()->value,
+            );
+        }
+
+        foreach ($this->getElements() as $elt) {
+            /** @psalm-var \SimpleSAML\XML\SerializableElementInterface $elt */
+            $elt->toXML($e);
+        }
+
+        foreach ($this->getAttributesNS() as $attr) {
+            $attr->toXML($e);
+        }
+
+        return $e;
+    }
+}
diff --git a/src/XML/sp/AlgorithmSuite.php b/src/XML/sp/AlgorithmSuite.php
new file mode 100644
index 00000000..07ee5ca8
--- /dev/null
+++ b/src/XML/sp/AlgorithmSuite.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An AlgorithmSuite element
+ *
+ * @package tvdijen/ws-security
+ */
+final class AlgorithmSuite extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/AsymmetricBinding.php b/src/XML/sp/AsymmetricBinding.php
new file mode 100644
index 00000000..21bf0d4a
--- /dev/null
+++ b/src/XML/sp/AsymmetricBinding.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An AsymmetricBinding element
+ *
+ * @package tvdijen/ws-security
+ */
+final class AsymmetricBinding extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/Attachments.php b/src/XML/sp/Attachments.php
new file mode 100644
index 00000000..65d7b910
--- /dev/null
+++ b/src/XML/sp/Attachments.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An Attachments element
+ *
+ * @package tvdijen/ws-security
+ */
+final class Attachments extends AbstractEmptyType
+{
+}
diff --git a/src/XML/sp/Basic128.php b/src/XML/sp/Basic128.php
new file mode 100644
index 00000000..bf919f63
--- /dev/null
+++ b/src/XML/sp/Basic128.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An Basic128 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic128 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/Basic128Rsa15.php b/src/XML/sp/Basic128Rsa15.php
new file mode 100644
index 00000000..da8ebab3
--- /dev/null
+++ b/src/XML/sp/Basic128Rsa15.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An Basic128Rsa15 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic128Rsa15 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/Basic128Sha256.php b/src/XML/sp/Basic128Sha256.php
new file mode 100644
index 00000000..1d76a171
--- /dev/null
+++ b/src/XML/sp/Basic128Sha256.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An Basic128Sha256 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic128Sha256 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/Basic128Sha256Rsa15.php b/src/XML/sp/Basic128Sha256Rsa15.php
new file mode 100644
index 00000000..89a97bad
--- /dev/null
+++ b/src/XML/sp/Basic128Sha256Rsa15.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An Basic128Sha256Rsa15 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic128Sha256Rsa15 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/Basic192.php b/src/XML/sp/Basic192.php
new file mode 100644
index 00000000..94131e2d
--- /dev/null
+++ b/src/XML/sp/Basic192.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An Basic192 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic192 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/Basic192Rsa15.php b/src/XML/sp/Basic192Rsa15.php
new file mode 100644
index 00000000..a28ad68b
--- /dev/null
+++ b/src/XML/sp/Basic192Rsa15.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An Basic192Rsa15 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic192Rsa15 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/Basic192Sha256.php b/src/XML/sp/Basic192Sha256.php
new file mode 100644
index 00000000..92935528
--- /dev/null
+++ b/src/XML/sp/Basic192Sha256.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An Basic192Sha256 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic192Sha256 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/Basic192Sha256Rsa15.php b/src/XML/sp/Basic192Sha256Rsa15.php
new file mode 100644
index 00000000..06856ff8
--- /dev/null
+++ b/src/XML/sp/Basic192Sha256Rsa15.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An Basic192Sha256Rsa15 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic192Sha256Rsa15 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/Basic256.php b/src/XML/sp/Basic256.php
new file mode 100644
index 00000000..c768b664
--- /dev/null
+++ b/src/XML/sp/Basic256.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An Basic256 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic256 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/Basic256Rsa15.php b/src/XML/sp/Basic256Rsa15.php
new file mode 100644
index 00000000..3994434b
--- /dev/null
+++ b/src/XML/sp/Basic256Rsa15.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An Basic256Rsa15 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic256Rsa15 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/Basic256Sha256.php b/src/XML/sp/Basic256Sha256.php
new file mode 100644
index 00000000..d70847e4
--- /dev/null
+++ b/src/XML/sp/Basic256Sha256.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An Basic256Sha256 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic256Sha256 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/Basic256Sha256Rsa15.php b/src/XML/sp/Basic256Sha256Rsa15.php
new file mode 100644
index 00000000..ac032552
--- /dev/null
+++ b/src/XML/sp/Basic256Sha256Rsa15.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An Basic256Sha256Rsa15 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic256Sha256Rsa15 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/Body.php b/src/XML/sp/Body.php
new file mode 100644
index 00000000..b90f0de8
--- /dev/null
+++ b/src/XML/sp/Body.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An Body element
+ *
+ * @package tvdijen/ws-security
+ */
+final class Body extends AbstractEmptyType
+{
+}
diff --git a/src/XML/sp/BootstrapPolicy.php b/src/XML/sp/BootstrapPolicy.php
new file mode 100644
index 00000000..0eee35c1
--- /dev/null
+++ b/src/XML/sp/BootstrapPolicy.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * A BootstrapPolicy element
+ *
+ * @package tvdijen/ws-security
+ */
+final class BootstrapPolicy extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/ContentEncryptedElements.php b/src/XML/sp/ContentEncryptedElements.php
new file mode 100644
index 00000000..b25bb8e4
--- /dev/null
+++ b/src/XML/sp/ContentEncryptedElements.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An ContentEncryptedElements element
+ *
+ * @package tvdijen/ws-security
+ */
+final class ContentEncryptedElements extends AbstractSerElementsType
+{
+}
diff --git a/src/XML/sp/EncryptBeforeSigning.php b/src/XML/sp/EncryptBeforeSigning.php
new file mode 100644
index 00000000..c6a5fa67
--- /dev/null
+++ b/src/XML/sp/EncryptBeforeSigning.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An EncryptBeforeSigning element
+ *
+ * @package tvdijen/ws-security
+ */
+final class EncryptBeforeSigning extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/EncryptSignature.php b/src/XML/sp/EncryptSignature.php
new file mode 100644
index 00000000..e834f69a
--- /dev/null
+++ b/src/XML/sp/EncryptSignature.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An EncryptSignature element
+ *
+ * @package tvdijen/ws-security
+ */
+final class EncryptSignature extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/EncryptedElements.php b/src/XML/sp/EncryptedElements.php
new file mode 100644
index 00000000..43e081a1
--- /dev/null
+++ b/src/XML/sp/EncryptedElements.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An EncryptedElements element
+ *
+ * @package tvdijen/ws-security
+ */
+final class EncryptedElements extends AbstractSerElementsType
+{
+}
diff --git a/src/XML/sp/EncryptedParts.php b/src/XML/sp/EncryptedParts.php
new file mode 100644
index 00000000..8fdf3866
--- /dev/null
+++ b/src/XML/sp/EncryptedParts.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An EncryptedParts element
+ *
+ * @package tvdijen/ws-security
+ */
+final class EncryptedParts extends AbstractSePartsType
+{
+}
diff --git a/src/XML/sp/EncryptedSupportingTokens.php b/src/XML/sp/EncryptedSupportingTokens.php
new file mode 100644
index 00000000..a5b3fb42
--- /dev/null
+++ b/src/XML/sp/EncryptedSupportingTokens.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * A EncryptedSupportingTokens element
+ *
+ * @package tvdijen/ws-security
+ */
+final class EncryptedSupportingTokens extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/EncryptionToken.php b/src/XML/sp/EncryptionToken.php
new file mode 100644
index 00000000..d5a33838
--- /dev/null
+++ b/src/XML/sp/EncryptionToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An EncryptionToken element
+ *
+ * @package tvdijen/ws-security
+ */
+final class EncryptionToken extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/EndorsingEncryptedSupportingTokens.php b/src/XML/sp/EndorsingEncryptedSupportingTokens.php
new file mode 100644
index 00000000..96a831dd
--- /dev/null
+++ b/src/XML/sp/EndorsingEncryptedSupportingTokens.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * A EndorsingEncryptedSupportingTokens element
+ *
+ * @package tvdijen/ws-security
+ */
+final class EndorsingEncryptedSupportingTokens extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/EndorsingSupportingTokens.php b/src/XML/sp/EndorsingSupportingTokens.php
new file mode 100644
index 00000000..08b041e8
--- /dev/null
+++ b/src/XML/sp/EndorsingSupportingTokens.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * A EndorsingSupportingTokens element
+ *
+ * @package tvdijen/ws-security
+ */
+final class EndorsingSupportingTokens extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/HashPassword.php b/src/XML/sp/HashPassword.php
new file mode 100644
index 00000000..62d4a368
--- /dev/null
+++ b/src/XML/sp/HashPassword.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An HashPassword element
+ *
+ * @package tvdijen/ws-security
+ */
+final class HashPassword extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/Header.php b/src/XML/sp/Header.php
new file mode 100644
index 00000000..b978f470
--- /dev/null
+++ b/src/XML/sp/Header.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An Header element
+ *
+ * @package tvdijen/ws-security
+ */
+final class Header extends AbstractHeaderType
+{
+}
diff --git a/src/XML/sp/HttpBasicAuthentication.php b/src/XML/sp/HttpBasicAuthentication.php
new file mode 100644
index 00000000..888dd16c
--- /dev/null
+++ b/src/XML/sp/HttpBasicAuthentication.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An HttpBasicAuthentication element
+ *
+ * @package tvdijen/ws-security
+ */
+final class HttpBasicAuthentication extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/HttpDigestAuthentication.php b/src/XML/sp/HttpDigestAuthentication.php
new file mode 100644
index 00000000..58cc74e3
--- /dev/null
+++ b/src/XML/sp/HttpDigestAuthentication.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An HttpDigestAuthentication element
+ *
+ * @package tvdijen/ws-security
+ */
+final class HttpDigestAuthentication extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/HttpsToken.php b/src/XML/sp/HttpsToken.php
new file mode 100644
index 00000000..0d9db241
--- /dev/null
+++ b/src/XML/sp/HttpsToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An HttpsToken element
+ *
+ * @package tvdijen/ws-security
+ */
+final class HttpsToken extends AbstractTokenAssertionType
+{
+}
diff --git a/src/XML/sp/IncludeTimestamp.php b/src/XML/sp/IncludeTimestamp.php
new file mode 100644
index 00000000..7012c452
--- /dev/null
+++ b/src/XML/sp/IncludeTimestamp.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An IncludeTimestamp element
+ *
+ * @package tvdijen/ws-security
+ */
+final class IncludeTimestamp extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/IncludeToken.php b/src/XML/sp/IncludeToken.php
new file mode 100644
index 00000000..61070d67
--- /dev/null
+++ b/src/XML/sp/IncludeToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+enum IncludeToken: string
+{
+    case Always = 'http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always';
+    case AlwaysToInitiator = 'http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToInitiator';
+    case AlwaysToRecipient = 'http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient';
+    case Once = 'http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Once';
+    case Never = 'http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never';
+}
diff --git a/src/XML/sp/IncludeTokenTypeTrait.php b/src/XML/sp/IncludeTokenTypeTrait.php
new file mode 100644
index 00000000..52e61eef
--- /dev/null
+++ b/src/XML/sp/IncludeTokenTypeTrait.php
@@ -0,0 +1,50 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+use SimpleSAML\Assert\Assert;
+
+use function is_string;
+
+/**
+ * Trait grouping common functionality for elements that can hold IncludeToken attributes.
+ *
+ * @package tvdijen/ws-security
+ */
+trait IncludeTokenTypeTrait
+{
+    /**
+     * The included token.
+     *
+     * @var \SimpleSAML\WSSecurity\XML\sp\IncludeToken|string|null
+     */
+    protected IncludeToken|string|null $includeToken;
+
+
+    /**
+     * Collect the value of the includeToken-property
+     *
+     * @return \SimpleSAML\WSSecurity\XML\sp\IncludeToken|string|null
+     */
+    public function getIncludeToken(): IncludeToken|string|null
+    {
+        return $this->includeToken;
+    }
+
+
+    /**
+     * Set the value of the includeToken-property
+     *
+     * @param \SimpleSAML\WSSecurity\XML\sp\IncludeToken|string|null $includeToken
+     */
+    protected function setIncludeToken(IncludeToken|string|null $includeToken): void
+    {
+        if (is_string($includeToken)) {
+            Assert::validURI($includeToken);
+        }
+
+        $this->includeToken = $includeToken;
+    }
+}
diff --git a/src/XML/sp/InclusiveC14N.php b/src/XML/sp/InclusiveC14N.php
new file mode 100644
index 00000000..1da447f2
--- /dev/null
+++ b/src/XML/sp/InclusiveC14N.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An InclusiveC14N element
+ *
+ * @package tvdijen/ws-security
+ */
+final class InclusiveC14N extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/InitiatorEncryptionToken.php b/src/XML/sp/InitiatorEncryptionToken.php
new file mode 100644
index 00000000..cbe395ce
--- /dev/null
+++ b/src/XML/sp/InitiatorEncryptionToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An InitiatorEncryptionToken element
+ *
+ * @package tvdijen/ws-security
+ */
+final class InitiatorEncryptionToken extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/InitiatorSignatureToken.php b/src/XML/sp/InitiatorSignatureToken.php
new file mode 100644
index 00000000..d62980d2
--- /dev/null
+++ b/src/XML/sp/InitiatorSignatureToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An InitiatorSignatureToken element
+ *
+ * @package tvdijen/ws-security
+ */
+final class InitiatorSignatureToken extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/InitiatorToken.php b/src/XML/sp/InitiatorToken.php
new file mode 100644
index 00000000..1a0304cf
--- /dev/null
+++ b/src/XML/sp/InitiatorToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An InitiatorToken element
+ *
+ * @package tvdijen/ws-security
+ */
+final class InitiatorToken extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/IssuedToken.php b/src/XML/sp/IssuedToken.php
new file mode 100644
index 00000000..4122740d
--- /dev/null
+++ b/src/XML/sp/IssuedToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An IssuedToken element
+ *
+ * @package tvdijen/ws-security
+ */
+final class IssuedToken extends AbstractIssuedTokenType
+{
+}
diff --git a/src/XML/sp/Issuer.php b/src/XML/sp/Issuer.php
new file mode 100644
index 00000000..52f07368
--- /dev/null
+++ b/src/XML/sp/Issuer.php
@@ -0,0 +1,22 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+use SimpleSAML\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\wsa\AbstractEndpointReferenceType;
+
+/**
+ * An Issuer element
+ *
+ * @package tvdijen/ws-security
+ */
+final class Issuer extends AbstractEndpointReferenceType
+{
+    /** @var string */
+    public const NS = C::NS_SEC_POLICY;
+
+    /** @var string */
+    public const NS_PREFIX = 'sp';
+}
diff --git a/src/XML/sp/IssuerName.php b/src/XML/sp/IssuerName.php
new file mode 100644
index 00000000..da22541f
--- /dev/null
+++ b/src/XML/sp/IssuerName.php
@@ -0,0 +1,43 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+use SimpleSAML\Assert\Assert;
+use SimpleSAML\XML\StringElementTrait;
+
+/**
+ * An IssuerName element
+ *
+ * @package tvdijen/ws-security
+ */
+final class IssuerName extends AbstractSpElement
+{
+    use StringElementTrait;
+
+
+    /**
+     * Initialize an IssuerName.
+     *
+     * @param string $content
+     */
+    public function __construct(
+        string $content
+    ) {
+        $this->setContent($content);
+    }
+
+
+    /**
+     * Validate the content of the element.
+     *
+     * @param string $content  The value to go in the XML textContent
+     * @throws \SimpleSAML\XML\Exception\SchemaViolationException on failure
+     * @return void
+     */
+    protected function validateContent(string $content): void
+    {
+        Assert::validURI($content);
+    }
+}
diff --git a/src/XML/sp/KerberosToken.php b/src/XML/sp/KerberosToken.php
new file mode 100644
index 00000000..96ee206d
--- /dev/null
+++ b/src/XML/sp/KerberosToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An KerberosToken element
+ *
+ * @package tvdijen/ws-security
+ */
+final class KerberosToken extends AbstractTokenAssertionType
+{
+}
diff --git a/src/XML/sp/KeyValueToken.php b/src/XML/sp/KeyValueToken.php
new file mode 100644
index 00000000..92d2a069
--- /dev/null
+++ b/src/XML/sp/KeyValueToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An KeyValueToken element
+ *
+ * @package tvdijen/ws-security
+ */
+final class KeyValueToken extends AbstractKeyValueTokenType
+{
+}
diff --git a/src/XML/sp/Lax.php b/src/XML/sp/Lax.php
new file mode 100644
index 00000000..56366e4e
--- /dev/null
+++ b/src/XML/sp/Lax.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An Lax element
+ *
+ * @package tvdijen/ws-security
+ */
+final class Lax extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/LaxTsFirst.php b/src/XML/sp/LaxTsFirst.php
new file mode 100644
index 00000000..e99aad63
--- /dev/null
+++ b/src/XML/sp/LaxTsFirst.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An LaxTsFirst element
+ *
+ * @package tvdijen/ws-security
+ */
+final class LaxTsFirst extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/LaxTsLast.php b/src/XML/sp/LaxTsLast.php
new file mode 100644
index 00000000..5c67f829
--- /dev/null
+++ b/src/XML/sp/LaxTsLast.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An LaxTsLast element
+ *
+ * @package tvdijen/ws-security
+ */
+final class LaxTsLast extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/Layout.php b/src/XML/sp/Layout.php
new file mode 100644
index 00000000..8720e7d3
--- /dev/null
+++ b/src/XML/sp/Layout.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * A Layout element
+ *
+ * @package tvdijen/ws-security
+ */
+final class Layout extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/MustNotSendAmend.php b/src/XML/sp/MustNotSendAmend.php
new file mode 100644
index 00000000..3ff1790d
--- /dev/null
+++ b/src/XML/sp/MustNotSendAmend.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An MustNotSendAmend element
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustNotSendAmend extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/MustNotSendCancel.php b/src/XML/sp/MustNotSendCancel.php
new file mode 100644
index 00000000..d0cd00e1
--- /dev/null
+++ b/src/XML/sp/MustNotSendCancel.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An MustNotSendCancel element
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustNotSendCancel extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/MustNotSendRenew.php b/src/XML/sp/MustNotSendRenew.php
new file mode 100644
index 00000000..1c350f44
--- /dev/null
+++ b/src/XML/sp/MustNotSendRenew.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An MustNotSendRenew element
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustNotSendRenew extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/MustSupportClientChallenge.php b/src/XML/sp/MustSupportClientChallenge.php
new file mode 100644
index 00000000..fc356cc6
--- /dev/null
+++ b/src/XML/sp/MustSupportClientChallenge.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An MustSupportClientChallenge element
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustSupportClientChallenge extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/MustSupportIssuedTokens.php b/src/XML/sp/MustSupportIssuedTokens.php
new file mode 100644
index 00000000..5d205ace
--- /dev/null
+++ b/src/XML/sp/MustSupportIssuedTokens.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An MustSupportIssuedTokens element
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustSupportIssuedTokens extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/MustSupportRefEmbeddedToken.php b/src/XML/sp/MustSupportRefEmbeddedToken.php
new file mode 100644
index 00000000..ab1f921a
--- /dev/null
+++ b/src/XML/sp/MustSupportRefEmbeddedToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An MustSupportRefEmbeddedToken element
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustSupportRefEmbeddedToken extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/MustSupportRefEncryptedKey.php b/src/XML/sp/MustSupportRefEncryptedKey.php
new file mode 100644
index 00000000..64ab663c
--- /dev/null
+++ b/src/XML/sp/MustSupportRefEncryptedKey.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An MustSupportRefEncryptedKey element
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustSupportRefEncryptedKey extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/MustSupportRefExternalURI.php b/src/XML/sp/MustSupportRefExternalURI.php
new file mode 100644
index 00000000..3306cc82
--- /dev/null
+++ b/src/XML/sp/MustSupportRefExternalURI.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An MustSupportRefExternalURI element
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustSupportRefExternalURI extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/MustSupportRefIssuerSerial.php b/src/XML/sp/MustSupportRefIssuerSerial.php
new file mode 100644
index 00000000..79f564fa
--- /dev/null
+++ b/src/XML/sp/MustSupportRefIssuerSerial.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An MustSupportRefIssuerSerial element
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustSupportRefIssuerSerial extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/MustSupportRefKeyIdentifier.php b/src/XML/sp/MustSupportRefKeyIdentifier.php
new file mode 100644
index 00000000..37c820d2
--- /dev/null
+++ b/src/XML/sp/MustSupportRefKeyIdentifier.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An MustSupportRefKeyIdentifier element
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustSupportRefKeyIdentifier extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/MustSupportRefThumbprint.php b/src/XML/sp/MustSupportRefThumbprint.php
new file mode 100644
index 00000000..71c53ddb
--- /dev/null
+++ b/src/XML/sp/MustSupportRefThumbprint.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An MustSupportRefThumbprint element
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustSupportRefThumbprint extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/MustSupportServerChallenge.php b/src/XML/sp/MustSupportServerChallenge.php
new file mode 100644
index 00000000..9e7145db
--- /dev/null
+++ b/src/XML/sp/MustSupportServerChallenge.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An MustSupportServerChallenge element
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustSupportServerChallenge extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/NoPassword.php b/src/XML/sp/NoPassword.php
new file mode 100644
index 00000000..fd8bd392
--- /dev/null
+++ b/src/XML/sp/NoPassword.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An NoPassword element
+ *
+ * @package tvdijen/ws-security
+ */
+final class NoPassword extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/OnlySignEntireHeadersAndBody.php b/src/XML/sp/OnlySignEntireHeadersAndBody.php
new file mode 100644
index 00000000..f27009f8
--- /dev/null
+++ b/src/XML/sp/OnlySignEntireHeadersAndBody.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An OnlySignEntireHeadersAndBody element
+ *
+ * @package tvdijen/ws-security
+ */
+final class OnlySignEntireHeadersAndBody extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/ProtectTokens.php b/src/XML/sp/ProtectTokens.php
new file mode 100644
index 00000000..e02828e2
--- /dev/null
+++ b/src/XML/sp/ProtectTokens.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An ProtectTokens element
+ *
+ * @package tvdijen/ws-security
+ */
+final class ProtectTokens extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/ProtectionToken.php b/src/XML/sp/ProtectionToken.php
new file mode 100644
index 00000000..804800e0
--- /dev/null
+++ b/src/XML/sp/ProtectionToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * A ProtectionToken element
+ *
+ * @package tvdijen/ws-security
+ */
+final class ProtectionToken extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/RecipientEncryptionToken.php b/src/XML/sp/RecipientEncryptionToken.php
new file mode 100644
index 00000000..cb95f181
--- /dev/null
+++ b/src/XML/sp/RecipientEncryptionToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * A RecipientEncryptionToken element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RecipientEncryptionToken extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/RecipientSignatureToken.php b/src/XML/sp/RecipientSignatureToken.php
new file mode 100644
index 00000000..94740f5b
--- /dev/null
+++ b/src/XML/sp/RecipientSignatureToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * A RecipientSignatureToken element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RecipientSignatureToken extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/RecipientToken.php b/src/XML/sp/RecipientToken.php
new file mode 100644
index 00000000..743605a7
--- /dev/null
+++ b/src/XML/sp/RecipientToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * A RecipientToken element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RecipientToken extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/RelToken.php b/src/XML/sp/RelToken.php
new file mode 100644
index 00000000..5fe27394
--- /dev/null
+++ b/src/XML/sp/RelToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An RelToken element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RelToken extends AbstractTokenAssertionType
+{
+}
diff --git a/src/XML/sp/RequestSecurityTokenTemplate.php b/src/XML/sp/RequestSecurityTokenTemplate.php
new file mode 100644
index 00000000..8d907428
--- /dev/null
+++ b/src/XML/sp/RequestSecurityTokenTemplate.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An RequestSecurityTokenTemplate element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequestSecurityTokenTemplate extends AbstractRequestSecurityTokenTemplateType
+{
+}
diff --git a/src/XML/sp/RequireAppliesTo.php b/src/XML/sp/RequireAppliesTo.php
new file mode 100644
index 00000000..ebf59698
--- /dev/null
+++ b/src/XML/sp/RequireAppliesTo.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An RequireAppliesTo element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireAppliesTo extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/RequireClientCertificate.php b/src/XML/sp/RequireClientCertificate.php
new file mode 100644
index 00000000..53aed466
--- /dev/null
+++ b/src/XML/sp/RequireClientCertificate.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An RequireClientCertificate element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireClientCertificate extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/RequireClientEntropy.php b/src/XML/sp/RequireClientEntropy.php
new file mode 100644
index 00000000..3d2c6e46
--- /dev/null
+++ b/src/XML/sp/RequireClientEntropy.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An RequireClientEntropy element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireClientEntropy extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/RequireDerivedKeys.php b/src/XML/sp/RequireDerivedKeys.php
new file mode 100644
index 00000000..5894cb55
--- /dev/null
+++ b/src/XML/sp/RequireDerivedKeys.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An RequireDerivedKeys element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireDerivedKeys extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/RequireEmbeddedTokenReference.php b/src/XML/sp/RequireEmbeddedTokenReference.php
new file mode 100644
index 00000000..26dab06d
--- /dev/null
+++ b/src/XML/sp/RequireEmbeddedTokenReference.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An RequireEmbeddedTokenReference element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireEmbeddedTokenReference extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/RequireExplicitDerivedKeys.php b/src/XML/sp/RequireExplicitDerivedKeys.php
new file mode 100644
index 00000000..12509b99
--- /dev/null
+++ b/src/XML/sp/RequireExplicitDerivedKeys.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An RequireExplicitDerivedKeys element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireExplicitDerivedKeys extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/RequireExternalReference.php b/src/XML/sp/RequireExternalReference.php
new file mode 100644
index 00000000..8837e961
--- /dev/null
+++ b/src/XML/sp/RequireExternalReference.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An RequireExternalReference element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireExternalReference extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/RequireExternalUriReference.php b/src/XML/sp/RequireExternalUriReference.php
new file mode 100644
index 00000000..378f58af
--- /dev/null
+++ b/src/XML/sp/RequireExternalUriReference.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An RequireExternalUriReference element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireExternalUriReference extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/RequireImpliedDerivedKeys.php b/src/XML/sp/RequireImpliedDerivedKeys.php
new file mode 100644
index 00000000..197684f5
--- /dev/null
+++ b/src/XML/sp/RequireImpliedDerivedKeys.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An RequireImpliedDerivedKeys element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireImpliedDerivedKeys extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/RequireInternalReference.php b/src/XML/sp/RequireInternalReference.php
new file mode 100644
index 00000000..8511b428
--- /dev/null
+++ b/src/XML/sp/RequireInternalReference.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An RequireInternalReference element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireInternalReference extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/RequireIssuerSerialReference.php b/src/XML/sp/RequireIssuerSerialReference.php
new file mode 100644
index 00000000..83d907b4
--- /dev/null
+++ b/src/XML/sp/RequireIssuerSerialReference.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An RequireIssuerSerialReference element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireIssuerSerialReference extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/RequireKeyIdentifierReference.php b/src/XML/sp/RequireKeyIdentifierReference.php
new file mode 100644
index 00000000..525f3461
--- /dev/null
+++ b/src/XML/sp/RequireKeyIdentifierReference.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An RequireKeyIdentifierReference element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireKeyIdentifierReference extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/RequireRequestSecurityTokenCollection.php b/src/XML/sp/RequireRequestSecurityTokenCollection.php
new file mode 100644
index 00000000..22a9f936
--- /dev/null
+++ b/src/XML/sp/RequireRequestSecurityTokenCollection.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An RequireRequestSecurityTokenCollection element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireRequestSecurityTokenCollection extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/RequireServerEntropy.php b/src/XML/sp/RequireServerEntropy.php
new file mode 100644
index 00000000..192631be
--- /dev/null
+++ b/src/XML/sp/RequireServerEntropy.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An RequireServerEntropy element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireServerEntropy extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/RequireSignatureConfirmation.php b/src/XML/sp/RequireSignatureConfirmation.php
new file mode 100644
index 00000000..d19a7de4
--- /dev/null
+++ b/src/XML/sp/RequireSignatureConfirmation.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An RequireSignatureConfirmation element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireSignatureConfirmation extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/RequireThumbprintReference.php b/src/XML/sp/RequireThumbprintReference.php
new file mode 100644
index 00000000..fd83fb13
--- /dev/null
+++ b/src/XML/sp/RequireThumbprintReference.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An RequireThumbprintReference element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireThumbprintReference extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/RequiredElements.php b/src/XML/sp/RequiredElements.php
new file mode 100644
index 00000000..9ff6909f
--- /dev/null
+++ b/src/XML/sp/RequiredElements.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An RequiredElements element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequiredElements extends AbstractSerElementsType
+{
+}
diff --git a/src/XML/sp/RequiredParts.php b/src/XML/sp/RequiredParts.php
new file mode 100644
index 00000000..95e87d2f
--- /dev/null
+++ b/src/XML/sp/RequiredParts.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An RequiredParts element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequiredParts extends AbstractReqPartsType
+{
+}
diff --git a/src/XML/sp/RsaKeyValue.php b/src/XML/sp/RsaKeyValue.php
new file mode 100644
index 00000000..e1e6f2aa
--- /dev/null
+++ b/src/XML/sp/RsaKeyValue.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An RsaKeyValue element
+ *
+ * @package tvdijen/ws-security
+ */
+final class RsaKeyValue extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/SC13SecurityContextToken.php b/src/XML/sp/SC13SecurityContextToken.php
new file mode 100644
index 00000000..3487f0c9
--- /dev/null
+++ b/src/XML/sp/SC13SecurityContextToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An SC13SecurityContextToken element
+ *
+ * @package tvdijen/ws-security
+ */
+final class SC13SecurityContextToken extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/SOAPNormalization10.php b/src/XML/sp/SOAPNormalization10.php
new file mode 100644
index 00000000..aa7db375
--- /dev/null
+++ b/src/XML/sp/SOAPNormalization10.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An SOAPNormalization10 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class SOAPNormalization10 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/STRTransform10.php b/src/XML/sp/STRTransform10.php
new file mode 100644
index 00000000..bf3ed174
--- /dev/null
+++ b/src/XML/sp/STRTransform10.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An STRTransform10 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class STRTransform10 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/SamlToken.php b/src/XML/sp/SamlToken.php
new file mode 100644
index 00000000..bc582ef8
--- /dev/null
+++ b/src/XML/sp/SamlToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An SamlToken element
+ *
+ * @package tvdijen/ws-security
+ */
+final class SamlToken extends AbstractTokenAssertionType
+{
+}
diff --git a/src/XML/sp/SecureConversationToken.php b/src/XML/sp/SecureConversationToken.php
new file mode 100644
index 00000000..01c87f4f
--- /dev/null
+++ b/src/XML/sp/SecureConversationToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An SecureConversationToken element
+ *
+ * @package tvdijen/ws-security
+ */
+final class SecureConversationToken extends AbstractSecureConversationTokenType
+{
+}
diff --git a/src/XML/sp/SecurityContextToken.php b/src/XML/sp/SecurityContextToken.php
new file mode 100644
index 00000000..d0e8d0f4
--- /dev/null
+++ b/src/XML/sp/SecurityContextToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An SecurityContextToken element
+ *
+ * @package tvdijen/ws-security
+ */
+final class SecurityContextToken extends AbstractTokenAssertionType
+{
+}
diff --git a/src/XML/sp/SignatureToken.php b/src/XML/sp/SignatureToken.php
new file mode 100644
index 00000000..0a75353b
--- /dev/null
+++ b/src/XML/sp/SignatureToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * A SignatureToken element
+ *
+ * @package tvdijen/ws-security
+ */
+final class SignatureToken extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/SignedElements.php b/src/XML/sp/SignedElements.php
new file mode 100644
index 00000000..78360430
--- /dev/null
+++ b/src/XML/sp/SignedElements.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An SignedElements element
+ *
+ * @package tvdijen/ws-security
+ */
+final class SignedElements extends AbstractSerElementsType
+{
+}
diff --git a/src/XML/sp/SignedEncryptedSupportingTokens.php b/src/XML/sp/SignedEncryptedSupportingTokens.php
new file mode 100644
index 00000000..70a3e99e
--- /dev/null
+++ b/src/XML/sp/SignedEncryptedSupportingTokens.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * A SignedEncryptedSupportingTokens element
+ *
+ * @package tvdijen/ws-security
+ */
+final class SignedEncryptedSupportingTokens extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/SignedEndorsingEncryptedSupportingTokens.php b/src/XML/sp/SignedEndorsingEncryptedSupportingTokens.php
new file mode 100644
index 00000000..42c35ffd
--- /dev/null
+++ b/src/XML/sp/SignedEndorsingEncryptedSupportingTokens.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * A SignedEndorsingEncryptedSupportingTokens element
+ *
+ * @package tvdijen/ws-security
+ */
+final class SignedEndorsingEncryptedSupportingTokens extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/SignedEndorsingSupportingTokens.php b/src/XML/sp/SignedEndorsingSupportingTokens.php
new file mode 100644
index 00000000..1fdcbe82
--- /dev/null
+++ b/src/XML/sp/SignedEndorsingSupportingTokens.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * A SignedEndorsingSupportingTokens element
+ *
+ * @package tvdijen/ws-security
+ */
+final class SignedEndorsingSupportingTokens extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/SignedParts.php b/src/XML/sp/SignedParts.php
new file mode 100644
index 00000000..1a53de81
--- /dev/null
+++ b/src/XML/sp/SignedParts.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An SignedParts element
+ *
+ * @package tvdijen/ws-security
+ */
+final class SignedParts extends AbstractSePartsType
+{
+}
diff --git a/src/XML/sp/SignedSupportingTokens.php b/src/XML/sp/SignedSupportingTokens.php
new file mode 100644
index 00000000..8d170e19
--- /dev/null
+++ b/src/XML/sp/SignedSupportingTokens.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * A SignedSupportingTokens element
+ *
+ * @package tvdijen/ws-security
+ */
+final class SignedSupportingTokens extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/SpnegoContextToken.php b/src/XML/sp/SpnegoContextToken.php
new file mode 100644
index 00000000..2ff493d7
--- /dev/null
+++ b/src/XML/sp/SpnegoContextToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An SpnegoContextToken element
+ *
+ * @package tvdijen/ws-security
+ */
+final class SpnegoContextToken extends AbstractSpnegoContextTokenType
+{
+}
diff --git a/src/XML/sp/Strict.php b/src/XML/sp/Strict.php
new file mode 100644
index 00000000..ce21c7da
--- /dev/null
+++ b/src/XML/sp/Strict.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An Strict element
+ *
+ * @package tvdijen/ws-security
+ */
+final class Strict extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/SupportingTokens.php b/src/XML/sp/SupportingTokens.php
new file mode 100644
index 00000000..05342c7b
--- /dev/null
+++ b/src/XML/sp/SupportingTokens.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * A SupportingTokens element
+ *
+ * @package tvdijen/ws-security
+ */
+final class SupportingTokens extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/SymmetricBinding.php b/src/XML/sp/SymmetricBinding.php
new file mode 100644
index 00000000..bf3b8893
--- /dev/null
+++ b/src/XML/sp/SymmetricBinding.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * A SymmetricBinding element
+ *
+ * @package tvdijen/ws-security
+ */
+final class SymmetricBinding extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/TransportBinding.php b/src/XML/sp/TransportBinding.php
new file mode 100644
index 00000000..c5bf7533
--- /dev/null
+++ b/src/XML/sp/TransportBinding.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * A TransportBinding element
+ *
+ * @package tvdijen/ws-security
+ */
+final class TransportBinding extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/TransportToken.php b/src/XML/sp/TransportToken.php
new file mode 100644
index 00000000..60e3b6e1
--- /dev/null
+++ b/src/XML/sp/TransportToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * A TransportToken element
+ *
+ * @package tvdijen/ws-security
+ */
+final class TransportToken extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/TripleDes.php b/src/XML/sp/TripleDes.php
new file mode 100644
index 00000000..4fcd304e
--- /dev/null
+++ b/src/XML/sp/TripleDes.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An TripleDes element
+ *
+ * @package tvdijen/ws-security
+ */
+final class TripleDes extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/TripleDesRsa15.php b/src/XML/sp/TripleDesRsa15.php
new file mode 100644
index 00000000..ae36520e
--- /dev/null
+++ b/src/XML/sp/TripleDesRsa15.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An TripleDesRsa15 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class TripleDesRsa15 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/TripleDesSha256.php b/src/XML/sp/TripleDesSha256.php
new file mode 100644
index 00000000..a12357ee
--- /dev/null
+++ b/src/XML/sp/TripleDesSha256.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An TripleDesSha256 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class TripleDesSha256 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/TripleDesSha256Rsa15.php b/src/XML/sp/TripleDesSha256Rsa15.php
new file mode 100644
index 00000000..09dc2a58
--- /dev/null
+++ b/src/XML/sp/TripleDesSha256Rsa15.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An TripleDesSha256Rsa15 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class TripleDesSha256Rsa15 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/Trust13.php b/src/XML/sp/Trust13.php
new file mode 100644
index 00000000..7bcc6a2a
--- /dev/null
+++ b/src/XML/sp/Trust13.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * A Trust13 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class Trust13 extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/UsernameToken.php b/src/XML/sp/UsernameToken.php
new file mode 100644
index 00000000..fc90b80e
--- /dev/null
+++ b/src/XML/sp/UsernameToken.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An UsernameToken element
+ *
+ * @package tvdijen/ws-security
+ */
+final class UsernameToken extends AbstractTokenAssertionType
+{
+}
diff --git a/src/XML/sp/Wss10.php b/src/XML/sp/Wss10.php
new file mode 100644
index 00000000..09d4f370
--- /dev/null
+++ b/src/XML/sp/Wss10.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * A Wss10 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class Wss10 extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/Wss11.php b/src/XML/sp/Wss11.php
new file mode 100644
index 00000000..e56fe9ae
--- /dev/null
+++ b/src/XML/sp/Wss11.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * A Wss11 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class Wss11 extends AbstractNestedPolicyType
+{
+}
diff --git a/src/XML/sp/WssGssKerberosV5ApReqToken11.php b/src/XML/sp/WssGssKerberosV5ApReqToken11.php
new file mode 100644
index 00000000..00f15e60
--- /dev/null
+++ b/src/XML/sp/WssGssKerberosV5ApReqToken11.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An WssGssKerberosV5ApReqToken11 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssGssKerberosV5ApReqToken11 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/WssKerberosV5ApReqToken11.php b/src/XML/sp/WssKerberosV5ApReqToken11.php
new file mode 100644
index 00000000..889a06c0
--- /dev/null
+++ b/src/XML/sp/WssKerberosV5ApReqToken11.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An WssKerberosV5ApReqToken11 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssKerberosV5ApReqToken11 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/WssRelV10Token10.php b/src/XML/sp/WssRelV10Token10.php
new file mode 100644
index 00000000..8dec12b8
--- /dev/null
+++ b/src/XML/sp/WssRelV10Token10.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An WssRelV10Token10 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssRelV10Token10 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/WssRelV10Token11.php b/src/XML/sp/WssRelV10Token11.php
new file mode 100644
index 00000000..1dc24303
--- /dev/null
+++ b/src/XML/sp/WssRelV10Token11.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An WssRelV10Token11 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssRelV10Token11 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/WssRelV20Token10.php b/src/XML/sp/WssRelV20Token10.php
new file mode 100644
index 00000000..a116b5b8
--- /dev/null
+++ b/src/XML/sp/WssRelV20Token10.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An WssRelV20Token10 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssRelV20Token10 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/WssRelV20Token11.php b/src/XML/sp/WssRelV20Token11.php
new file mode 100644
index 00000000..14517b6e
--- /dev/null
+++ b/src/XML/sp/WssRelV20Token11.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An WssRelV20Token11 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssRelV20Token11 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/WssSamlV11Token10.php b/src/XML/sp/WssSamlV11Token10.php
new file mode 100644
index 00000000..a4245549
--- /dev/null
+++ b/src/XML/sp/WssSamlV11Token10.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An WssSamlV11Token10 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssSamlV11Token10 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/WssSamlV11Token11.php b/src/XML/sp/WssSamlV11Token11.php
new file mode 100644
index 00000000..970d40ac
--- /dev/null
+++ b/src/XML/sp/WssSamlV11Token11.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An WssSamlV11Token11 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssSamlV11Token11 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/WssSamlV20Token11.php b/src/XML/sp/WssSamlV20Token11.php
new file mode 100644
index 00000000..e2193263
--- /dev/null
+++ b/src/XML/sp/WssSamlV20Token11.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An WssSamlV20Token11 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssSamlV20Token11 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/WssUsernameToken10.php b/src/XML/sp/WssUsernameToken10.php
new file mode 100644
index 00000000..98152fb4
--- /dev/null
+++ b/src/XML/sp/WssUsernameToken10.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An WssUsernameToken10 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssUsernameToken10 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/WssUsernameToken11.php b/src/XML/sp/WssUsernameToken11.php
new file mode 100644
index 00000000..e9a5f802
--- /dev/null
+++ b/src/XML/sp/WssUsernameToken11.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An WssUsernameToken11 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssUsernameToken11 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/WssX509Pkcs7Token10.php b/src/XML/sp/WssX509Pkcs7Token10.php
new file mode 100644
index 00000000..d3e34516
--- /dev/null
+++ b/src/XML/sp/WssX509Pkcs7Token10.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An WssX509Pkcs7Token10 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssX509Pkcs7Token10 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/WssX509Pkcs7Token11.php b/src/XML/sp/WssX509Pkcs7Token11.php
new file mode 100644
index 00000000..8f312d5a
--- /dev/null
+++ b/src/XML/sp/WssX509Pkcs7Token11.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An WssX509Pkcs7Token11 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssX509Pkcs7Token11 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/WssX509PkiPathV1Token10.php b/src/XML/sp/WssX509PkiPathV1Token10.php
new file mode 100644
index 00000000..7a92e072
--- /dev/null
+++ b/src/XML/sp/WssX509PkiPathV1Token10.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An WssX509PkiPathV1Token10 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssX509PkiPathV1Token10 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/WssX509PkiPathV1Token11.php b/src/XML/sp/WssX509PkiPathV1Token11.php
new file mode 100644
index 00000000..efe405cc
--- /dev/null
+++ b/src/XML/sp/WssX509PkiPathV1Token11.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An WssX509PkiPathV1Token11 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssX509PkiPathV1Token11 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/WssX509V1Token11.php b/src/XML/sp/WssX509V1Token11.php
new file mode 100644
index 00000000..b9f5a04a
--- /dev/null
+++ b/src/XML/sp/WssX509V1Token11.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An WssX509V1Token11 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssX509V1Token11 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/WssX509V3Token10.php b/src/XML/sp/WssX509V3Token10.php
new file mode 100644
index 00000000..880f9ec6
--- /dev/null
+++ b/src/XML/sp/WssX509V3Token10.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An WssX509V3Token10 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssX509V3Token10 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/WssX509V3Token11.php b/src/XML/sp/WssX509V3Token11.php
new file mode 100644
index 00000000..158e8b37
--- /dev/null
+++ b/src/XML/sp/WssX509V3Token11.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An WssX509V3Token11 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssX509V3Token11 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/X509Token.php b/src/XML/sp/X509Token.php
new file mode 100644
index 00000000..10f01d26
--- /dev/null
+++ b/src/XML/sp/X509Token.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An X509Token element
+ *
+ * @package tvdijen/ws-security
+ */
+final class X509Token extends AbstractTokenAssertionType
+{
+}
diff --git a/src/XML/sp/XPath.php b/src/XML/sp/XPath.php
new file mode 100644
index 00000000..814f2d51
--- /dev/null
+++ b/src/XML/sp/XPath.php
@@ -0,0 +1,49 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+use DOMNodeList;
+use DOMXPath;
+use SimpleSAML\Assert\Assert;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\Exception\SchemaViolationException;
+use SimpleSAML\XML\StringElementTrait;
+
+/**
+ * An XPath element
+ *
+ * @package tvdijen/ws-security
+ */
+final class XPath extends AbstractSpElement
+{
+    use StringElementTrait;
+
+
+    /**
+     * Initialize an XPath.
+     *
+     * @param string $content
+     */
+    public function __construct(
+        string $content
+    ) {
+        $this->setContent($content);
+    }
+
+
+    /**
+     * Validate the content of the element.
+     *
+     * @param string $content  The value to go in the XML textContent
+     * @throws \SimpleSAML\XML\Exception\SchemaViolationException on failure
+     * @return void
+     */
+    protected function validateContent(string $content): void
+    {
+        $dom = new DOMXPath(DOMDocumentFactory::create());
+        $result = $dom->evaluate($content);
+        Assert::isInstanceOf($result, DOMNodeList::class);
+    }
+}
diff --git a/src/XML/sp/XPath10.php b/src/XML/sp/XPath10.php
new file mode 100644
index 00000000..fdc26a83
--- /dev/null
+++ b/src/XML/sp/XPath10.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An XPath10 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class XPath10 extends AbstractQNameAssertionType
+{
+}
diff --git a/src/XML/sp/XPathFilter20.php b/src/XML/sp/XPathFilter20.php
new file mode 100644
index 00000000..e357f0de
--- /dev/null
+++ b/src/XML/sp/XPathFilter20.php
@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\sp;
+
+/**
+ * An XPathFilter20 element
+ *
+ * @package tvdijen/ws-security
+ */
+final class XPathFilter20 extends AbstractQNameAssertionType
+{
+}
diff --git a/tests/WSSecurity/Constants.php b/tests/WSSecurity/Constants.php
new file mode 100644
index 00000000..4156e464
--- /dev/null
+++ b/tests/WSSecurity/Constants.php
@@ -0,0 +1,15 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity;
+
+/**
+ * A collection of constants used in this library for unit testing.
+ *
+ * @package tvdijen/ws-security
+ */
+class Constants extends \SimpleSAML\WSSecurity\Constants
+{
+    public const NAMESPACE = 'urn:x-simplesamlphp:namespace';
+}
diff --git a/tests/WSSecurity/XML/sp/AbsXPathTest.php b/tests/WSSecurity/XML/sp/AbsXPathTest.php
new file mode 100644
index 00000000..70b98694
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/AbsXPathTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\AbsXPath;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\AbsXPathTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbsXPath
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class AbsXPathTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = AbsXPath::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_AbsXPath.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/AlgorithmSuiteTest.php b/tests/WSSecurity/XML/sp/AlgorithmSuiteTest.php
new file mode 100644
index 00000000..1e0267c5
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/AlgorithmSuiteTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\AlgorithmSuite;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\AlgorithmSuiteTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AlgorithmSuite
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class AlgorithmSuiteTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = AlgorithmSuite::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_AlgorithmSuite.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/AsymmetricBindingTest.php b/tests/WSSecurity/XML/sp/AsymmetricBindingTest.php
new file mode 100644
index 00000000..f6c215ea
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/AsymmetricBindingTest.php
@@ -0,0 +1,58 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\AsymmetricBinding;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\AsymmetricBindingTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AsymmetricBinding
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class AsymmetricBindingTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = AsymmetricBinding::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_AsymmetricBinding.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/AttachmentsTest.php b/tests/WSSecurity/XML/sp/AttachmentsTest.php
new file mode 100644
index 00000000..5dc4f58e
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/AttachmentsTest.php
@@ -0,0 +1,57 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\Attachments;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\AttachmentsTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\Attachments
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractEmptyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class AttachmentsTest extends TestCase
+{
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$testedClass = Attachments::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_Attachments.xml',
+        );
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Test that creating an Attachments from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $attachments = new Attachments();
+
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($attachments),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/Basic128Rsa15Test.php b/tests/WSSecurity/XML/sp/Basic128Rsa15Test.php
new file mode 100644
index 00000000..e166a40a
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/Basic128Rsa15Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\Basic128Rsa15;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\Basic128Rsa15Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\Basic128Rsa15
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic128Rsa15Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = Basic128Rsa15::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_Basic128Rsa15.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/Basic128Sha256Rsa15Test.php b/tests/WSSecurity/XML/sp/Basic128Sha256Rsa15Test.php
new file mode 100644
index 00000000..a080108d
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/Basic128Sha256Rsa15Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\Basic128Sha256Rsa15;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\Basic128Sha256Rsa15Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\Basic128Sha256Rsa15
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic128Sha256Rsa15Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = Basic128Sha256Rsa15::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_Basic128Sha256Rsa15.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/Basic128Sha256Test.php b/tests/WSSecurity/XML/sp/Basic128Sha256Test.php
new file mode 100644
index 00000000..7ba01e97
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/Basic128Sha256Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\Basic128Sha256;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\Basic128Sha256Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\Basic128Sha256
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic128Sha256Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = Basic128Sha256::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_Basic128Sha256.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/Basic128Test.php b/tests/WSSecurity/XML/sp/Basic128Test.php
new file mode 100644
index 00000000..d342c5fd
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/Basic128Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\Basic128;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\Basic128Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\Basic128
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic128Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = Basic128::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_Basic128.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/Basic192Rsa15Test.php b/tests/WSSecurity/XML/sp/Basic192Rsa15Test.php
new file mode 100644
index 00000000..1a68d631
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/Basic192Rsa15Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\Basic192Rsa15;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\Basic192Rsa15Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\Basic192Rsa15
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic192Rsa15Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = Basic192Rsa15::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_Basic192Rsa15.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/Basic192Sha256Rsa15Test.php b/tests/WSSecurity/XML/sp/Basic192Sha256Rsa15Test.php
new file mode 100644
index 00000000..3a88374a
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/Basic192Sha256Rsa15Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\Basic192Sha256Rsa15;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\Basic192Sha256Rsa15Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\Basic192Sha256Rsa15
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic192Sha256Rsa15Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = Basic192Sha256Rsa15::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_Basic192Sha256Rsa15.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/Basic192Sha256Test.php b/tests/WSSecurity/XML/sp/Basic192Sha256Test.php
new file mode 100644
index 00000000..9273f52a
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/Basic192Sha256Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\Basic192Sha256;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\Basic192Sha256Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\Basic192Sha256
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic192Sha256Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = Basic192Sha256::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_Basic192Sha256.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/Basic192Test.php b/tests/WSSecurity/XML/sp/Basic192Test.php
new file mode 100644
index 00000000..749c8611
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/Basic192Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\Basic192;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\Basic192Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\Basic192
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic192Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = Basic192::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_Basic192.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/Basic256Rsa15Test.php b/tests/WSSecurity/XML/sp/Basic256Rsa15Test.php
new file mode 100644
index 00000000..18172fbb
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/Basic256Rsa15Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\Basic256Rsa15;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\Basic256Rsa15Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\Basic256Rsa15
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic256Rsa15Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = Basic256Rsa15::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_Basic256Rsa15.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/Basic256Sha256Rsa15Test.php b/tests/WSSecurity/XML/sp/Basic256Sha256Rsa15Test.php
new file mode 100644
index 00000000..4656eccf
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/Basic256Sha256Rsa15Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\Basic256Sha256Rsa15;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\Basic256Sha256Rsa15Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\Basic256Sha256Rsa15
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic256Sha256Rsa15Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = Basic256Sha256Rsa15::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_Basic256Sha256Rsa15.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/Basic256Sha256Test.php b/tests/WSSecurity/XML/sp/Basic256Sha256Test.php
new file mode 100644
index 00000000..9b7e34cb
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/Basic256Sha256Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\Basic256Sha256;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\Basic256Sha256Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\Basic256Sha256
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic256Sha256Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = Basic256Sha256::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_Basic256Sha256.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/Basic256Test.php b/tests/WSSecurity/XML/sp/Basic256Test.php
new file mode 100644
index 00000000..9fe2d689
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/Basic256Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\Basic256;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\Basic256Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\Basic256
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class Basic256Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = Basic256::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_Basic256.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/BodyTest.php b/tests/WSSecurity/XML/sp/BodyTest.php
new file mode 100644
index 00000000..504e77cb
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/BodyTest.php
@@ -0,0 +1,57 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\Body;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\BodyTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\Body
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractEmptyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class BodyTest extends TestCase
+{
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$testedClass = Body::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_Body.xml',
+        );
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Test that creating a Body from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $body = new Body();
+
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($body),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/BootstrapPolicyTest.php b/tests/WSSecurity/XML/sp/BootstrapPolicyTest.php
new file mode 100644
index 00000000..ceaca73d
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/BootstrapPolicyTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\BootstrapPolicy;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\BootstrapPolicyTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\BootstrapPolicy
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class BootstrapPolicyTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = BootstrapPolicy::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_BootstrapPolicy.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/ContentEncryptedElementsTest.php b/tests/WSSecurity/XML/sp/ContentEncryptedElementsTest.php
new file mode 100644
index 00000000..6e7f2ef3
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/ContentEncryptedElementsTest.php
@@ -0,0 +1,114 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\Utils\XPath as XMLXPath;
+use SimpleSAML\WSSecurity\XML\sp\ContentEncryptedElements;
+use SimpleSAML\WSSecurity\XML\sp\XPath;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\ContentEncryptedElementsTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\ContentEncryptedElements
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSerElementsType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class ContentEncryptedElementsTest extends TestCase
+{
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = ContentEncryptedElements::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_ContentEncryptedElements.xml',
+        );
+    }
+
+
+    /**
+     */
+    public function testMarshallingElementOrdering(): void
+    {
+        $xpath = new XPath('/bookstore/book[price>35.00]/title');
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $contentEncryptedElements = new ContentEncryptedElements(
+            [$xpath],
+            'urn:x-simplesamlphp:version',
+            [$chunk],
+            [$attr],
+        );
+        $contentEncryptedElementsElement = $contentEncryptedElements->toXML();
+
+        // Test for an XPath
+        $xpCache = XMLXPath::getXPath($contentEncryptedElementsElement);
+        $contentEncryptedElementsElements = XMLXPath::xpQuery(
+            $contentEncryptedElementsElement,
+            './sp:XPath',
+            $xpCache,
+        );
+        $this->assertCount(1, $contentEncryptedElementsElements);
+
+        // Test ordering of ContentEncryptedElements contents
+        /** @psalm-var \DOMElement[] $contentEncryptedElementsElements */
+        $contentEncryptedElementsElements = XMLXPath::xpQuery(
+            $contentEncryptedElementsElement,
+            './sp:XPath/following-sibling::*',
+            $xpCache,
+        );
+        $this->assertCount(1, $contentEncryptedElementsElements);
+        $this->assertEquals('ssp:Chunk', $contentEncryptedElementsElements[0]->tagName);
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Test that creating a ContentEncryptedElements from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $xpath = new XPath('/bookstore/book[price>35.00]/title');
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $contentEncryptedElements = new ContentEncryptedElements(
+            [$xpath],
+            'urn:x-simplesamlphp:version',
+            [$chunk],
+            [$attr],
+        );
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($contentEncryptedElements),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/EncryptBeforeSigningTest.php b/tests/WSSecurity/XML/sp/EncryptBeforeSigningTest.php
new file mode 100644
index 00000000..47a21a1e
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/EncryptBeforeSigningTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\EncryptBeforeSigning;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\EncryptBeforeSigningTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\EncryptBeforeSigning
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class EncryptBeforeSigningTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = EncryptBeforeSigning::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_EncryptBeforeSigning.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/EncryptSignatureTest.php b/tests/WSSecurity/XML/sp/EncryptSignatureTest.php
new file mode 100644
index 00000000..d9476192
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/EncryptSignatureTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\EncryptSignature;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\EncryptSignatureTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\EncryptSignature
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class EncryptSignatureTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = EncryptSignature::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_EncryptSignature.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/EncryptedElementsTest.php b/tests/WSSecurity/XML/sp/EncryptedElementsTest.php
new file mode 100644
index 00000000..f841cc48
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/EncryptedElementsTest.php
@@ -0,0 +1,101 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\Utils\XPath as XMLXPath;
+use SimpleSAML\WSSecurity\XML\sp\EncryptedElements;
+use SimpleSAML\WSSecurity\XML\sp\XPath;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\EncryptedElementsTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\EncryptedElements
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSerElementsType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class EncryptedElementsTest extends TestCase
+{
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = EncryptedElements::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_EncryptedElements.xml',
+        );
+    }
+
+
+    /**
+     */
+    public function testMarshallingElementOrdering(): void
+    {
+        $xpath = new XPath('/bookstore/book[price>35.00]/title');
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $EncryptedElements = new EncryptedElements([$xpath], 'urn:x-simplesamlphp:version', [$chunk], [$attr]);
+        $EncryptedElementsElement = $EncryptedElements->toXML();
+
+        // Test for an XPath
+        $xpCache = XMLXPath::getXPath($EncryptedElementsElement);
+        $EncryptedElementsElements = XMLXPath::xpQuery($EncryptedElementsElement, './sp:XPath', $xpCache);
+        $this->assertCount(1, $EncryptedElementsElements);
+
+        // Test ordering of EncryptedElements contents
+        /** @psalm-var \DOMElement[] $EncryptedElementsElements */
+        $EncryptedElementsElements = XMLXPath::xpQuery(
+            $EncryptedElementsElement,
+            './sp:XPath/following-sibling::*',
+            $xpCache,
+        );
+
+        $this->assertCount(1, $EncryptedElementsElements);
+        $this->assertEquals('ssp:Chunk', $EncryptedElementsElements[0]->tagName);
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Test that creating a EncryptedElements from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $xpath = new XPath('/bookstore/book[price>35.00]/title');
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $EncryptedElements = new EncryptedElements([$xpath], 'urn:x-simplesamlphp:version', [$chunk], [$attr]);
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($EncryptedElements),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/EncryptedPartsTest.php b/tests/WSSecurity/XML/sp/EncryptedPartsTest.php
new file mode 100644
index 00000000..fbf99eac
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/EncryptedPartsTest.php
@@ -0,0 +1,120 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\Utils\XPath;
+use SimpleSAML\WSSecurity\XML\sp\Attachments;
+use SimpleSAML\WSSecurity\XML\sp\Body;
+use SimpleSAML\WSSecurity\XML\sp\Header;
+use SimpleSAML\WSSecurity\XML\sp\EncryptedParts;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\EncryptedPartsTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\EncryptedParts
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSePartsType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class EncryptedPartsTest extends TestCase
+{
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = EncryptedParts::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_EncryptedParts.xml',
+        );
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Test that creating a EncryptedParts from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $body = new Body();
+        $header = new Header('urn:x-simplesamlphp:namespace', 'ssp:name', [$attr]);
+        $attachments = new Attachments();
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $EncryptedParts = new EncryptedParts($body, [$header], $attachments, [$chunk], [$attr]);
+
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($EncryptedParts),
+        );
+    }
+
+
+    /**
+     * Adding an empty EncryptedParts element should yield an empty element.
+     */
+    public function testMarshallingEmptyElement(): void
+    {
+        $spns = C::NS_SEC_POLICY;
+        $encryptedParts = new EncryptedParts();
+        $this->assertEquals(
+            "<sp:EncryptedParts xmlns:sp=\"$spns\"/>",
+            strval($encryptedParts),
+        );
+        $this->assertTrue($encryptedParts->isEmptyElement());
+    }
+
+
+    /**
+     */
+    public function testMarshallingElementOrdering(): void
+    {
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $body = new Body();
+        $header = new Header('urn:x-simplesamlphp:namespace', 'ssp:name', [$attr]);
+        $attachments = new Attachments();
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $EncryptedParts = new EncryptedParts($body, [$header], $attachments, [$chunk], [$attr]);
+        $EncryptedPartsElement = $EncryptedParts->toXML();
+
+        // Test for a Body
+        $xpCache = XPath::getXPath($EncryptedPartsElement);
+        $EncryptedPartsElements = XPath::xpQuery($EncryptedPartsElement, './sp:Body', $xpCache);
+        $this->assertCount(1, $EncryptedPartsElements);
+
+        // Test ordering of EncryptedParts contents
+        /** @psalm-var \DOMElement[] $EncryptedPartsElements */
+        $EncryptedPartsElements = XPath::xpQuery($EncryptedPartsElement, './sp:Body/following-sibling::*', $xpCache);
+        $this->assertCount(3, $EncryptedPartsElements);
+        $this->assertEquals('sp:Header', $EncryptedPartsElements[0]->tagName);
+        $this->assertEquals('sp:Attachments', $EncryptedPartsElements[1]->tagName);
+        $this->assertEquals('ssp:Chunk', $EncryptedPartsElements[2]->tagName);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/EncryptedSupportingTokensTest.php b/tests/WSSecurity/XML/sp/EncryptedSupportingTokensTest.php
new file mode 100644
index 00000000..4f25f821
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/EncryptedSupportingTokensTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\EncryptedSupportingTokens;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\EncryptedSupportingTokensTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\EncryptedSupportingTokens
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class EncryptedSupportingTokensTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = EncryptedSupportingTokens::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_EncryptedSupportingTokens.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/EncryptionTokenTest.php b/tests/WSSecurity/XML/sp/EncryptionTokenTest.php
new file mode 100644
index 00000000..697a32ad
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/EncryptionTokenTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\EncryptionToken;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\EncryptionTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\EncryptionToken
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class EncryptionTokenTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = EncryptionToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_EncryptionToken.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/EndorsingEncryptedSupportingTokensTest.php b/tests/WSSecurity/XML/sp/EndorsingEncryptedSupportingTokensTest.php
new file mode 100644
index 00000000..10b0fd95
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/EndorsingEncryptedSupportingTokensTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\EndorsingEncryptedSupportingTokens;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\EndorsingEncryptedSupportingTokensTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\EndorsingEncryptedSupportingTokens
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class EndorsingEncryptedSupportingTokensTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = EndorsingEncryptedSupportingTokens::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_EndorsingEncryptedSupportingTokens.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/EndorsingSupportingTokensTest.php b/tests/WSSecurity/XML/sp/EndorsingSupportingTokensTest.php
new file mode 100644
index 00000000..26876692
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/EndorsingSupportingTokensTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\EndorsingSupportingTokens;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\EndorsingSupportingTokensTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\EndorsingSupportingTokens
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class EndorsingSupportingTokensTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = EndorsingSupportingTokens::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_EndorsingSupportingTokens.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/HashPasswordTest.php b/tests/WSSecurity/XML/sp/HashPasswordTest.php
new file mode 100644
index 00000000..8b9a0de1
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/HashPasswordTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\HashPassword;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\HashPasswordTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\HashPassword
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class HashPasswordTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = HashPassword::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_HashPassword.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/HeaderTest.php b/tests/WSSecurity/XML/sp/HeaderTest.php
new file mode 100644
index 00000000..6c5dc902
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/HeaderTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\Header;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\HeaderTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\Header
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractHeaderType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class HeaderTest extends TestCase
+{
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$testedClass = Header::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_Header.xml',
+        );
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Test that creating a Header from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $header = new Header('urn:x-simplesamlphp:namespace', 'ssp:name', [$attr]);
+
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($header),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/HttpBasicAuthenticationTest.php b/tests/WSSecurity/XML/sp/HttpBasicAuthenticationTest.php
new file mode 100644
index 00000000..96ff70e4
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/HttpBasicAuthenticationTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\HttpBasicAuthentication;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\HttpBasicAuthenticationTestTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\HttpBasicAuthentication
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class HttpBasicAuthenticationTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = HttpBasicAuthentication::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_HttpBasicAuthentication.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/HttpDigestAuthenticationTest.php b/tests/WSSecurity/XML/sp/HttpDigestAuthenticationTest.php
new file mode 100644
index 00000000..dec780ef
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/HttpDigestAuthenticationTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\HttpDigestAuthentication;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\HttpDigestAuthenticationTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\HttpDigestAuthentication
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class HttpDigestAuthenticationTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = HttpDigestAuthentication::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_HttpDigestAuthentication.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/HttpsTokenTest.php b/tests/WSSecurity/XML/sp/HttpsTokenTest.php
new file mode 100644
index 00000000..cfcc8fd1
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/HttpsTokenTest.php
@@ -0,0 +1,85 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\Utils\XPath;
+use SimpleSAML\WSSecurity\XML\sp\HttpsToken;
+use SimpleSAML\WSSecurity\XML\sp\IncludeToken;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\HttpsTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\HttpsToken
+ * @covers \SimpleSAML\WSSecurity\XML\sp\IncludeTokenTypeTrait
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractTokenAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class HttpsTokenTest extends TestCase
+{
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = HttpsToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_HttpsToken.xml',
+        );
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Adding an empty HttpsToken element should yield an empty element.
+     */
+    public function testMarshallingEmptyElement(): void
+    {
+        $spns = C::NS_SEC_POLICY;
+        $httpsToken = new HttpsToken();
+        $this->assertEquals(
+            "<sp:HttpsToken xmlns:sp=\"$spns\"/>",
+            strval($httpsToken),
+        );
+        $this->assertTrue($httpsToken->isEmptyElement());
+    }
+
+
+    /**
+     * Test that creating a HttpsToken from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $httpsToken = new HttpsToken(IncludeToken::Always, [$chunk], [$attr]);
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($httpsToken),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/IncludeTimestampTest.php b/tests/WSSecurity/XML/sp/IncludeTimestampTest.php
new file mode 100644
index 00000000..7dc0cd80
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/IncludeTimestampTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\IncludeTimestamp;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\IncludeTimestampTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\IncludeTimestamp
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class IncludeTimestampTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = IncludeTimestamp::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_IncludeTimestamp.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/InclusiveC14NTest.php b/tests/WSSecurity/XML/sp/InclusiveC14NTest.php
new file mode 100644
index 00000000..c18be447
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/InclusiveC14NTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\InclusiveC14N;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\InclusiveC14NTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\InclusiveC14N
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class InclusiveC14NTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = InclusiveC14N::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_InclusiveC14N.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/InitiatorEncryptionTokenTest.php b/tests/WSSecurity/XML/sp/InitiatorEncryptionTokenTest.php
new file mode 100644
index 00000000..e04a9a1a
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/InitiatorEncryptionTokenTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\InitiatorEncryptionToken;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\InitiatorEncryptionTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\InitiatorEncryptionToken
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class InitiatorEncryptionTokenTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = InitiatorEncryptionToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_InitiatorEncryptionToken.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/InitiatorSignatureTokenTest.php b/tests/WSSecurity/XML/sp/InitiatorSignatureTokenTest.php
new file mode 100644
index 00000000..63af2dd2
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/InitiatorSignatureTokenTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\InitiatorSignatureToken;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\InitiatorSignatureTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\InitiatorSignatureToken
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class InitiatorSignatureTokenTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = InitiatorSignatureToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_InitiatorSignatureToken.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/InitiatorTokenTest.php b/tests/WSSecurity/XML/sp/InitiatorTokenTest.php
new file mode 100644
index 00000000..9be68fa1
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/InitiatorTokenTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\InitiatorToken;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\InitiatorTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\InitiatorToken
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class InitiatorTokenTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = InitiatorToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_InitiatorToken.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/IssuedTokenTest.php b/tests/WSSecurity/XML/sp/IssuedTokenTest.php
new file mode 100644
index 00000000..1549115a
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/IssuedTokenTest.php
@@ -0,0 +1,111 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\Utils\XPath;
+use SimpleSAML\WSSecurity\XML\sp\IncludeToken;
+use SimpleSAML\WSSecurity\XML\sp\IssuedToken;
+use SimpleSAML\WSSecurity\XML\sp\IssuerName;
+use SimpleSAML\WSSecurity\XML\sp\RequestSecurityTokenTemplate;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\IssuedTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\IssuedToken
+ * @covers \SimpleSAML\WSSecurity\XML\sp\IncludeTokenTypeTrait
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractIssuedTokenType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class IssuedTokenTest extends TestCase
+{
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = IssuedToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_IssuedToken.xml',
+        );
+    }
+
+
+    /**
+     */
+    public function testMarshallingElementOrdering(): void
+    {
+        $issuer = new IssuerName('urn:x-simplesamlphp:issuer');
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+        $requestSecurityTokenTemplate = new RequestSecurityTokenTemplate(
+            'urn:x-simplesamlphp:version',
+            [$chunk],
+            [$attr],
+        );
+
+        $issuedToken = new IssuedToken($requestSecurityTokenTemplate, $issuer, IncludeToken::Always, [$chunk], [$attr]);
+        $issuedTokenElement = $issuedToken->toXML();
+
+        // Test for a Issuer
+        $xpCache = XPath::getXPath($issuedTokenElement);
+        $issuedTokenElements = XPath::xpQuery($issuedTokenElement, './sp:IssuerName', $xpCache);
+        $this->assertCount(1, $issuedTokenElements);
+
+        // Test ordering of IssuedToken contents
+        /** @psalm-var \DOMElement[] $issuedTokenElements */
+        $issuedTokenElements = XPath::xpQuery($issuedTokenElement, './sp:IssuerName/following-sibling::*', $xpCache);
+        $this->assertCount(2, $issuedTokenElements);
+        $this->assertEquals('sp:RequestSecurityTokenTemplate', $issuedTokenElements[0]->tagName);
+        $this->assertEquals('ssp:Chunk', $issuedTokenElements[1]->tagName);
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Test that creating a IssuedToken from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $issuer = new IssuerName('urn:x-simplesamlphp:issuer');
+        $requestSecurityTokenTemplate = new RequestSecurityTokenTemplate(
+            'urn:x-simplesamlphp:version',
+            [$chunk],
+            [$attr],
+        );
+
+        $issuedToken = new IssuedToken($requestSecurityTokenTemplate, $issuer, IncludeToken::Always, [$chunk], [$attr]);
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($issuedToken),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/IssuerNameTest.php b/tests/WSSecurity/XML/sp/IssuerNameTest.php
new file mode 100644
index 00000000..55265743
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/IssuerNameTest.php
@@ -0,0 +1,57 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\IssuerName;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+use function strval;
+
+/**
+ * Tests for IssuerName.
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\IssuerName
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class IssuerNameTest extends TestCase
+{
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$testedClass = IssuerName::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_IssuerName.xml',
+        );
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Test creating a IssuerName object from scratch.
+     */
+    public function testMarshalling(): void
+    {
+        $issuerName = new IssuerName('urn:x-simplesamlphp:namespace');
+
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($issuerName),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/IssuerTest.php b/tests/WSSecurity/XML/sp/IssuerTest.php
new file mode 100644
index 00000000..a72cedac
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/IssuerTest.php
@@ -0,0 +1,100 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\wsa;
+
+use DOMDocument;
+use DOMElement;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Assert\AssertionFailedException;
+use SimpleSAML\WSSecurity\Constants;
+use SimpleSAML\WSSecurity\XML\sp\Issuer;
+use SimpleSAML\WSSecurity\XML\wsa\Address;
+use SimpleSAML\WSSecurity\XML\wsa\Metadata;
+use SimpleSAML\WSSecurity\XML\wsa\ReferenceParameters;
+use SimpleSAML\XML\Attribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+use function strval;
+
+/**
+ * Tests for sp:Issuer.
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\Issuer
+ * @covers \SimpleSAML\WSSecurity\XML\wsa\AbstractEndpointReferenceType
+ * @covers \SimpleSAML\WSSecurity\XML\wsa\AbstractWsaElement
+ * @package tvdijen/ws-security
+ */
+final class IssuerTest extends TestCase
+{
+    use SerializableElementTestTrait;
+
+    /** @var \DOMElement $referenceParametersContent */
+    protected static DOMElement $referenceParametersContent;
+
+    /** @var \DOMElement $metadataContent */
+    protected static DOMElement $metadataContent;
+
+    /** @var \DOMElement $customContent */
+    protected static DOMElement $customContent;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$testedClass = Issuer::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::FromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_Issuer.xml'
+        );
+
+        self::$referenceParametersContent = DOMDocumentFactory::fromString(
+            '<m:GetPrice xmlns:m="https://www.w3schools.com/prices"><m:Item>Pears</m:Item></m:GetPrice>'
+        )->documentElement;
+
+        self::$metadataContent = DOMDocumentFactory::fromString(
+            '<m:GetPrice xmlns:m="https://www.w3schools.com/prices"><m:Item>Apples</m:Item></m:GetPrice>'
+        )->documentElement;
+
+        self::$customContent = DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">SomeChunk</ssp:Chunk>'
+        )->documentElement;
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Test creating an Issuer object from scratch.
+     */
+    public function testMarshalling(): void
+    {
+        $attr1 = new Attribute('urn:x-simplesamlphp:namespace', 'ssp', 'test1', 'value1');
+        $attr2 = new Attribute('urn:x-simplesamlphp:namespace', 'ssp', 'test2', 'value2');
+        $attr3 = new Attribute('urn:x-simplesamlphp:namespace', 'ssp', 'test3', 'value3');
+        $attr4 = new Attribute('urn:x-simplesamlphp:namespace', 'ssp', 'test4', 'value4');
+
+        $referenceParameters = new ReferenceParameters([new Chunk(self::$referenceParametersContent)], [$attr4]);
+        $metadata = new Metadata([new Chunk(self::$metadataContent)], [$attr3]);
+        $chunk = new Chunk(self::$customContent);
+
+        $issuer = new Issuer(
+            new Address('https://login.microsoftonline.com/login.srf', [$attr2]),
+            [$referenceParameters],
+            [$metadata],
+            [$chunk],
+            [$attr1],
+        );
+
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($issuer)
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/KerberosTokenTest.php b/tests/WSSecurity/XML/sp/KerberosTokenTest.php
new file mode 100644
index 00000000..e3cceeca
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/KerberosTokenTest.php
@@ -0,0 +1,85 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\Utils\XPath;
+use SimpleSAML\WSSecurity\XML\sp\IncludeToken;
+use SimpleSAML\WSSecurity\XML\sp\KerberosToken;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\KerberosTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\KerberosToken
+ * @covers \SimpleSAML\WSSecurity\XML\sp\IncludeTokenTypeTrait
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractTokenAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class KerberosTokenTest extends TestCase
+{
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = KerberosToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_KerberosToken.xml',
+        );
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Adding an empty KerberosToken element should yield an empty element.
+     */
+    public function testMarshallingEmptyElement(): void
+    {
+        $spns = C::NS_SEC_POLICY;
+        $kerberosToken = new KerberosToken();
+        $this->assertEquals(
+            "<sp:KerberosToken xmlns:sp=\"$spns\"/>",
+            strval($kerberosToken),
+        );
+        $this->assertTrue($kerberosToken->isEmptyElement());
+    }
+
+
+    /**
+     * Test that creating a KerberosToken from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $kerberosToken = new KerberosToken(IncludeToken::Always, [$chunk], [$attr]);
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($kerberosToken),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/KeyValueTokenTest.php b/tests/WSSecurity/XML/sp/KeyValueTokenTest.php
new file mode 100644
index 00000000..25ae2a67
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/KeyValueTokenTest.php
@@ -0,0 +1,85 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\Utils\XPath;
+use SimpleSAML\WSSecurity\XML\sp\IncludeToken;
+use SimpleSAML\WSSecurity\XML\sp\KeyValueToken;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\KeyValueTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\KeyValueToken
+ * @covers \SimpleSAML\WSSecurity\XML\sp\IncludeTokenTypeTrait
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractKeyValueTokenType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class KeyValueTokenTest extends TestCase
+{
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = KeyValueToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_KeyValueToken.xml',
+        );
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Adding an empty KeyValueToken element should yield an empty element.
+     */
+    public function testMarshallingEmptyElement(): void
+    {
+        $spns = C::NS_SEC_POLICY;
+        $keyValueToken = new KeyValueToken();
+        $this->assertEquals(
+            "<sp:KeyValueToken xmlns:sp=\"$spns\"/>",
+            strval($keyValueToken),
+        );
+        $this->assertTrue($keyValueToken->isEmptyElement());
+    }
+
+
+    /**
+     * Test that creating a KeyValueToken from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $keyValueToken = new KeyValueToken(IncludeToken::Always, [$chunk], [$attr]);
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($keyValueToken),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/LaxTest.php b/tests/WSSecurity/XML/sp/LaxTest.php
new file mode 100644
index 00000000..4dab9948
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/LaxTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\Lax;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\LaxTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\Lax
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class LaxTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = Lax::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_Lax.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/LaxTsFirstTest.php b/tests/WSSecurity/XML/sp/LaxTsFirstTest.php
new file mode 100644
index 00000000..0b1b5bfd
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/LaxTsFirstTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\LaxTsFirst;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\LaxTsFirstTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\LaxTsFirst
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class LaxTsFirstTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = LaxTsFirst::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_LaxTsFirst.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/LaxTsLastTest.php b/tests/WSSecurity/XML/sp/LaxTsLastTest.php
new file mode 100644
index 00000000..da7e7ea1
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/LaxTsLastTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\LaxTsLast;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\LaxTsLastTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\LaxTsLast
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class LaxTsLastTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = LaxTsLast::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_LaxTsLast.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/LayoutTest.php b/tests/WSSecurity/XML/sp/LayoutTest.php
new file mode 100644
index 00000000..2f503f56
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/LayoutTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\Layout;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\LayoutTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\Layout
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class LayoutTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = Layout::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_Layout.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/MustNotSendAmendTest.php b/tests/WSSecurity/XML/sp/MustNotSendAmendTest.php
new file mode 100644
index 00000000..31555be0
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/MustNotSendAmendTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\MustNotSendAmend;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\MustNotSendAmendTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\MustNotSendAmend
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustNotSendAmendTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = MustNotSendAmend::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_MustNotSendAmend.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/MustNotSendCancelTest.php b/tests/WSSecurity/XML/sp/MustNotSendCancelTest.php
new file mode 100644
index 00000000..b2fb33fe
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/MustNotSendCancelTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\MustNotSendCancel;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\MustNotSendCancelTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\MustNotSendCancel
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustNotSendCancelTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = MustNotSendCancel::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_MustNotSendCancel.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/MustNotSendRenewTest.php b/tests/WSSecurity/XML/sp/MustNotSendRenewTest.php
new file mode 100644
index 00000000..326995f2
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/MustNotSendRenewTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\MustNotSendRenew;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\MustNotSendRenewTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\MustNotSendRenew
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustNotSendRenewTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = MustNotSendRenew::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_MustNotSendRenew.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/MustSupportClientChallengeTest.php b/tests/WSSecurity/XML/sp/MustSupportClientChallengeTest.php
new file mode 100644
index 00000000..f4e716c1
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/MustSupportClientChallengeTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\MustSupportClientChallenge;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\MustSupportClientChallengeTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\MustSupportClientChallenge
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustSupportClientChallengeTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = MustSupportClientChallenge::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_MustSupportClientChallenge.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/MustSupportIssuedTokensTest.php b/tests/WSSecurity/XML/sp/MustSupportIssuedTokensTest.php
new file mode 100644
index 00000000..ffcaeb2e
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/MustSupportIssuedTokensTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\MustSupportIssuedTokens;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\MustSupportIssuedTokensTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\MustSupportIssuedTokens
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustSupportIssuedTokensTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = MustSupportIssuedTokens::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_MustSupportIssuedTokens.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/MustSupportRefEmbeddedTokenTest.php b/tests/WSSecurity/XML/sp/MustSupportRefEmbeddedTokenTest.php
new file mode 100644
index 00000000..155389ae
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/MustSupportRefEmbeddedTokenTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\MustSupportRefEmbeddedToken;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\MustSupportRefEmbeddedTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\MustSupportRefEmbeddedToken
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustSupportRefEmbeddedTokenTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = MustSupportRefEmbeddedToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_MustSupportRefEmbeddedToken.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/MustSupportRefEncryptedKeyTest.php b/tests/WSSecurity/XML/sp/MustSupportRefEncryptedKeyTest.php
new file mode 100644
index 00000000..bf916eca
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/MustSupportRefEncryptedKeyTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\MustSupportRefEncryptedKey;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\MustSupportRefEncryptedKeyTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\MustSupportRefEncryptedKey
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustSupportRefEncryptedKeyTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = MustSupportRefEncryptedKey::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_MustSupportRefEncryptedKey.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/MustSupportRefExternalURITest.php b/tests/WSSecurity/XML/sp/MustSupportRefExternalURITest.php
new file mode 100644
index 00000000..9c1e279b
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/MustSupportRefExternalURITest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\MustSupportRefExternalURI;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\MustSupportRefExternalURITest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\MustSupportRefExternalURI
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustSupportRefExternalURITest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = MustSupportRefExternalURI::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_MustSupportRefExternalURI.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/MustSupportRefIssuerSerialTest.php b/tests/WSSecurity/XML/sp/MustSupportRefIssuerSerialTest.php
new file mode 100644
index 00000000..5e13f7f9
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/MustSupportRefIssuerSerialTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\MustSupportRefIssuerSerial;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\MustSupportRefIssuerSerialTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\MustSupportRefIssuerSerial
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustSupportRefIssuerSerialTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = MustSupportRefIssuerSerial::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_MustSupportRefIssuerSerial.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/MustSupportRefKeyIdentifierTest.php b/tests/WSSecurity/XML/sp/MustSupportRefKeyIdentifierTest.php
new file mode 100644
index 00000000..c21e3902
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/MustSupportRefKeyIdentifierTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\MustSupportRefKeyIdentifier;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\MustSupportRefKeyIdentifierTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\MustSupportRefKeyIdentifier
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustSupportRefKeyIdentifierTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = MustSupportRefKeyIdentifier::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_MustSupportRefKeyIdentifier.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/MustSupportRefThumbprintTest.php b/tests/WSSecurity/XML/sp/MustSupportRefThumbprintTest.php
new file mode 100644
index 00000000..9e0001b8
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/MustSupportRefThumbprintTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\MustSupportRefThumbprint;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\MustSupportRefThumbprintTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\MustSupportRefThumbprint
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustSupportRefThumbprintTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = MustSupportRefThumbprint::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_MustSupportRefThumbprint.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/MustSupportServerChallengeTest.php b/tests/WSSecurity/XML/sp/MustSupportServerChallengeTest.php
new file mode 100644
index 00000000..5271b102
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/MustSupportServerChallengeTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\MustSupportServerChallenge;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\MustSupportServerChallengeTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\MustSupportServerChallenge
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class MustSupportServerChallengeTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = MustSupportServerChallenge::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_MustSupportServerChallenge.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/NestedPolicyTypeTestTrait.php b/tests/WSSecurity/XML/sp/NestedPolicyTypeTestTrait.php
new file mode 100644
index 00000000..b87f8a92
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/NestedPolicyTypeTestTrait.php
@@ -0,0 +1,138 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+
+use function sprintf;
+use function strval;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\NestedPolicyTypeTestTrait
+ *
+ * @package tvdijen/ws-security
+ */
+trait NestedPolicyTypeTestTrait
+{
+    // test marshalling
+
+
+    /**
+     * Test that creating a NestedPolicyType from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $np = new static::$testedClass([static::$chunk], [static::$attr]);
+
+        $this->assertEquals(
+            static::$xmlRepresentation->saveXML(static::$xmlRepresentation->documentElement),
+            strval($np),
+        );
+    }
+
+
+    /**
+     * Test that creating a NestedPolicyType from scratch without attributes works.
+     */
+    public function testMarshallingWithoutNSAttr(): void
+    {
+        $xml = <<<XML
+<sp:%s xmlns:sp="%s">
+  <ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>
+</sp:%s>
+XML;
+        $localName = static::$testedClass::getLocalName();
+        $xml = sprintf($xml, $localName, C::NS_SEC_POLICY, $localName);
+        $xmlRepresentation = DOMDocumentFactory::fromString($xml);
+
+        $np = new static::$testedClass([static::$chunk]);
+
+        $this->assertEquals(
+            $xmlRepresentation->saveXML($xmlRepresentation->documentElement),
+            strval($np),
+        );
+    }
+
+
+    /**
+     * Test that creating a NestedPolicyType from scratch without children works.
+     */
+    public function testMarshallingWithoutChildren(): void
+    {
+        $xml = '<sp:%s xmlns:sp="%s" xmlns:ssp="%s" ssp:attr1="value1"/>';
+        $localName = static::$testedClass::getLocalName();
+        $xml = sprintf($xml, $localName, C::NS_SEC_POLICY, C::NAMESPACE);
+        $xmlRepresentation = DOMDocumentFactory::fromString($xml);
+
+        $qns = new static::$testedClass([], [static::$attr]);
+
+        $this->assertEquals(
+            $xmlRepresentation->saveXML($xmlRepresentation->documentElement),
+            strval($qns),
+        );
+    }
+
+
+    /**
+     * Adding an empty NestedPolicyType element should yield an empty element.
+     */
+    public function testMarshallingEmptyElement(): void
+    {
+        $np = new static::$testedClass();
+        $this->assertEquals(
+            sprintf("<sp:%s xmlns:sp=\"%s\"/>", static::$testedClass::getLocalName(), C::NS_SEC_POLICY),
+            strval($np),
+        );
+        $this->assertTrue($np->isEmptyElement());
+    }
+
+
+    // test unmarshalling
+
+
+    /**
+     * Test that creating a NestedPolicyType from XML without attributes succeeds.
+     */
+    public function testUnmarshallingWithoutNSAttr(): void
+    {
+        $xml = <<<XML
+<sp:%s xmlns:sp="%s">
+  <ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>
+</sp:%s>
+XML;
+        $localName = static::$testedClass::getLocalName();
+        $xml = sprintf($xml, $localName, C::NS_SEC_POLICY, $localName);
+        $xmlRepresentation = DOMDocumentFactory::fromString($xml);
+
+        $np = static::$testedClass::fromXML($xmlRepresentation->documentElement);
+
+        $this->assertEquals(
+            $xmlRepresentation->saveXML($xmlRepresentation->documentElement),
+            strval($np),
+        );
+    }
+
+
+    /**
+     * Test that creating a NestedPolicyType from XML without children succeeds.
+     */
+    public function testUnmarshallingWithoutChildren(): void
+    {
+        $xml = '<sp:%s xmlns:sp="%s" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>';
+        $localName = static::$testedClass::getLocalName();
+        $xml = sprintf($xml, $localName, C::NS_SEC_POLICY);
+        $xmlRepresentation = DOMDocumentFactory::fromString($xml);
+
+        $np = static::$testedClass::fromXML($xmlRepresentation->documentElement);
+
+        $this->assertEquals(
+            $xmlRepresentation->saveXML($xmlRepresentation->documentElement),
+            strval($np),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/NoPasswordTest.php b/tests/WSSecurity/XML/sp/NoPasswordTest.php
new file mode 100644
index 00000000..2d4b1003
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/NoPasswordTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\NoPassword;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\NoPasswordTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\NoPassword
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class NoPasswordTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = NoPassword::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_NoPassword.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/OnlySignEntireHeadersAndBodyTest.php b/tests/WSSecurity/XML/sp/OnlySignEntireHeadersAndBodyTest.php
new file mode 100644
index 00000000..2eaf9650
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/OnlySignEntireHeadersAndBodyTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\OnlySignEntireHeadersAndBody;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\OnlySignEntireHeadersAndBodyTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\OnlySignEntireHeadersAndBody
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class OnlySignEntireHeadersAndBodyTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = OnlySignEntireHeadersAndBody::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_OnlySignEntireHeadersAndBody.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/ProtectTokensTest.php b/tests/WSSecurity/XML/sp/ProtectTokensTest.php
new file mode 100644
index 00000000..018ee2a3
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/ProtectTokensTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\ProtectTokens;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\ProtectTokensTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\ProtectTokens
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class ProtectTokensTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = ProtectTokens::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_ProtectTokens.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/ProtectionTokenTest.php b/tests/WSSecurity/XML/sp/ProtectionTokenTest.php
new file mode 100644
index 00000000..fb8a1505
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/ProtectionTokenTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\ProtectionToken;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\ProtectionTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\ProtectionToken
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class ProtectionTokenTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = ProtectionToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_ProtectionToken.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/QNameAssertionTypeTestTrait.php b/tests/WSSecurity/XML/sp/QNameAssertionTypeTestTrait.php
new file mode 100644
index 00000000..08255408
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/QNameAssertionTypeTestTrait.php
@@ -0,0 +1,75 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+
+use function strval;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\QNameAssertionTypeTestTrait
+ *
+ * @package tvdijen/ws-security
+ */
+trait QNameAssertionTypeTestTrait
+{
+    // test marshalling
+
+
+    /**
+     * Test that creating a QNameAssertionType from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $qns = new static::$testedClass([$attr]);
+
+        $this->assertEquals(
+            static::$xmlRepresentation->saveXML(static::$xmlRepresentation->documentElement),
+            strval($qns),
+        );
+    }
+
+
+    /**
+     * Test that creating a QNameAssertionType from scratch without attributes works.
+     */
+    public function testMarshallingWithoutNSAttr(): void
+    {
+        $xmlRepresentation = clone static::$xmlRepresentation;
+        $xmlRepresentation->documentElement->removeAttributeNS(C::NAMESPACE, 'attr1');
+        $xmlRepresentation->documentElement->removeAttributeNS(C::NAMESPACE, 'ssp');
+
+        $qns = new static::$testedClass();
+
+        $this->assertEquals(
+            $xmlRepresentation->saveXML($xmlRepresentation->documentElement),
+            strval($qns),
+        );
+    }
+
+
+    // test unmarshalling
+
+
+    /**
+     * Test that creating a QNameAssertionType from XML without attributes succeeds.
+     */
+    public function testUnmarshallingWithoutNSAttr(): void
+    {
+        $xmlRepresentation = clone static::$xmlRepresentation;
+        $xmlRepresentation->documentElement->removeAttributeNS(C::NAMESPACE, 'attr1');
+        $xmlRepresentation->documentElement->removeAttributeNS(C::NAMESPACE, 'ssp');
+
+        $qna = static::$testedClass::fromXML($xmlRepresentation->documentElement);
+
+        $this->assertEquals(
+            $xmlRepresentation->saveXML($xmlRepresentation->documentElement),
+            strval($qna),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RecipientEncryptionTokenTest.php b/tests/WSSecurity/XML/sp/RecipientEncryptionTokenTest.php
new file mode 100644
index 00000000..b8093256
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RecipientEncryptionTokenTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\RecipientEncryptionToken;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RecipientEncryptionTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RecipientEncryptionToken
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RecipientEncryptionTokenTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = RecipientEncryptionToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RecipientEncryptionToken.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RecipientSignatureTokenTest.php b/tests/WSSecurity/XML/sp/RecipientSignatureTokenTest.php
new file mode 100644
index 00000000..37c6c322
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RecipientSignatureTokenTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\RecipientSignatureToken;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RecipientSignatureTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RecipientSignatureToken
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RecipientSignatureTokenTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = RecipientSignatureToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RecipientSignatureToken.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RecipientTokenTest.php b/tests/WSSecurity/XML/sp/RecipientTokenTest.php
new file mode 100644
index 00000000..3a4aedbc
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RecipientTokenTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\RecipientToken;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RecipientTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RecipientToken
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RecipientTokenTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = RecipientToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RecipientToken.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RelTokenTest.php b/tests/WSSecurity/XML/sp/RelTokenTest.php
new file mode 100644
index 00000000..9cd1ec8b
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RelTokenTest.php
@@ -0,0 +1,85 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\Utils\XPath;
+use SimpleSAML\WSSecurity\XML\sp\IncludeToken;
+use SimpleSAML\WSSecurity\XML\sp\RelToken;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RelTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RelToken
+ * @covers \SimpleSAML\WSSecurity\XML\sp\IncludeTokenTypeTrait
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractTokenAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RelTokenTest extends TestCase
+{
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = RelToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RelToken.xml',
+        );
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Adding an empty RelToken element should yield an empty element.
+     */
+    public function testMarshallingEmptyElement(): void
+    {
+        $spns = C::NS_SEC_POLICY;
+        $relToken = new RelToken();
+        $this->assertEquals(
+            "<sp:RelToken xmlns:sp=\"$spns\"/>",
+            strval($relToken),
+        );
+        $this->assertTrue($relToken->isEmptyElement());
+    }
+
+
+    /**
+     * Test that creating a RelToken from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $relToken = new RelToken(IncludeToken::Always, [$chunk], [$attr]);
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($relToken),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RequestSecurityTokenTemplateTest.php b/tests/WSSecurity/XML/sp/RequestSecurityTokenTemplateTest.php
new file mode 100644
index 00000000..93dae9e3
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RequestSecurityTokenTemplateTest.php
@@ -0,0 +1,83 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\RequestSecurityTokenTemplate;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RequestSecurityTokenTemplateTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RequestSecurityTokenTemplate
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractRequestSecurityTokenTemplateType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequestSecurityTokenTemplateTest extends TestCase
+{
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$testedClass = RequestSecurityTokenTemplate::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RequestSecurityTokenTemplate.xml',
+        );
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Test that creating a RequestSecurityTokenTemplate from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $RequestSecurityTokenTemplateElements = new RequestSecurityTokenTemplate(
+            'urn:x-simplesamlphp:version',
+            [$chunk],
+            [$attr],
+        );
+
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($RequestSecurityTokenTemplateElements),
+        );
+    }
+
+
+    /**
+     * Adding an empty RequestSecurityTokenTemplate element should yield an empty element.
+     */
+    public function testMarshallingEmptyElement(): void
+    {
+        $spns = C::NS_SEC_POLICY;
+        $RequestSecurityTokenTemplate = new RequestSecurityTokenTemplate();
+        $this->assertEquals(
+            "<sp:RequestSecurityTokenTemplate xmlns:sp=\"$spns\"/>",
+            strval($RequestSecurityTokenTemplate),
+        );
+        $this->assertTrue($RequestSecurityTokenTemplate->isEmptyElement());
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RequireAppliesToTest.php b/tests/WSSecurity/XML/sp/RequireAppliesToTest.php
new file mode 100644
index 00000000..5668a9be
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RequireAppliesToTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\RequireAppliesTo;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RequireAppliesToTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RequireAppliesTo
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireAppliesToTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = RequireAppliesTo::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RequireAppliesTo.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RequireClientCertificateTest.php b/tests/WSSecurity/XML/sp/RequireClientCertificateTest.php
new file mode 100644
index 00000000..2410bf6b
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RequireClientCertificateTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\RequireClientCertificate;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RequireClientCertificateTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RequireClientCertificate
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireClientCertificateTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = RequireClientCertificate::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RequireClientCertificate.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RequireClientEntropyTest.php b/tests/WSSecurity/XML/sp/RequireClientEntropyTest.php
new file mode 100644
index 00000000..df439f44
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RequireClientEntropyTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\RequireClientEntropy;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RequireClientEntropyTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RequireClientEntropy
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireClientEntropyTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = RequireClientEntropy::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RequireClientEntropy.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RequireDerivedKeysTest.php b/tests/WSSecurity/XML/sp/RequireDerivedKeysTest.php
new file mode 100644
index 00000000..bcdb5d20
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RequireDerivedKeysTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\RequireDerivedKeys;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RequireDerivedKeysTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RequireDerivedKeys
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireDerivedKeysTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = RequireDerivedKeys::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RequireDerivedKeys.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RequireEmbeddedTokenReferenceTest.php b/tests/WSSecurity/XML/sp/RequireEmbeddedTokenReferenceTest.php
new file mode 100644
index 00000000..4f5fc6e6
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RequireEmbeddedTokenReferenceTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\RequireEmbeddedTokenReference;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RequireEmbeddedTokenReferenceTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RequireEmbeddedTokenReference
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireEmbeddedTokenReferenceTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = RequireEmbeddedTokenReference::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RequireEmbeddedTokenReference.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RequireExplicitDerivedKeysTest.php b/tests/WSSecurity/XML/sp/RequireExplicitDerivedKeysTest.php
new file mode 100644
index 00000000..bc4f8bfa
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RequireExplicitDerivedKeysTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\RequireExplicitDerivedKeys;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RequireExplicitDerivedKeysTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RequireExplicitDerivedKeys
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireExplicitDerivedKeysTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = RequireExplicitDerivedKeys::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RequireExplicitDerivedKeys.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RequireExternalUriReferenceTest.php b/tests/WSSecurity/XML/sp/RequireExternalUriReferenceTest.php
new file mode 100644
index 00000000..87425300
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RequireExternalUriReferenceTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\RequireExternalUriReference;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RequireExternalUriReferenceTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RequireExternalUriReference
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireExternalUriReferenceTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = RequireExternalUriReference::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RequireExternalUriReference.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RequireImpliedDerivedKeysTest.php b/tests/WSSecurity/XML/sp/RequireImpliedDerivedKeysTest.php
new file mode 100644
index 00000000..c88bd50e
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RequireImpliedDerivedKeysTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\RequireImpliedDerivedKeys;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RequireImpliedDerivedKeysTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RequireImpliedDerivedKeys
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireImpliedDerivedKeysTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = RequireImpliedDerivedKeys::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RequireImpliedDerivedKeys.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RequireInternalReferenceTest.php b/tests/WSSecurity/XML/sp/RequireInternalReferenceTest.php
new file mode 100644
index 00000000..2484b806
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RequireInternalReferenceTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\RequireInternalReference;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RequireInternalReferenceTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RequireInternalReference
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireInternalReferenceTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = RequireInternalReference::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RequireInternalReference.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RequireIssuerSerialReferenceTest.php b/tests/WSSecurity/XML/sp/RequireIssuerSerialReferenceTest.php
new file mode 100644
index 00000000..351ad3f8
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RequireIssuerSerialReferenceTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\RequireIssuerSerialReference;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RequireIssuerSerialReferenceTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RequireIssuerSerialReference
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireIssuerSerialReferenceTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = RequireIssuerSerialReference::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RequireIssuerSerialReference.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RequireKeyIdentifierReferenceTest.php b/tests/WSSecurity/XML/sp/RequireKeyIdentifierReferenceTest.php
new file mode 100644
index 00000000..ee353801
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RequireKeyIdentifierReferenceTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\RequireKeyIdentifierReference;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RequireKeyIdentifierReferenceTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RequireKeyIdentifierReference
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireKeyIdentifierReferenceTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = RequireKeyIdentifierReference::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RequireKeyIdentifierReference.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RequireRequestSecurityTokenCollectionTest.php b/tests/WSSecurity/XML/sp/RequireRequestSecurityTokenCollectionTest.php
new file mode 100644
index 00000000..76f4f1b0
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RequireRequestSecurityTokenCollectionTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\RequireRequestSecurityTokenCollection;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RequireRequestSecurityTokenCollectionTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RequireRequestSecurityTokenCollection
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireRequestSecurityTokenCollectionTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = RequireRequestSecurityTokenCollection::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RequireRequestSecurityTokenCollection.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RequireServerEntropyTest.php b/tests/WSSecurity/XML/sp/RequireServerEntropyTest.php
new file mode 100644
index 00000000..eae036ae
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RequireServerEntropyTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\RequireServerEntropy;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RequireServerEntropyTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RequireServerEntropy
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireServerEntropyTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = RequireServerEntropy::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RequireServerEntropy.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RequireSignatureConfirmationTest.php b/tests/WSSecurity/XML/sp/RequireSignatureConfirmationTest.php
new file mode 100644
index 00000000..3d05e733
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RequireSignatureConfirmationTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\RequireSignatureConfirmation;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RequireSignatureConfirmationTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RequireSignatureConfirmation
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireSignatureConfirmationTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = RequireSignatureConfirmation::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RequireSignatureConfirmation.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RequireThumbprintReferenceTest.php b/tests/WSSecurity/XML/sp/RequireThumbprintReferenceTest.php
new file mode 100644
index 00000000..79332672
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RequireThumbprintReferenceTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\RequireThumbprintReference;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RequireThumbprintReferenceTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RequireThumbprintReference
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequireThumbprintReferenceTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = RequireThumbprintReference::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RequireThumbprintReference.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RequiredElementsTest.php b/tests/WSSecurity/XML/sp/RequiredElementsTest.php
new file mode 100644
index 00000000..071c4b74
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RequiredElementsTest.php
@@ -0,0 +1,101 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\Utils\XPath as XMLXPath;
+use SimpleSAML\WSSecurity\XML\sp\RequiredElements;
+use SimpleSAML\WSSecurity\XML\sp\XPath;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RequiredElementsTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RequiredElements
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSerElementsType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequiredElementsTest extends TestCase
+{
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = RequiredElements::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RequiredElements.xml',
+        );
+    }
+
+
+    /**
+     */
+    public function testMarshallingElementOrdering(): void
+    {
+        $xpath = new XPath('/bookstore/book[price>35.00]/title');
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $requiredElements = new RequiredElements([$xpath], 'urn:x-simplesamlphp:version', [$chunk], [$attr]);
+        $requiredElementsElement = $requiredElements->toXML();
+
+        // Test for an XPath
+        $xpCache = XMLXPath::getXPath($requiredElementsElement);
+        $requiredElementsElements = XMLXPath::xpQuery($requiredElementsElement, './sp:XPath', $xpCache);
+        $this->assertCount(1, $requiredElementsElements);
+
+        // Test ordering of RequiredElements contents
+        /** @psalm-var \DOMElement[] $requiredElementsElements */
+        $requiredElementsElements = XMLXPath::xpQuery(
+            $requiredElementsElement,
+            './sp:XPath/following-sibling::*',
+            $xpCache,
+        );
+
+        $this->assertCount(1, $requiredElementsElements);
+        $this->assertEquals('ssp:Chunk', $requiredElementsElements[0]->tagName);
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Test that creating a RequiredElements from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $xpath = new XPath('/bookstore/book[price>35.00]/title');
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $requiredElements = new RequiredElements([$xpath], 'urn:x-simplesamlphp:version', [$chunk], [$attr]);
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($requiredElements),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RequiredPartsTest.php b/tests/WSSecurity/XML/sp/RequiredPartsTest.php
new file mode 100644
index 00000000..301bfc09
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RequiredPartsTest.php
@@ -0,0 +1,111 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\Utils\XPath;
+use SimpleSAML\WSSecurity\XML\sp\Header;
+use SimpleSAML\WSSecurity\XML\sp\RequiredParts;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RequiredPartsTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RequiredParts
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractReqPartsType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RequiredPartsTest extends TestCase
+{
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = RequiredParts::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RequiredParts.xml',
+        );
+    }
+
+
+    /**
+     * Adding an empty RequiredParts element should yield an empty element.
+     */
+    public function testMarshallingEmptyElement(): void
+    {
+        $spns = C::NS_SEC_POLICY;
+        $requiredParts = new RequiredParts([]);
+        $this->assertEquals(
+            "<sp:RequiredParts xmlns:sp=\"$spns\"/>",
+            strval($requiredParts),
+        );
+        $this->assertTrue($requiredParts->isEmptyElement());
+    }
+
+
+    /**
+     */
+    public function testMarshallingElementOrdering(): void
+    {
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $header = new Header('urn:x-simplesamlphp:namespace', 'ssp:name', [$attr]);
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $RequiredParts = new RequiredParts([$header], [$chunk], [$attr]);
+        $RequiredPartsElement = $RequiredParts->toXML();
+
+        // Test for a Header
+        $xpCache = XPath::getXPath($RequiredPartsElement);
+        $RequiredPartsElements = XPath::xpQuery($RequiredPartsElement, './sp:Header', $xpCache);
+        $this->assertCount(1, $RequiredPartsElements);
+
+        // Test ordering of RequiredParts contents
+        /** @psalm-var \DOMElement[] $RequiredPartsElements */
+        $RequiredPartsElements = XPath::xpQuery($RequiredPartsElement, './sp:Header/following-sibling::*', $xpCache);
+        $this->assertCount(1, $RequiredPartsElements);
+        $this->assertEquals('ssp:Chunk', $RequiredPartsElements[0]->tagName);
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Test that creating a RequiredParts from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $header = new Header('urn:x-simplesamlphp:namespace', 'ssp:name', [$attr]);
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $RequiredParts = new RequiredParts([$header], [$chunk], [$attr]);
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($RequiredParts),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/RsaKeyValueTest.php b/tests/WSSecurity/XML/sp/RsaKeyValueTest.php
new file mode 100644
index 00000000..30726346
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/RsaKeyValueTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\RsaKeyValue;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RsaKeyValueTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\RsaKeyValue
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class RsaKeyValueTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = RsaKeyValue::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_RsaKeyValue.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/SC13SecurityContextTokenTest.php b/tests/WSSecurity/XML/sp/SC13SecurityContextTokenTest.php
new file mode 100644
index 00000000..ad8022cb
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/SC13SecurityContextTokenTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\SC13SecurityContextToken;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\SC13SecurityContextTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\SC13SecurityContextToken
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class SC13SecurityContextTokenTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = SC13SecurityContextToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_SC13SecurityContextToken.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/SOAPNormalization10Test.php b/tests/WSSecurity/XML/sp/SOAPNormalization10Test.php
new file mode 100644
index 00000000..5e6f2dc1
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/SOAPNormalization10Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\SOAPNormalization10;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\SOAPNormalization10Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\SOAPNormalization10
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class SOAPNormalization10Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = SOAPNormalization10::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_SOAPNormalization10.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/STRTransform10Test.php b/tests/WSSecurity/XML/sp/STRTransform10Test.php
new file mode 100644
index 00000000..4bcc65ef
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/STRTransform10Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\STRTransform10;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\STRTransform10Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\STRTransform10
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class STRTransform10Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = STRTransform10::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_STRTransform10.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/SamlTokenTest.php b/tests/WSSecurity/XML/sp/SamlTokenTest.php
new file mode 100644
index 00000000..d3d0c6d1
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/SamlTokenTest.php
@@ -0,0 +1,85 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\Utils\XPath;
+use SimpleSAML\WSSecurity\XML\sp\IncludeToken;
+use SimpleSAML\WSSecurity\XML\sp\SamlToken;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\SamlTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\SamlToken
+ * @covers \SimpleSAML\WSSecurity\XML\sp\IncludeTokenTypeTrait
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractTokenAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class SamlTokenTest extends TestCase
+{
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = SamlToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_SamlToken.xml',
+        );
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Adding an empty SamlToken element should yield an empty element.
+     */
+    public function testMarshallingEmptyElement(): void
+    {
+        $spns = C::NS_SEC_POLICY;
+        $samlToken = new SamlToken();
+        $this->assertEquals(
+            "<sp:SamlToken xmlns:sp=\"$spns\"/>",
+            strval($samlToken),
+        );
+        $this->assertTrue($samlToken->isEmptyElement());
+    }
+
+
+    /**
+     * Test that creating a SamlToken from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $samlToken = new SamlToken(IncludeToken::Always, [$chunk], [$attr]);
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($samlToken),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/SecureConversationTokenTest.php b/tests/WSSecurity/XML/sp/SecureConversationTokenTest.php
new file mode 100644
index 00000000..9aea22f8
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/SecureConversationTokenTest.php
@@ -0,0 +1,103 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\Utils\XPath;
+use SimpleSAML\WSSecurity\XML\sp\IncludeToken;
+use SimpleSAML\WSSecurity\XML\sp\SecureConversationToken;
+use SimpleSAML\WSSecurity\XML\sp\IssuerName;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\SecureConversationTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\SecureConversationToken
+ * @covers \SimpleSAML\WSSecurity\XML\sp\IncludeTokenTypeTrait
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSecureConversationTokenType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class SecureConversationTokenTest extends TestCase
+{
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = SecureConversationToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_SecureConversationToken.xml',
+        );
+    }
+
+
+    /**
+     */
+    public function testMarshallingElementOrdering(): void
+    {
+        $issuer = new IssuerName('urn:x-simplesamlphp:issuer');
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $secureConversationToken = new SecureConversationToken($issuer, IncludeToken::Always, [$chunk], [$attr]);
+        $secureConversationTokenElement = $secureConversationToken->toXML();
+
+        // Test for a IssuerName
+        $xpCache = XPath::getXPath($secureConversationTokenElement);
+        $secureConversationTokenElements = XPath::xpQuery($secureConversationTokenElement, './sp:IssuerName', $xpCache);
+        $this->assertCount(1, $secureConversationTokenElements);
+
+        // Test ordering of SecureConversationToken contents
+        /** @psalm-var \DOMElement[] $secureConversationTokenElements */
+        $secureConversationTokenElements = XPath::xpQuery(
+            $secureConversationTokenElement,
+            './sp:IssuerName/following-sibling::*',
+            $xpCache,
+        );
+        $this->assertCount(1, $secureConversationTokenElements);
+        $this->assertEquals('ssp:Chunk', $secureConversationTokenElements[0]->tagName);
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Test that creating a SecureConversationToken from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $issuer = new IssuerName('urn:x-simplesamlphp:issuer');
+
+        $secureConversationToken = new SecureConversationToken($issuer, IncludeToken::Always, [$chunk], [$attr]);
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($secureConversationToken),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/SecurityContextTokenTest.php b/tests/WSSecurity/XML/sp/SecurityContextTokenTest.php
new file mode 100644
index 00000000..e15fbcd3
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/SecurityContextTokenTest.php
@@ -0,0 +1,85 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\Utils\XPath;
+use SimpleSAML\WSSecurity\XML\sp\IncludeToken;
+use SimpleSAML\WSSecurity\XML\sp\SecurityContextToken;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\SecurityContextTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\SecurityContextToken
+ * @covers \SimpleSAML\WSSecurity\XML\sp\IncludeTokenTypeTrait
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractTokenAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class SecurityContextTokenTest extends TestCase
+{
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = SecurityContextToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_SecurityContextToken.xml',
+        );
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Adding an empty SecurityContextToken element should yield an empty element.
+     */
+    public function testMarshallingEmptyElement(): void
+    {
+        $spns = C::NS_SEC_POLICY;
+        $securityContextToken = new SecurityContextToken();
+        $this->assertEquals(
+            "<sp:SecurityContextToken xmlns:sp=\"$spns\"/>",
+            strval($securityContextToken),
+        );
+        $this->assertTrue($securityContextToken->isEmptyElement());
+    }
+
+
+    /**
+     * Test that creating a SecurityContextToken from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $securityContextToken = new SecurityContextToken(IncludeToken::Always, [$chunk], [$attr]);
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($securityContextToken),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/SignatureTokenTest.php b/tests/WSSecurity/XML/sp/SignatureTokenTest.php
new file mode 100644
index 00000000..b4a05393
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/SignatureTokenTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\SignatureToken;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\SignatureTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\SignatureToken
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class SignatureTokenTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = SignatureToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_SignatureToken.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/SignedElementsTest.php b/tests/WSSecurity/XML/sp/SignedElementsTest.php
new file mode 100644
index 00000000..e25af2c6
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/SignedElementsTest.php
@@ -0,0 +1,101 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\Utils\XPath as XMLXPath;
+use SimpleSAML\WSSecurity\XML\sp\SignedElements;
+use SimpleSAML\WSSecurity\XML\sp\XPath;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\SignedElementsTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\SignedElements
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSerElementsType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class SignedElementsTest extends TestCase
+{
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = SignedElements::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_SignedElements.xml',
+        );
+    }
+
+
+    /**
+     */
+    public function testMarshallingElementOrdering(): void
+    {
+        $xpath = new XPath('/bookstore/book[price>35.00]/title');
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $SignedElements = new SignedElements([$xpath], 'urn:x-simplesamlphp:version', [$chunk], [$attr]);
+        $SignedElementsElement = $SignedElements->toXML();
+
+        // Test for an XPath
+        $xpCache = XMLXPath::getXPath($SignedElementsElement);
+        $SignedElementsElements = XMLXPath::xpQuery($SignedElementsElement, './sp:XPath', $xpCache);
+        $this->assertCount(1, $SignedElementsElements);
+
+        // Test ordering of SignedElements contents
+        /** @psalm-var \DOMElement[] $SignedElementsElements */
+        $SignedElementsElements = XMLXPath::xpQuery(
+            $SignedElementsElement,
+            './sp:XPath/following-sibling::*',
+            $xpCache,
+        );
+
+        $this->assertCount(1, $SignedElementsElements);
+        $this->assertEquals('ssp:Chunk', $SignedElementsElements[0]->tagName);
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Test that creating a SignedElements from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $xpath = new XPath('/bookstore/book[price>35.00]/title');
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $SignedElements = new SignedElements([$xpath], 'urn:x-simplesamlphp:version', [$chunk], [$attr]);
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($SignedElements),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/SignedEncryptedSupportingTokensTest.php b/tests/WSSecurity/XML/sp/SignedEncryptedSupportingTokensTest.php
new file mode 100644
index 00000000..22bdaae7
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/SignedEncryptedSupportingTokensTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\SignedEncryptedSupportingTokens;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\SignedEncryptedSupportingTokensTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\SignedEncryptedSupportingTokens
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class SignedEncryptedSupportingTokensTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = SignedEncryptedSupportingTokens::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_SignedEncryptedSupportingTokens.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/SignedEndorsingEncryptedSupportingTokensTest.php b/tests/WSSecurity/XML/sp/SignedEndorsingEncryptedSupportingTokensTest.php
new file mode 100644
index 00000000..a6786664
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/SignedEndorsingEncryptedSupportingTokensTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\SignedEndorsingEncryptedSupportingTokens;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\SignedEndorsingEncryptedSupportingTokensTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\EncryptedSupportingTokens
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class SignedEndorsingEncryptedSupportingTokensTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = SignedEndorsingEncryptedSupportingTokens::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_SignedEndorsingEncryptedSupportingTokens.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/SignedEndorsingSupportingTokensTest.php b/tests/WSSecurity/XML/sp/SignedEndorsingSupportingTokensTest.php
new file mode 100644
index 00000000..d1f7ecb7
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/SignedEndorsingSupportingTokensTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\SignedEndorsingSupportingTokens;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\SignedEndorsingSupportingTokensTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\SignedEndorsingSupportingTokens
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class SignedEndorsingSupportingTokensTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = SignedEndorsingSupportingTokens::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_SignedEndorsingSupportingTokens.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/SignedPartsTest.php b/tests/WSSecurity/XML/sp/SignedPartsTest.php
new file mode 100644
index 00000000..3bc9158d
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/SignedPartsTest.php
@@ -0,0 +1,119 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\Utils\XPath;
+use SimpleSAML\WSSecurity\XML\sp\Attachments;
+use SimpleSAML\WSSecurity\XML\sp\Body;
+use SimpleSAML\WSSecurity\XML\sp\Header;
+use SimpleSAML\WSSecurity\XML\sp\SignedParts;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\SignedPartsTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\SignedParts
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSePartsType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class SignedPartsTest extends TestCase
+{
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = SignedParts::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_SignedParts.xml',
+        );
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Adding an empty SignedParts element should yield an empty element.
+     */
+    public function testMarshallingEmptyElement(): void
+    {
+        $spns = C::NS_SEC_POLICY;
+        $signedParts = new SignedParts();
+        $this->assertEquals(
+            "<sp:SignedParts xmlns:sp=\"$spns\"/>",
+            strval($signedParts),
+        );
+        $this->assertTrue($signedParts->isEmptyElement());
+    }
+
+
+    /**
+     * Test that creating a SignedParts from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $body = new Body();
+        $header = new Header('urn:x-simplesamlphp:namespace', 'ssp:name', [$attr]);
+        $attachments = new Attachments();
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $signedParts = new SignedParts($body, [$header], $attachments, [$chunk], [$attr]);
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($signedParts),
+        );
+    }
+
+
+    /**
+     */
+    public function testMarshallingElementOrdering(): void
+    {
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $body = new Body();
+        $header = new Header('urn:x-simplesamlphp:namespace', 'ssp:name', [$attr]);
+        $attachments = new Attachments();
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $SignedParts = new SignedParts($body, [$header], $attachments, [$chunk], [$attr]);
+        $SignedPartsElement = $SignedParts->toXML();
+
+        // Test for a Body
+        $xpCache = XPath::getXPath($SignedPartsElement);
+        $SignedPartsElements = XPath::xpQuery($SignedPartsElement, './sp:Body', $xpCache);
+        $this->assertCount(1, $SignedPartsElements);
+
+        // Test ordering of SignedParts contents
+        /** @psalm-var \DOMElement[] $SignedPartsElements */
+        $SignedPartsElements = XPath::xpQuery($SignedPartsElement, './sp:Body/following-sibling::*', $xpCache);
+        $this->assertCount(3, $SignedPartsElements);
+        $this->assertEquals('sp:Header', $SignedPartsElements[0]->tagName);
+        $this->assertEquals('sp:Attachments', $SignedPartsElements[1]->tagName);
+        $this->assertEquals('ssp:Chunk', $SignedPartsElements[2]->tagName);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/SignedSupportingTokensTest.php b/tests/WSSecurity/XML/sp/SignedSupportingTokensTest.php
new file mode 100644
index 00000000..51190dfc
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/SignedSupportingTokensTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\SignedSupportingTokens;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\SignedSupportingTokensTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\SignedSupportingTokens
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class SignedSupportingTokensTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = SignedSupportingTokens::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_SignedSupportingTokens.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/SpnegoContextTokenTest.php b/tests/WSSecurity/XML/sp/SpnegoContextTokenTest.php
new file mode 100644
index 00000000..c7b5864c
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/SpnegoContextTokenTest.php
@@ -0,0 +1,103 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\Utils\XPath;
+use SimpleSAML\WSSecurity\XML\sp\IncludeToken;
+use SimpleSAML\WSSecurity\XML\sp\SpnegoContextToken;
+use SimpleSAML\WSSecurity\XML\sp\IssuerName;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\SpnegoContextTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\SpnegoContextToken
+ * @covers \SimpleSAML\WSSecurity\XML\sp\IncludeTokenTypeTrait
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpnegoContextTokenType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class SpnegoContextTokenTest extends TestCase
+{
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = SpnegoContextToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_SpnegoContextToken.xml',
+        );
+    }
+
+
+    /**
+     */
+    public function testMarshallingElementOrdering(): void
+    {
+        $issuer = new IssuerName('urn:x-simplesamlphp:issuer');
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $spnegoContextToken = new SpnegoContextToken($issuer, IncludeToken::Always, [$chunk], [$attr]);
+        $spnegoContextTokenElement = $spnegoContextToken->toXML();
+
+        // Test for a IssuerName
+        $xpCache = XPath::getXPath($spnegoContextTokenElement);
+        $spnegoContextTokenElements = XPath::xpQuery($spnegoContextTokenElement, './sp:IssuerName', $xpCache);
+        $this->assertCount(1, $spnegoContextTokenElements);
+
+        // Test ordering of SpnegoContextToken contents
+        /** @psalm-var \DOMElement[] $spnegoContextTokenElements */
+        $spnegoContextTokenElements = XPath::xpQuery(
+            $spnegoContextTokenElement,
+            './sp:IssuerName/following-sibling::*',
+            $xpCache,
+        );
+        $this->assertCount(1, $spnegoContextTokenElements);
+        $this->assertEquals('ssp:Chunk', $spnegoContextTokenElements[0]->tagName);
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Test that creating a SpnegoContextToken from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $issuer = new IssuerName('urn:x-simplesamlphp:issuer');
+
+        $spnegoContextToken = new SpnegoContextToken($issuer, IncludeToken::Always, [$chunk], [$attr]);
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($spnegoContextToken),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/StrictTest.php b/tests/WSSecurity/XML/sp/StrictTest.php
new file mode 100644
index 00000000..60a6ac72
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/StrictTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\Strict;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\StrictTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\Strict
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class StrictTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = Strict::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_Strict.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/SupportingTokensTest.php b/tests/WSSecurity/XML/sp/SupportingTokensTest.php
new file mode 100644
index 00000000..870f9bc2
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/SupportingTokensTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\SupportingTokens;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\SupportingTokensTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\SupportingTokens
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class SupportingTokensTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = SupportingTokens::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_SupportingTokens.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/SymmetricBindingTest.php b/tests/WSSecurity/XML/sp/SymmetricBindingTest.php
new file mode 100644
index 00000000..9a6f931f
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/SymmetricBindingTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\SymmetricBinding;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\SymmetricBindingTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\SymmetricBinding
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class SymmetricBindingTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = SymmetricBinding::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_SymmetricBinding.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/TransportBindingTest.php b/tests/WSSecurity/XML/sp/TransportBindingTest.php
new file mode 100644
index 00000000..06d19406
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/TransportBindingTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\TransportBinding;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\TransportBindingTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\TransportBinding
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class TransportBindingTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = TransportBinding::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_TransportBinding.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/TransportTokenTest.php b/tests/WSSecurity/XML/sp/TransportTokenTest.php
new file mode 100644
index 00000000..704783c9
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/TransportTokenTest.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\TransportToken;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\TransportTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\TransportToken
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class TransportTokenTest extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = TransportToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_TransportToken.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/TripleDesRsa15Test.php b/tests/WSSecurity/XML/sp/TripleDesRsa15Test.php
new file mode 100644
index 00000000..7853427b
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/TripleDesRsa15Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\TripleDesRsa15;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\TripleDesRsa15Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\TripleDesRsa15
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class TripleDesRsa15Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = TripleDesRsa15::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_TripleDesRsa15.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/TripleDesSha256Rsa15Test.php b/tests/WSSecurity/XML/sp/TripleDesSha256Rsa15Test.php
new file mode 100644
index 00000000..d660d878
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/TripleDesSha256Rsa15Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\TripleDesSha256Rsa15;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\TripleDesSha256Rsa15Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\TripleDesSha256Rsa15
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class TripleDesSha256Rsa15Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = TripleDesSha256Rsa15::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_TripleDesSha256Rsa15.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/TripleDesSha256Test.php b/tests/WSSecurity/XML/sp/TripleDesSha256Test.php
new file mode 100644
index 00000000..ede5ba8b
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/TripleDesSha256Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\TripleDesSha256;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\TripleDesSha256Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\TripleDesSha256
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class TripleDesSha256Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = TripleDesSha256::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_TripleDesSha256.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/TripleDesTest.php b/tests/WSSecurity/XML/sp/TripleDesTest.php
new file mode 100644
index 00000000..ecdb52d9
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/TripleDesTest.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\TripleDes;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\TripleDesTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\TripleDes
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class TripleDesTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = TripleDes::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_TripleDes.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/Trust13Test.php b/tests/WSSecurity/XML/sp/Trust13Test.php
new file mode 100644
index 00000000..e2308651
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/Trust13Test.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\Trust13;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\Trust13Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\Trust13
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class Trust13Test extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = Trust13::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_Trust13.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/UsernameTokenTest.php b/tests/WSSecurity/XML/sp/UsernameTokenTest.php
new file mode 100644
index 00000000..9606b074
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/UsernameTokenTest.php
@@ -0,0 +1,85 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\Utils\XPath;
+use SimpleSAML\WSSecurity\XML\sp\IncludeToken;
+use SimpleSAML\WSSecurity\XML\sp\UsernameToken;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\UsernameTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\UsernameToken
+ * @covers \SimpleSAML\WSSecurity\XML\sp\IncludeTokenTypeTrait
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractTokenAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class UsernameTokenTest extends TestCase
+{
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = UsernameToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_UsernameToken.xml',
+        );
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Adding an empty UsernameToken element should yield an empty element.
+     */
+    public function testMarshallingEmptyElement(): void
+    {
+        $spns = C::NS_SEC_POLICY;
+        $usernameToken = new UsernameToken();
+        $this->assertEquals(
+            "<sp:UsernameToken xmlns:sp=\"$spns\"/>",
+            strval($usernameToken),
+        );
+        $this->assertTrue($usernameToken->isEmptyElement());
+    }
+
+
+    /**
+     * Test that creating a UsernameToken from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $usernameToken = new UsernameToken(IncludeToken::Always, [$chunk], [$attr]);
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($usernameToken),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/Wss10Test.php b/tests/WSSecurity/XML/sp/Wss10Test.php
new file mode 100644
index 00000000..d1aab257
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/Wss10Test.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\Wss10;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\Wss10Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\Wss10
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class Wss10Test extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = Wss10::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_Wss10.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/Wss11Test.php b/tests/WSSecurity/XML/sp/Wss11Test.php
new file mode 100644
index 00000000..80e39c79
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/Wss11Test.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\Wss11;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\Wss11Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\Wss11
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractNestedPolicyType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class Wss11Test extends TestCase
+{
+    use NestedPolicyTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /** @var \SimpleSAML\XML\Chunk $chunk */
+    protected static Chunk $chunk;
+
+    /** @var \SimpleSAML\XML\Attribute $attr */
+    protected static XMLAttribute $attr;
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = Wss11::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_Wss11.xml',
+        );
+
+        self::$attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+
+        self::$chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>'
+        )->documentElement);
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/WssGssKerberosV5ApReqToken11Test.php b/tests/WSSecurity/XML/sp/WssGssKerberosV5ApReqToken11Test.php
new file mode 100644
index 00000000..8f25c199
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/WssGssKerberosV5ApReqToken11Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\WssGssKerberosV5ApReqToken11;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\WssGssKerberosV5ApReqToken11Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\WssGssKerberosV5ApReqToken11
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssGssKerberosV5ApReqToken11Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = WssGssKerberosV5ApReqToken11::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_WssGssKerberosV5ApReqToken11.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/WssKerberosV5ApReqToken11Test.php b/tests/WSSecurity/XML/sp/WssKerberosV5ApReqToken11Test.php
new file mode 100644
index 00000000..a67a892e
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/WssKerberosV5ApReqToken11Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\WssKerberosV5ApReqToken11;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\WssKerberosV5ApReqToken11Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\WssKerberosV5ApReqToken11
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssKerberosV5ApReqToken11Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = WssKerberosV5ApReqToken11::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_WssKerberosV5ApReqToken11.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/WssRelV10Token10Test.php b/tests/WSSecurity/XML/sp/WssRelV10Token10Test.php
new file mode 100644
index 00000000..da6e93af
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/WssRelV10Token10Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\WssRelV10Token10;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\WssRelV10Token10Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\WssRelV10Token10
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssRelV10Token10Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = WssRelV10Token10::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_WssRelV10Token10.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/WssRelV10Token11Test.php b/tests/WSSecurity/XML/sp/WssRelV10Token11Test.php
new file mode 100644
index 00000000..5876a816
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/WssRelV10Token11Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\WssRelV10Token11;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\WssRelV10Token11Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\WssRelV10Token11
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssRelV10Token11Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = WssRelV10Token11::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_WssRelV10Token11.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/WssRelV20Token10Test.php b/tests/WSSecurity/XML/sp/WssRelV20Token10Test.php
new file mode 100644
index 00000000..75e849db
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/WssRelV20Token10Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\WssRelV20Token10;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\WssRelV20Token10Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\WssRelV20Token10
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssRelV20Token10Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = WssRelV20Token10::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_WssRelV20Token10.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/WssRelV20Token11Test.php b/tests/WSSecurity/XML/sp/WssRelV20Token11Test.php
new file mode 100644
index 00000000..1bf2072f
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/WssRelV20Token11Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\WssRelV20Token11;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\WssRelV20Token11Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\WssRelV20Token11
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssRelV20Token11Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = WssRelV20Token11::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_WssRelV20Token11.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/WssSamlV11Token10Test.php b/tests/WSSecurity/XML/sp/WssSamlV11Token10Test.php
new file mode 100644
index 00000000..5839e323
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/WssSamlV11Token10Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\WssSamlV11Token10;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\WssSamlV11Token10Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\WssSamlV11Token10
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssSamlV11Token10Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = WssSamlV11Token10::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_WssSamlV11Token10.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/WssSamlV11Token11Test.php b/tests/WSSecurity/XML/sp/WssSamlV11Token11Test.php
new file mode 100644
index 00000000..3b74201a
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/WssSamlV11Token11Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\WssSamlV11Token11;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\WssSamlV11Token11Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\WssSamlV11Token11
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssSamlV11Token11Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = WssSamlV11Token11::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_WssSamlV11Token11.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/WssSamlV20Token11Test.php b/tests/WSSecurity/XML/sp/WssSamlV20Token11Test.php
new file mode 100644
index 00000000..7c8f6ac0
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/WssSamlV20Token11Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\WssSamlV20Token11;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\WssSamlV20Token11Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\WssSamlV20Token11
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssSamlV20Token11Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = WssSamlV20Token11::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_WssSamlV20Token11.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/WssUsernameToken10Test.php b/tests/WSSecurity/XML/sp/WssUsernameToken10Test.php
new file mode 100644
index 00000000..aaf6df48
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/WssUsernameToken10Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\WssUsernameToken10;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\WssUsernameToken10Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\WssUsernameToken10
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssUsernameToken10Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = WssUsernameToken10::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_WssUsernameToken10.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/WssUsernameToken11Test.php b/tests/WSSecurity/XML/sp/WssUsernameToken11Test.php
new file mode 100644
index 00000000..6a0d6313
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/WssUsernameToken11Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\WssUsernameToken11;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\WssUsernameToken11Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\WssUsernameToken11
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssUsernameToken11Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = WssUsernameToken11::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_WssUsernameToken11.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/WssX509Pkcs7Token10Test.php b/tests/WSSecurity/XML/sp/WssX509Pkcs7Token10Test.php
new file mode 100644
index 00000000..74addb48
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/WssX509Pkcs7Token10Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\WssX509Pkcs7Token10;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\WssX509Pkcs7Token10Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\WssX509Pkcs7Token10
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssX509Pkcs7Token10Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = WssX509Pkcs7Token10::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_WssX509Pkcs7Token10.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/WssX509Pkcs7Token11Test.php b/tests/WSSecurity/XML/sp/WssX509Pkcs7Token11Test.php
new file mode 100644
index 00000000..07957955
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/WssX509Pkcs7Token11Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\WssX509Pkcs7Token11;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\WssX509Pkcs7Token11Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\WssX509Pkcs7Token11
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssX509Pkcs7Token11Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = WssX509Pkcs7Token11::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_WssX509Pkcs7Token11.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/WssX509PkiPathV1Token10Test.php b/tests/WSSecurity/XML/sp/WssX509PkiPathV1Token10Test.php
new file mode 100644
index 00000000..f6b7be1e
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/WssX509PkiPathV1Token10Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\WssX509PkiPathV1Token10;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\WssX509PkiPathV1Token10Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\WssX509PkiPathV1Token10
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssX509PkiPathV1Token10Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = WssX509PkiPathV1Token10::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_WssX509PkiPathV1Token10.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/WssX509PkiPathV1Token11Test.php b/tests/WSSecurity/XML/sp/WssX509PkiPathV1Token11Test.php
new file mode 100644
index 00000000..6d17cfee
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/WssX509PkiPathV1Token11Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\WssX509PkiPathV1Token11;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\WssX509PkiPathV1Token11Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\WssX509PkiPathV1Token11
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssX509PkiPathV1Token11Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = WssX509PkiPathV1Token11::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_WssX509PkiPathV1Token11.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/WssX509V1Token11Test.php b/tests/WSSecurity/XML/sp/WssX509V1Token11Test.php
new file mode 100644
index 00000000..c6f97885
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/WssX509V1Token11Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\WssX509V1Token11;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\WssX509V1Token11Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\WssX509V1Token11
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssX509V1Token11Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = WssX509V1Token11::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_WssX509V1Token11.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/WssX509V3Token10Test.php b/tests/WSSecurity/XML/sp/WssX509V3Token10Test.php
new file mode 100644
index 00000000..eb56bca6
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/WssX509V3Token10Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\WssX509V3Token10;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\WssX509V3Token10Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\WssX509V3Token10
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssX509V3Token10Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = WssX509V3Token10::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_WssX509V3Token10.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/WssX509V3Token11Test.php b/tests/WSSecurity/XML/sp/WssX509V3Token11Test.php
new file mode 100644
index 00000000..35a21871
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/WssX509V3Token11Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\WssX509V3Token11;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\WssX509V3Token11Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\WssX509V3Token11
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class WssX509V3Token11Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = WssX509V3Token11::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_WssX509V3Token11.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/X509TokenTest.php b/tests/WSSecurity/XML/sp/X509TokenTest.php
new file mode 100644
index 00000000..c02c75fb
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/X509TokenTest.php
@@ -0,0 +1,85 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\Utils\XPath;
+use SimpleSAML\WSSecurity\XML\sp\IncludeToken;
+use SimpleSAML\WSSecurity\XML\sp\X509Token;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\X509lTokenTest
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\X509Token
+ * @covers \SimpleSAML\WSSecurity\XML\sp\IncludeTokenTypeTrait
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractTokenAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class X509TokenTest extends TestCase
+{
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = X509Token::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_X509Token.xml',
+        );
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Adding an empty X509lToken element should yield an empty element.
+     */
+    public function testMarshallingEmptyElement(): void
+    {
+        $spns = C::NS_SEC_POLICY;
+        $x509Token = new X509Token();
+        $this->assertEquals(
+            "<sp:X509Token xmlns:sp=\"$spns\"/>",
+            strval($x509Token),
+        );
+        $this->assertTrue($x509Token->isEmptyElement());
+    }
+
+
+    /**
+     * Test that creating a X509Token from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>'
+        )->documentElement);
+
+        $x509Token = new X509Token(IncludeToken::Always, [$chunk], [$attr]);
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($x509Token),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/XPath10Test.php b/tests/WSSecurity/XML/sp/XPath10Test.php
new file mode 100644
index 00000000..e708a9a0
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/XPath10Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\XPath10;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\XPath10Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\XPath10
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class XPath10Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = XPath10::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_XPath10.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/XPathFilter20Test.php b/tests/WSSecurity/XML/sp/XPathFilter20Test.php
new file mode 100644
index 00000000..fbe383fc
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/XPathFilter20Test.php
@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\XML\sp\XPathFilter20;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\XPathFilter20Test
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\XPathFilter20
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class XPathFilter20Test extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/ws-securitypolicy-1.2.xsd';
+
+        self::$testedClass = XPathFilter20::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_XPathFilter20.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/sp/XPathTest.php b/tests/WSSecurity/XML/sp/XPathTest.php
new file mode 100644
index 00000000..a022838b
--- /dev/null
+++ b/tests/WSSecurity/XML/sp/XPathTest.php
@@ -0,0 +1,57 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\sp;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\XPath;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+use function strval;
+
+/**
+ * Tests for XPath.
+ *
+ * @covers \SimpleSAML\WSSecurity\XML\sp\XPath
+ * @covers \SimpleSAML\WSSecurity\XML\sp\AbstractSpElement
+ *
+ * @package tvdijen/ws-security
+ */
+final class XPathTest extends TestCase
+{
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$testedClass = XPath::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/sp_XPath.xml',
+        );
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Test creating a XPath object from scratch.
+     */
+    public function testMarshalling(): void
+    {
+        $xpath = new XPath('/bookstore/book[price>35.00]/title');
+
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($xpath),
+        );
+    }
+}
diff --git a/tests/resources/xml/sp_AbsXPath.xml b/tests/resources/xml/sp_AbsXPath.xml
new file mode 100644
index 00000000..0634dafd
--- /dev/null
+++ b/tests/resources/xml/sp_AbsXPath.xml
@@ -0,0 +1 @@
+<sp:AbsXPath xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_AlgorithmSuite.xml b/tests/resources/xml/sp_AlgorithmSuite.xml
new file mode 100644
index 00000000..a62b4d81
--- /dev/null
+++ b/tests/resources/xml/sp_AlgorithmSuite.xml
@@ -0,0 +1,3 @@
+<sp:AlgorithmSuite xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:AlgorithmSuite>
diff --git a/tests/resources/xml/sp_AsymmetricBinding.xml b/tests/resources/xml/sp_AsymmetricBinding.xml
new file mode 100644
index 00000000..2a78c193
--- /dev/null
+++ b/tests/resources/xml/sp_AsymmetricBinding.xml
@@ -0,0 +1,3 @@
+<sp:AsymmetricBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:AsymmetricBinding>
diff --git a/tests/resources/xml/sp_Attachments.xml b/tests/resources/xml/sp_Attachments.xml
new file mode 100644
index 00000000..e0295d5a
--- /dev/null
+++ b/tests/resources/xml/sp_Attachments.xml
@@ -0,0 +1 @@
+<sp:Attachments xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" />
diff --git a/tests/resources/xml/sp_Basic128.xml b/tests/resources/xml/sp_Basic128.xml
new file mode 100644
index 00000000..a516099e
--- /dev/null
+++ b/tests/resources/xml/sp_Basic128.xml
@@ -0,0 +1 @@
+<sp:Basic128 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_Basic128Rsa15.xml b/tests/resources/xml/sp_Basic128Rsa15.xml
new file mode 100644
index 00000000..b6e72abf
--- /dev/null
+++ b/tests/resources/xml/sp_Basic128Rsa15.xml
@@ -0,0 +1 @@
+<sp:Basic128Rsa15 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_Basic128Sha256.xml b/tests/resources/xml/sp_Basic128Sha256.xml
new file mode 100644
index 00000000..f64641c1
--- /dev/null
+++ b/tests/resources/xml/sp_Basic128Sha256.xml
@@ -0,0 +1 @@
+<sp:Basic128Sha256 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_Basic128Sha256Rsa15.xml b/tests/resources/xml/sp_Basic128Sha256Rsa15.xml
new file mode 100644
index 00000000..2e695ccd
--- /dev/null
+++ b/tests/resources/xml/sp_Basic128Sha256Rsa15.xml
@@ -0,0 +1 @@
+<sp:Basic128Sha256Rsa15 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_Basic192.xml b/tests/resources/xml/sp_Basic192.xml
new file mode 100644
index 00000000..0ec3907d
--- /dev/null
+++ b/tests/resources/xml/sp_Basic192.xml
@@ -0,0 +1 @@
+<sp:Basic192 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_Basic192Rsa15.xml b/tests/resources/xml/sp_Basic192Rsa15.xml
new file mode 100644
index 00000000..cbd00ca8
--- /dev/null
+++ b/tests/resources/xml/sp_Basic192Rsa15.xml
@@ -0,0 +1 @@
+<sp:Basic192Rsa15 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_Basic192Sha256.xml b/tests/resources/xml/sp_Basic192Sha256.xml
new file mode 100644
index 00000000..b4fd83fc
--- /dev/null
+++ b/tests/resources/xml/sp_Basic192Sha256.xml
@@ -0,0 +1 @@
+<sp:Basic192Sha256 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_Basic192Sha256Rsa15.xml b/tests/resources/xml/sp_Basic192Sha256Rsa15.xml
new file mode 100644
index 00000000..2bb8128d
--- /dev/null
+++ b/tests/resources/xml/sp_Basic192Sha256Rsa15.xml
@@ -0,0 +1 @@
+<sp:Basic192Sha256Rsa15 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_Basic256.xml b/tests/resources/xml/sp_Basic256.xml
new file mode 100644
index 00000000..6935966b
--- /dev/null
+++ b/tests/resources/xml/sp_Basic256.xml
@@ -0,0 +1 @@
+<sp:Basic256 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_Basic256Rsa15.xml b/tests/resources/xml/sp_Basic256Rsa15.xml
new file mode 100644
index 00000000..224dc72b
--- /dev/null
+++ b/tests/resources/xml/sp_Basic256Rsa15.xml
@@ -0,0 +1 @@
+<sp:Basic256Rsa15 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_Basic256Sha256.xml b/tests/resources/xml/sp_Basic256Sha256.xml
new file mode 100644
index 00000000..98b17685
--- /dev/null
+++ b/tests/resources/xml/sp_Basic256Sha256.xml
@@ -0,0 +1 @@
+<sp:Basic256Sha256 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_Basic256Sha256Rsa15.xml b/tests/resources/xml/sp_Basic256Sha256Rsa15.xml
new file mode 100644
index 00000000..bc0eb105
--- /dev/null
+++ b/tests/resources/xml/sp_Basic256Sha256Rsa15.xml
@@ -0,0 +1 @@
+<sp:Basic256Sha256Rsa15 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_Body.xml b/tests/resources/xml/sp_Body.xml
new file mode 100644
index 00000000..f4468dab
--- /dev/null
+++ b/tests/resources/xml/sp_Body.xml
@@ -0,0 +1 @@
+<sp:Body xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" />
diff --git a/tests/resources/xml/sp_BootstrapPolicy.xml b/tests/resources/xml/sp_BootstrapPolicy.xml
new file mode 100644
index 00000000..aaff6142
--- /dev/null
+++ b/tests/resources/xml/sp_BootstrapPolicy.xml
@@ -0,0 +1,3 @@
+<sp:BootstrapPolicy xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:BootstrapPolicy>
diff --git a/tests/resources/xml/sp_ContentEncryptedElements.xml b/tests/resources/xml/sp_ContentEncryptedElements.xml
new file mode 100644
index 00000000..80556510
--- /dev/null
+++ b/tests/resources/xml/sp_ContentEncryptedElements.xml
@@ -0,0 +1,4 @@
+<sp:ContentEncryptedElements xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" XPathVersion="urn:x-simplesamlphp:version" ssp:attr1="value1">
+  <sp:XPath>/bookstore/book[price>35.00]/title</sp:XPath>
+  <ssp:Chunk>some</ssp:Chunk>
+</sp:ContentEncryptedElements>
diff --git a/tests/resources/xml/sp_EncryptBeforeSigning.xml b/tests/resources/xml/sp_EncryptBeforeSigning.xml
new file mode 100644
index 00000000..d60d91b2
--- /dev/null
+++ b/tests/resources/xml/sp_EncryptBeforeSigning.xml
@@ -0,0 +1 @@
+<sp:EncryptBeforeSigning xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_EncryptSignature.xml b/tests/resources/xml/sp_EncryptSignature.xml
new file mode 100644
index 00000000..47adcfba
--- /dev/null
+++ b/tests/resources/xml/sp_EncryptSignature.xml
@@ -0,0 +1 @@
+<sp:EncryptSignature xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_EncryptedElements.xml b/tests/resources/xml/sp_EncryptedElements.xml
new file mode 100644
index 00000000..e05990c6
--- /dev/null
+++ b/tests/resources/xml/sp_EncryptedElements.xml
@@ -0,0 +1,4 @@
+<sp:EncryptedElements xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" XPathVersion="urn:x-simplesamlphp:version" ssp:attr1="value1">
+  <sp:XPath>/bookstore/book[price>35.00]/title</sp:XPath>
+  <ssp:Chunk>some</ssp:Chunk>
+</sp:EncryptedElements>
diff --git a/tests/resources/xml/sp_EncryptedParts.xml b/tests/resources/xml/sp_EncryptedParts.xml
new file mode 100644
index 00000000..c9ce63b1
--- /dev/null
+++ b/tests/resources/xml/sp_EncryptedParts.xml
@@ -0,0 +1,6 @@
+<sp:EncryptedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <sp:Body xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" />
+  <sp:Header xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" Name="ssp:name" Namespace="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
+  <sp:Attachments xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" />
+  <ssp:Chunk>some</ssp:Chunk>
+</sp:EncryptedParts>
diff --git a/tests/resources/xml/sp_EncryptedSupportingTokens.xml b/tests/resources/xml/sp_EncryptedSupportingTokens.xml
new file mode 100644
index 00000000..f9331742
--- /dev/null
+++ b/tests/resources/xml/sp_EncryptedSupportingTokens.xml
@@ -0,0 +1,3 @@
+<sp:EncryptedSupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:EncryptedSupportingTokens>
diff --git a/tests/resources/xml/sp_EncryptionToken.xml b/tests/resources/xml/sp_EncryptionToken.xml
new file mode 100644
index 00000000..abcfea21
--- /dev/null
+++ b/tests/resources/xml/sp_EncryptionToken.xml
@@ -0,0 +1,3 @@
+<sp:EncryptionToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:EncryptionToken>
diff --git a/tests/resources/xml/sp_EndorsingEncryptedSupportingTokens.xml b/tests/resources/xml/sp_EndorsingEncryptedSupportingTokens.xml
new file mode 100644
index 00000000..dcd120fe
--- /dev/null
+++ b/tests/resources/xml/sp_EndorsingEncryptedSupportingTokens.xml
@@ -0,0 +1,3 @@
+<sp:EndorsingEncryptedSupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:EndorsingEncryptedSupportingTokens>
diff --git a/tests/resources/xml/sp_EndorsingSupportingTokens.xml b/tests/resources/xml/sp_EndorsingSupportingTokens.xml
new file mode 100644
index 00000000..bd60f025
--- /dev/null
+++ b/tests/resources/xml/sp_EndorsingSupportingTokens.xml
@@ -0,0 +1,3 @@
+<sp:EndorsingSupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:EndorsingSupportingTokens>
diff --git a/tests/resources/xml/sp_HashPassword.xml b/tests/resources/xml/sp_HashPassword.xml
new file mode 100644
index 00000000..21955d33
--- /dev/null
+++ b/tests/resources/xml/sp_HashPassword.xml
@@ -0,0 +1 @@
+<sp:HashPassword xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_Header.xml b/tests/resources/xml/sp_Header.xml
new file mode 100644
index 00000000..56ef7fc3
--- /dev/null
+++ b/tests/resources/xml/sp_Header.xml
@@ -0,0 +1 @@
+<sp:Header xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" Name="ssp:name" Namespace="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_HttpBasicAuthentication.xml b/tests/resources/xml/sp_HttpBasicAuthentication.xml
new file mode 100644
index 00000000..a2f23e02
--- /dev/null
+++ b/tests/resources/xml/sp_HttpBasicAuthentication.xml
@@ -0,0 +1 @@
+<sp:HttpBasicAuthentication xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_HttpDigestAuthentication.xml b/tests/resources/xml/sp_HttpDigestAuthentication.xml
new file mode 100644
index 00000000..fe1c23d8
--- /dev/null
+++ b/tests/resources/xml/sp_HttpDigestAuthentication.xml
@@ -0,0 +1 @@
+<sp:HttpDigestAuthentication xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_HttpsToken.xml b/tests/resources/xml/sp_HttpsToken.xml
new file mode 100644
index 00000000..e8a2406e
--- /dev/null
+++ b/tests/resources/xml/sp_HttpsToken.xml
@@ -0,0 +1,3 @@
+<sp:HttpsToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always" ssp:attr1="value1">
+  <ssp:Chunk>some</ssp:Chunk>
+</sp:HttpsToken>
diff --git a/tests/resources/xml/sp_IncludeTimestamp.xml b/tests/resources/xml/sp_IncludeTimestamp.xml
new file mode 100644
index 00000000..c41a226e
--- /dev/null
+++ b/tests/resources/xml/sp_IncludeTimestamp.xml
@@ -0,0 +1 @@
+<sp:IncludeTimestamp xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_InclusiveC14N.xml b/tests/resources/xml/sp_InclusiveC14N.xml
new file mode 100644
index 00000000..6f68710d
--- /dev/null
+++ b/tests/resources/xml/sp_InclusiveC14N.xml
@@ -0,0 +1 @@
+<sp:InclusiveC14N xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_InitiatorEncryptionToken.xml b/tests/resources/xml/sp_InitiatorEncryptionToken.xml
new file mode 100644
index 00000000..89f097a9
--- /dev/null
+++ b/tests/resources/xml/sp_InitiatorEncryptionToken.xml
@@ -0,0 +1,3 @@
+<sp:InitiatorEncryptionToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:InitiatorEncryptionToken>
diff --git a/tests/resources/xml/sp_InitiatorSignatureToken.xml b/tests/resources/xml/sp_InitiatorSignatureToken.xml
new file mode 100644
index 00000000..3c8c46d2
--- /dev/null
+++ b/tests/resources/xml/sp_InitiatorSignatureToken.xml
@@ -0,0 +1,3 @@
+<sp:InitiatorSignatureToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:InitiatorSignatureToken>
diff --git a/tests/resources/xml/sp_InitiatorToken.xml b/tests/resources/xml/sp_InitiatorToken.xml
new file mode 100644
index 00000000..49f557a8
--- /dev/null
+++ b/tests/resources/xml/sp_InitiatorToken.xml
@@ -0,0 +1,3 @@
+<sp:InitiatorToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:InitiatorToken>
diff --git a/tests/resources/xml/sp_IssuedToken.xml b/tests/resources/xml/sp_IssuedToken.xml
new file mode 100644
index 00000000..5d16f4f1
--- /dev/null
+++ b/tests/resources/xml/sp_IssuedToken.xml
@@ -0,0 +1,7 @@
+<sp:IssuedToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always" ssp:attr1="value1">
+  <sp:IssuerName>urn:x-simplesamlphp:issuer</sp:IssuerName>
+  <sp:RequestSecurityTokenTemplate xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" TrustVersion="urn:x-simplesamlphp:version" ssp:attr1="value1">
+    <ssp:Chunk>some</ssp:Chunk>
+  </sp:RequestSecurityTokenTemplate>
+  <ssp:Chunk>some</ssp:Chunk>
+</sp:IssuedToken>
diff --git a/tests/resources/xml/sp_Issuer.xml b/tests/resources/xml/sp_Issuer.xml
new file mode 100644
index 00000000..4fd8d0b9
--- /dev/null
+++ b/tests/resources/xml/sp_Issuer.xml
@@ -0,0 +1,14 @@
+<sp:Issuer xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:test1="value1">
+  <wsa:Address xmlns:wsa="http://www.w3.org/2005/08/addressing" ssp:test2="value2">https://login.microsoftonline.com/login.srf</wsa:Address>
+  <wsa:ReferenceParameters xmlns:wsa="http://www.w3.org/2005/08/addressing" ssp:test4="value4">
+    <m:GetPrice xmlns:m="https://www.w3schools.com/prices">
+      <m:Item>Pears</m:Item>
+    </m:GetPrice>
+  </wsa:ReferenceParameters>
+  <wsa:Metadata xmlns:wsa="http://www.w3.org/2005/08/addressing" ssp:test3="value3">
+    <m:GetPrice xmlns:m="https://www.w3schools.com/prices">
+      <m:Item>Apples</m:Item>
+    </m:GetPrice>
+  </wsa:Metadata>
+  <ssp:Chunk>SomeChunk</ssp:Chunk>
+</sp:Issuer>
diff --git a/tests/resources/xml/sp_IssuerName.xml b/tests/resources/xml/sp_IssuerName.xml
new file mode 100644
index 00000000..309293cf
--- /dev/null
+++ b/tests/resources/xml/sp_IssuerName.xml
@@ -0,0 +1 @@
+<sp:IssuerName xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">urn:x-simplesamlphp:namespace</sp:IssuerName>
diff --git a/tests/resources/xml/sp_KerberosToken.xml b/tests/resources/xml/sp_KerberosToken.xml
new file mode 100644
index 00000000..2cc83de2
--- /dev/null
+++ b/tests/resources/xml/sp_KerberosToken.xml
@@ -0,0 +1,3 @@
+<sp:KerberosToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always" ssp:attr1="value1">
+  <ssp:Chunk>some</ssp:Chunk>
+</sp:KerberosToken>
diff --git a/tests/resources/xml/sp_KeyValueToken.xml b/tests/resources/xml/sp_KeyValueToken.xml
new file mode 100644
index 00000000..9dfa1952
--- /dev/null
+++ b/tests/resources/xml/sp_KeyValueToken.xml
@@ -0,0 +1,3 @@
+<sp:KeyValueToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always" ssp:attr1="value1">
+  <ssp:Chunk>some</ssp:Chunk>
+</sp:KeyValueToken>
diff --git a/tests/resources/xml/sp_Lax.xml b/tests/resources/xml/sp_Lax.xml
new file mode 100644
index 00000000..1451d6e3
--- /dev/null
+++ b/tests/resources/xml/sp_Lax.xml
@@ -0,0 +1 @@
+<sp:Lax xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_LaxTsFirst.xml b/tests/resources/xml/sp_LaxTsFirst.xml
new file mode 100644
index 00000000..5ac1257f
--- /dev/null
+++ b/tests/resources/xml/sp_LaxTsFirst.xml
@@ -0,0 +1 @@
+<sp:LaxTsFirst xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_LaxTsLast.xml b/tests/resources/xml/sp_LaxTsLast.xml
new file mode 100644
index 00000000..ba086a7a
--- /dev/null
+++ b/tests/resources/xml/sp_LaxTsLast.xml
@@ -0,0 +1 @@
+<sp:LaxTsLast xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_Layout.xml b/tests/resources/xml/sp_Layout.xml
new file mode 100644
index 00000000..709b0ee1
--- /dev/null
+++ b/tests/resources/xml/sp_Layout.xml
@@ -0,0 +1,3 @@
+<sp:Layout xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:Layout>
diff --git a/tests/resources/xml/sp_MustNotSendAmend.xml b/tests/resources/xml/sp_MustNotSendAmend.xml
new file mode 100644
index 00000000..8f6ed888
--- /dev/null
+++ b/tests/resources/xml/sp_MustNotSendAmend.xml
@@ -0,0 +1 @@
+<sp:MustNotSendAmend xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_MustNotSendCancel.xml b/tests/resources/xml/sp_MustNotSendCancel.xml
new file mode 100644
index 00000000..56ef447b
--- /dev/null
+++ b/tests/resources/xml/sp_MustNotSendCancel.xml
@@ -0,0 +1 @@
+<sp:MustNotSendCancel xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_MustNotSendRenew.xml b/tests/resources/xml/sp_MustNotSendRenew.xml
new file mode 100644
index 00000000..0372e02d
--- /dev/null
+++ b/tests/resources/xml/sp_MustNotSendRenew.xml
@@ -0,0 +1 @@
+<sp:MustNotSendRenew xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_MustSupportClientChallenge.xml b/tests/resources/xml/sp_MustSupportClientChallenge.xml
new file mode 100644
index 00000000..d001e37b
--- /dev/null
+++ b/tests/resources/xml/sp_MustSupportClientChallenge.xml
@@ -0,0 +1 @@
+<sp:MustSupportClientChallenge xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_MustSupportIssuedTokens.xml b/tests/resources/xml/sp_MustSupportIssuedTokens.xml
new file mode 100644
index 00000000..620a74dd
--- /dev/null
+++ b/tests/resources/xml/sp_MustSupportIssuedTokens.xml
@@ -0,0 +1 @@
+<sp:MustSupportIssuedTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_MustSupportRefEmbeddedToken.xml b/tests/resources/xml/sp_MustSupportRefEmbeddedToken.xml
new file mode 100644
index 00000000..3bf5cd24
--- /dev/null
+++ b/tests/resources/xml/sp_MustSupportRefEmbeddedToken.xml
@@ -0,0 +1 @@
+<sp:MustSupportRefEmbeddedToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_MustSupportRefEncryptedKey.xml b/tests/resources/xml/sp_MustSupportRefEncryptedKey.xml
new file mode 100644
index 00000000..f3c3b3c3
--- /dev/null
+++ b/tests/resources/xml/sp_MustSupportRefEncryptedKey.xml
@@ -0,0 +1 @@
+<sp:MustSupportRefEncryptedKey xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_MustSupportRefExternalURI.xml b/tests/resources/xml/sp_MustSupportRefExternalURI.xml
new file mode 100644
index 00000000..ef967f97
--- /dev/null
+++ b/tests/resources/xml/sp_MustSupportRefExternalURI.xml
@@ -0,0 +1 @@
+<sp:MustSupportRefExternalURI xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_MustSupportRefIssuerSerial.xml b/tests/resources/xml/sp_MustSupportRefIssuerSerial.xml
new file mode 100644
index 00000000..c0ca665c
--- /dev/null
+++ b/tests/resources/xml/sp_MustSupportRefIssuerSerial.xml
@@ -0,0 +1 @@
+<sp:MustSupportRefIssuerSerial xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_MustSupportRefKeyIdentifier.xml b/tests/resources/xml/sp_MustSupportRefKeyIdentifier.xml
new file mode 100644
index 00000000..a9ef430a
--- /dev/null
+++ b/tests/resources/xml/sp_MustSupportRefKeyIdentifier.xml
@@ -0,0 +1 @@
+<sp:MustSupportRefKeyIdentifier xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_MustSupportRefThumbprint.xml b/tests/resources/xml/sp_MustSupportRefThumbprint.xml
new file mode 100644
index 00000000..1a3cbe42
--- /dev/null
+++ b/tests/resources/xml/sp_MustSupportRefThumbprint.xml
@@ -0,0 +1 @@
+<sp:MustSupportRefThumbprint xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_MustSupportServerChallenge.xml b/tests/resources/xml/sp_MustSupportServerChallenge.xml
new file mode 100644
index 00000000..be2824fc
--- /dev/null
+++ b/tests/resources/xml/sp_MustSupportServerChallenge.xml
@@ -0,0 +1 @@
+<sp:MustSupportServerChallenge xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_NoPassword.xml b/tests/resources/xml/sp_NoPassword.xml
new file mode 100644
index 00000000..5b82ad29
--- /dev/null
+++ b/tests/resources/xml/sp_NoPassword.xml
@@ -0,0 +1 @@
+<sp:NoPassword xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_OnlySignEntireHeadersAndBody.xml b/tests/resources/xml/sp_OnlySignEntireHeadersAndBody.xml
new file mode 100644
index 00000000..492b78ba
--- /dev/null
+++ b/tests/resources/xml/sp_OnlySignEntireHeadersAndBody.xml
@@ -0,0 +1 @@
+<sp:OnlySignEntireHeadersAndBody xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_ProtectTokens.xml b/tests/resources/xml/sp_ProtectTokens.xml
new file mode 100644
index 00000000..a9aa5f05
--- /dev/null
+++ b/tests/resources/xml/sp_ProtectTokens.xml
@@ -0,0 +1 @@
+<sp:ProtectTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_ProtectionToken.xml b/tests/resources/xml/sp_ProtectionToken.xml
new file mode 100644
index 00000000..b379f8e3
--- /dev/null
+++ b/tests/resources/xml/sp_ProtectionToken.xml
@@ -0,0 +1,3 @@
+<sp:ProtectionToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:ProtectionToken>
diff --git a/tests/resources/xml/sp_RecipientEncryptionToken.xml b/tests/resources/xml/sp_RecipientEncryptionToken.xml
new file mode 100644
index 00000000..352530c9
--- /dev/null
+++ b/tests/resources/xml/sp_RecipientEncryptionToken.xml
@@ -0,0 +1,3 @@
+<sp:RecipientEncryptionToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:RecipientEncryptionToken>
diff --git a/tests/resources/xml/sp_RecipientSignatureToken.xml b/tests/resources/xml/sp_RecipientSignatureToken.xml
new file mode 100644
index 00000000..631850d0
--- /dev/null
+++ b/tests/resources/xml/sp_RecipientSignatureToken.xml
@@ -0,0 +1,3 @@
+<sp:RecipientSignatureToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:RecipientSignatureToken>
diff --git a/tests/resources/xml/sp_RecipientToken.xml b/tests/resources/xml/sp_RecipientToken.xml
new file mode 100644
index 00000000..a2ca10e8
--- /dev/null
+++ b/tests/resources/xml/sp_RecipientToken.xml
@@ -0,0 +1,3 @@
+<sp:RecipientToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:RecipientToken>
diff --git a/tests/resources/xml/sp_RelToken.xml b/tests/resources/xml/sp_RelToken.xml
new file mode 100644
index 00000000..f52e9302
--- /dev/null
+++ b/tests/resources/xml/sp_RelToken.xml
@@ -0,0 +1,3 @@
+<sp:RelToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always" ssp:attr1="value1">
+  <ssp:Chunk>some</ssp:Chunk>
+</sp:RelToken>
diff --git a/tests/resources/xml/sp_RequestSecurityTokenTemplate.xml b/tests/resources/xml/sp_RequestSecurityTokenTemplate.xml
new file mode 100644
index 00000000..cf3dba3d
--- /dev/null
+++ b/tests/resources/xml/sp_RequestSecurityTokenTemplate.xml
@@ -0,0 +1,3 @@
+<sp:RequestSecurityTokenTemplate xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" TrustVersion="urn:x-simplesamlphp:version" ssp:attr1="value1">
+  <ssp:Chunk>some</ssp:Chunk>
+</sp:RequestSecurityTokenTemplate>
diff --git a/tests/resources/xml/sp_RequireAppliesTo.xml b/tests/resources/xml/sp_RequireAppliesTo.xml
new file mode 100644
index 00000000..dd3383b2
--- /dev/null
+++ b/tests/resources/xml/sp_RequireAppliesTo.xml
@@ -0,0 +1 @@
+<sp:RequireAppliesTo xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_RequireClientCertificate.xml b/tests/resources/xml/sp_RequireClientCertificate.xml
new file mode 100644
index 00000000..dc613fb9
--- /dev/null
+++ b/tests/resources/xml/sp_RequireClientCertificate.xml
@@ -0,0 +1 @@
+<sp:RequireClientCertificate xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_RequireClientEntropy.xml b/tests/resources/xml/sp_RequireClientEntropy.xml
new file mode 100644
index 00000000..30a36c1a
--- /dev/null
+++ b/tests/resources/xml/sp_RequireClientEntropy.xml
@@ -0,0 +1 @@
+<sp:RequireClientEntropy xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_RequireDerivedKeys.xml b/tests/resources/xml/sp_RequireDerivedKeys.xml
new file mode 100644
index 00000000..32be2ec1
--- /dev/null
+++ b/tests/resources/xml/sp_RequireDerivedKeys.xml
@@ -0,0 +1 @@
+<sp:RequireDerivedKeys xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_RequireEmbeddedTokenReference.xml b/tests/resources/xml/sp_RequireEmbeddedTokenReference.xml
new file mode 100644
index 00000000..feb5a8e4
--- /dev/null
+++ b/tests/resources/xml/sp_RequireEmbeddedTokenReference.xml
@@ -0,0 +1 @@
+<sp:RequireEmbeddedTokenReference xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_RequireExplicitDerivedKeys.xml b/tests/resources/xml/sp_RequireExplicitDerivedKeys.xml
new file mode 100644
index 00000000..27dc75f9
--- /dev/null
+++ b/tests/resources/xml/sp_RequireExplicitDerivedKeys.xml
@@ -0,0 +1 @@
+<sp:RequireExplicitDerivedKeys xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_RequireExternalReference.xml b/tests/resources/xml/sp_RequireExternalReference.xml
new file mode 100644
index 00000000..8c4c0428
--- /dev/null
+++ b/tests/resources/xml/sp_RequireExternalReference.xml
@@ -0,0 +1 @@
+<sp:RequireExternalReference xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_RequireExternalUriReference.xml b/tests/resources/xml/sp_RequireExternalUriReference.xml
new file mode 100644
index 00000000..60bc469c
--- /dev/null
+++ b/tests/resources/xml/sp_RequireExternalUriReference.xml
@@ -0,0 +1 @@
+<sp:RequireExternalUriReference xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_RequireImpliedDerivedKeys.xml b/tests/resources/xml/sp_RequireImpliedDerivedKeys.xml
new file mode 100644
index 00000000..bab75242
--- /dev/null
+++ b/tests/resources/xml/sp_RequireImpliedDerivedKeys.xml
@@ -0,0 +1 @@
+<sp:RequireImpliedDerivedKeys xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_RequireInternalReference.xml b/tests/resources/xml/sp_RequireInternalReference.xml
new file mode 100644
index 00000000..6bf3fbdc
--- /dev/null
+++ b/tests/resources/xml/sp_RequireInternalReference.xml
@@ -0,0 +1 @@
+<sp:RequireInternalReference xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_RequireIssuerSerialReference.xml b/tests/resources/xml/sp_RequireIssuerSerialReference.xml
new file mode 100644
index 00000000..59290954
--- /dev/null
+++ b/tests/resources/xml/sp_RequireIssuerSerialReference.xml
@@ -0,0 +1 @@
+<sp:RequireIssuerSerialReference xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_RequireKeyIdentifierReference.xml b/tests/resources/xml/sp_RequireKeyIdentifierReference.xml
new file mode 100644
index 00000000..a8da36ca
--- /dev/null
+++ b/tests/resources/xml/sp_RequireKeyIdentifierReference.xml
@@ -0,0 +1 @@
+<sp:RequireKeyIdentifierReference xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_RequireRequestSecurityTokenCollection.xml b/tests/resources/xml/sp_RequireRequestSecurityTokenCollection.xml
new file mode 100644
index 00000000..a6f20f5f
--- /dev/null
+++ b/tests/resources/xml/sp_RequireRequestSecurityTokenCollection.xml
@@ -0,0 +1 @@
+<sp:RequireRequestSecurityTokenCollection xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_RequireServerEntropy.xml b/tests/resources/xml/sp_RequireServerEntropy.xml
new file mode 100644
index 00000000..4c7126e0
--- /dev/null
+++ b/tests/resources/xml/sp_RequireServerEntropy.xml
@@ -0,0 +1 @@
+<sp:RequireServerEntropy xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_RequireSignatureConfirmation.xml b/tests/resources/xml/sp_RequireSignatureConfirmation.xml
new file mode 100644
index 00000000..0f5d7599
--- /dev/null
+++ b/tests/resources/xml/sp_RequireSignatureConfirmation.xml
@@ -0,0 +1 @@
+<sp:RequireSignatureConfirmation xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_RequireThumbprintReference.xml b/tests/resources/xml/sp_RequireThumbprintReference.xml
new file mode 100644
index 00000000..29213350
--- /dev/null
+++ b/tests/resources/xml/sp_RequireThumbprintReference.xml
@@ -0,0 +1 @@
+<sp:RequireThumbprintReference xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_RequiredElements.xml b/tests/resources/xml/sp_RequiredElements.xml
new file mode 100644
index 00000000..131defba
--- /dev/null
+++ b/tests/resources/xml/sp_RequiredElements.xml
@@ -0,0 +1,4 @@
+<sp:RequiredElements xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" XPathVersion="urn:x-simplesamlphp:version" ssp:attr1="value1">
+  <sp:XPath>/bookstore/book[price>35.00]/title</sp:XPath>
+  <ssp:Chunk>some</ssp:Chunk>
+</sp:RequiredElements>
diff --git a/tests/resources/xml/sp_RequiredParts.xml b/tests/resources/xml/sp_RequiredParts.xml
new file mode 100644
index 00000000..45ddb1e9
--- /dev/null
+++ b/tests/resources/xml/sp_RequiredParts.xml
@@ -0,0 +1,4 @@
+<sp:RequiredParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <sp:Header xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" Name="ssp:name" Namespace="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
+  <ssp:Chunk>some</ssp:Chunk>
+</sp:RequiredParts>
diff --git a/tests/resources/xml/sp_RsaKeyValue.xml b/tests/resources/xml/sp_RsaKeyValue.xml
new file mode 100644
index 00000000..006d390b
--- /dev/null
+++ b/tests/resources/xml/sp_RsaKeyValue.xml
@@ -0,0 +1 @@
+<sp:RsaKeyValue xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_SC13SecurityContextToken.xml b/tests/resources/xml/sp_SC13SecurityContextToken.xml
new file mode 100644
index 00000000..66f4cb86
--- /dev/null
+++ b/tests/resources/xml/sp_SC13SecurityContextToken.xml
@@ -0,0 +1 @@
+<sp:SC13SecurityContextToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_SOAPNormalization10.xml b/tests/resources/xml/sp_SOAPNormalization10.xml
new file mode 100644
index 00000000..71afddb3
--- /dev/null
+++ b/tests/resources/xml/sp_SOAPNormalization10.xml
@@ -0,0 +1 @@
+<sp:SOAPNormalization10 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_STRTransform10.xml b/tests/resources/xml/sp_STRTransform10.xml
new file mode 100644
index 00000000..bbd6464d
--- /dev/null
+++ b/tests/resources/xml/sp_STRTransform10.xml
@@ -0,0 +1 @@
+<sp:STRTransform10 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_SamlToken.xml b/tests/resources/xml/sp_SamlToken.xml
new file mode 100644
index 00000000..5b858c6c
--- /dev/null
+++ b/tests/resources/xml/sp_SamlToken.xml
@@ -0,0 +1,3 @@
+<sp:SamlToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always" ssp:attr1="value1">
+  <ssp:Chunk>some</ssp:Chunk>
+</sp:SamlToken>
diff --git a/tests/resources/xml/sp_SecureConversationToken.xml b/tests/resources/xml/sp_SecureConversationToken.xml
new file mode 100644
index 00000000..7e23eef1
--- /dev/null
+++ b/tests/resources/xml/sp_SecureConversationToken.xml
@@ -0,0 +1,4 @@
+<sp:SecureConversationToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always" ssp:attr1="value1">
+  <sp:IssuerName>urn:x-simplesamlphp:issuer</sp:IssuerName>
+  <ssp:Chunk>some</ssp:Chunk>
+</sp:SecureConversationToken>
diff --git a/tests/resources/xml/sp_SecurityContextToken.xml b/tests/resources/xml/sp_SecurityContextToken.xml
new file mode 100644
index 00000000..cefa9b0a
--- /dev/null
+++ b/tests/resources/xml/sp_SecurityContextToken.xml
@@ -0,0 +1,3 @@
+<sp:SecurityContextToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always" ssp:attr1="value1">
+  <ssp:Chunk>some</ssp:Chunk>
+</sp:SecurityContextToken>
diff --git a/tests/resources/xml/sp_SignatureToken.xml b/tests/resources/xml/sp_SignatureToken.xml
new file mode 100644
index 00000000..495c80c4
--- /dev/null
+++ b/tests/resources/xml/sp_SignatureToken.xml
@@ -0,0 +1,3 @@
+<sp:SignatureToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:SignatureToken>
diff --git a/tests/resources/xml/sp_SignedElements.xml b/tests/resources/xml/sp_SignedElements.xml
new file mode 100644
index 00000000..dc66e01b
--- /dev/null
+++ b/tests/resources/xml/sp_SignedElements.xml
@@ -0,0 +1,4 @@
+<sp:SignedElements xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" XPathVersion="urn:x-simplesamlphp:version" ssp:attr1="value1">
+  <sp:XPath>/bookstore/book[price>35.00]/title</sp:XPath>
+  <ssp:Chunk>some</ssp:Chunk>
+</sp:SignedElements>
diff --git a/tests/resources/xml/sp_SignedEncryptedSupportingTokens.xml b/tests/resources/xml/sp_SignedEncryptedSupportingTokens.xml
new file mode 100644
index 00000000..5d74a16e
--- /dev/null
+++ b/tests/resources/xml/sp_SignedEncryptedSupportingTokens.xml
@@ -0,0 +1,3 @@
+<sp:SignedEncryptedSupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:SignedEncryptedSupportingTokens>
diff --git a/tests/resources/xml/sp_SignedEndorsingEncryptedSupportingTokens.xml b/tests/resources/xml/sp_SignedEndorsingEncryptedSupportingTokens.xml
new file mode 100644
index 00000000..dfe94539
--- /dev/null
+++ b/tests/resources/xml/sp_SignedEndorsingEncryptedSupportingTokens.xml
@@ -0,0 +1,3 @@
+<sp:SignedEndorsingEncryptedSupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:SignedEndorsingEncryptedSupportingTokens>
diff --git a/tests/resources/xml/sp_SignedEndorsingSupportingTokens.xml b/tests/resources/xml/sp_SignedEndorsingSupportingTokens.xml
new file mode 100644
index 00000000..a3ab305c
--- /dev/null
+++ b/tests/resources/xml/sp_SignedEndorsingSupportingTokens.xml
@@ -0,0 +1,3 @@
+<sp:SignedEndorsingSupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:SignedEndorsingSupportingTokens>
diff --git a/tests/resources/xml/sp_SignedParts.xml b/tests/resources/xml/sp_SignedParts.xml
new file mode 100644
index 00000000..87c91e57
--- /dev/null
+++ b/tests/resources/xml/sp_SignedParts.xml
@@ -0,0 +1,6 @@
+<sp:SignedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <sp:Body xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"/>
+  <sp:Header xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" Name="ssp:name" Namespace="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
+  <sp:Attachments xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"/>
+  <ssp:Chunk>some</ssp:Chunk>
+</sp:SignedParts>
diff --git a/tests/resources/xml/sp_SignedSupportingTokens.xml b/tests/resources/xml/sp_SignedSupportingTokens.xml
new file mode 100644
index 00000000..d1b4f3bc
--- /dev/null
+++ b/tests/resources/xml/sp_SignedSupportingTokens.xml
@@ -0,0 +1,3 @@
+<sp:SignedSupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:SignedSupportingTokens>
diff --git a/tests/resources/xml/sp_SpnegoContextToken.xml b/tests/resources/xml/sp_SpnegoContextToken.xml
new file mode 100644
index 00000000..0db1d87a
--- /dev/null
+++ b/tests/resources/xml/sp_SpnegoContextToken.xml
@@ -0,0 +1,4 @@
+<sp:SpnegoContextToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always" ssp:attr1="value1">
+  <sp:IssuerName>urn:x-simplesamlphp:issuer</sp:IssuerName>
+  <ssp:Chunk>some</ssp:Chunk>
+</sp:SpnegoContextToken>
diff --git a/tests/resources/xml/sp_Strict.xml b/tests/resources/xml/sp_Strict.xml
new file mode 100644
index 00000000..1bf8b550
--- /dev/null
+++ b/tests/resources/xml/sp_Strict.xml
@@ -0,0 +1 @@
+<sp:Strict xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_SupportingTokens.xml b/tests/resources/xml/sp_SupportingTokens.xml
new file mode 100644
index 00000000..ec006248
--- /dev/null
+++ b/tests/resources/xml/sp_SupportingTokens.xml
@@ -0,0 +1,3 @@
+<sp:SupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:SupportingTokens>
diff --git a/tests/resources/xml/sp_SymmetricBinding.xml b/tests/resources/xml/sp_SymmetricBinding.xml
new file mode 100644
index 00000000..ad7d4595
--- /dev/null
+++ b/tests/resources/xml/sp_SymmetricBinding.xml
@@ -0,0 +1,3 @@
+<sp:SymmetricBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:SymmetricBinding>
diff --git a/tests/resources/xml/sp_TransportBinding.xml b/tests/resources/xml/sp_TransportBinding.xml
new file mode 100644
index 00000000..ba846811
--- /dev/null
+++ b/tests/resources/xml/sp_TransportBinding.xml
@@ -0,0 +1,3 @@
+<sp:TransportBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:TransportBinding>
diff --git a/tests/resources/xml/sp_TransportToken.xml b/tests/resources/xml/sp_TransportToken.xml
new file mode 100644
index 00000000..ff2ec608
--- /dev/null
+++ b/tests/resources/xml/sp_TransportToken.xml
@@ -0,0 +1,3 @@
+<sp:TransportToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:TransportToken>
diff --git a/tests/resources/xml/sp_TripleDes.xml b/tests/resources/xml/sp_TripleDes.xml
new file mode 100644
index 00000000..c778ddf0
--- /dev/null
+++ b/tests/resources/xml/sp_TripleDes.xml
@@ -0,0 +1 @@
+<sp:TripleDes xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_TripleDesRsa15.xml b/tests/resources/xml/sp_TripleDesRsa15.xml
new file mode 100644
index 00000000..e65bb6f9
--- /dev/null
+++ b/tests/resources/xml/sp_TripleDesRsa15.xml
@@ -0,0 +1 @@
+<sp:TripleDesRsa15 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_TripleDesSha256.xml b/tests/resources/xml/sp_TripleDesSha256.xml
new file mode 100644
index 00000000..5a533112
--- /dev/null
+++ b/tests/resources/xml/sp_TripleDesSha256.xml
@@ -0,0 +1 @@
+<sp:TripleDesSha256 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_TripleDesSha256Rsa15.xml b/tests/resources/xml/sp_TripleDesSha256Rsa15.xml
new file mode 100644
index 00000000..a8352942
--- /dev/null
+++ b/tests/resources/xml/sp_TripleDesSha256Rsa15.xml
@@ -0,0 +1 @@
+<sp:TripleDesSha256Rsa15 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_Trust13.xml b/tests/resources/xml/sp_Trust13.xml
new file mode 100644
index 00000000..3ea8732f
--- /dev/null
+++ b/tests/resources/xml/sp_Trust13.xml
@@ -0,0 +1,3 @@
+<sp:Trust13 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:Trust13>
diff --git a/tests/resources/xml/sp_UsernameToken.xml b/tests/resources/xml/sp_UsernameToken.xml
new file mode 100644
index 00000000..11f5291a
--- /dev/null
+++ b/tests/resources/xml/sp_UsernameToken.xml
@@ -0,0 +1,3 @@
+<sp:UsernameToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always" ssp:attr1="value1">
+  <ssp:Chunk>some</ssp:Chunk>
+</sp:UsernameToken>
diff --git a/tests/resources/xml/sp_Wss10.xml b/tests/resources/xml/sp_Wss10.xml
new file mode 100644
index 00000000..496169a5
--- /dev/null
+++ b/tests/resources/xml/sp_Wss10.xml
@@ -0,0 +1,3 @@
+<sp:Wss10 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:Wss10>
diff --git a/tests/resources/xml/sp_Wss11.xml b/tests/resources/xml/sp_Wss11.xml
new file mode 100644
index 00000000..faf6d0eb
--- /dev/null
+++ b/tests/resources/xml/sp_Wss11.xml
@@ -0,0 +1,3 @@
+<sp:Wss11 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1">
+  <ssp:Chunk>Some</ssp:Chunk>
+</sp:Wss11>
diff --git a/tests/resources/xml/sp_WssGssKerberosV5ApReqToken11.xml b/tests/resources/xml/sp_WssGssKerberosV5ApReqToken11.xml
new file mode 100644
index 00000000..d8b38a2f
--- /dev/null
+++ b/tests/resources/xml/sp_WssGssKerberosV5ApReqToken11.xml
@@ -0,0 +1 @@
+<sp:WssGssKerberosV5ApReqToken11 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_WssKerberosV5ApReqToken11.xml b/tests/resources/xml/sp_WssKerberosV5ApReqToken11.xml
new file mode 100644
index 00000000..00f87c2e
--- /dev/null
+++ b/tests/resources/xml/sp_WssKerberosV5ApReqToken11.xml
@@ -0,0 +1 @@
+<sp:WssKerberosV5ApReqToken11 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_WssRelV10Token10.xml b/tests/resources/xml/sp_WssRelV10Token10.xml
new file mode 100644
index 00000000..0b041bda
--- /dev/null
+++ b/tests/resources/xml/sp_WssRelV10Token10.xml
@@ -0,0 +1 @@
+<sp:WssRelV10Token10 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_WssRelV10Token11.xml b/tests/resources/xml/sp_WssRelV10Token11.xml
new file mode 100644
index 00000000..b2818f51
--- /dev/null
+++ b/tests/resources/xml/sp_WssRelV10Token11.xml
@@ -0,0 +1 @@
+<sp:WssRelV10Token11 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_WssRelV20Token10.xml b/tests/resources/xml/sp_WssRelV20Token10.xml
new file mode 100644
index 00000000..50d53093
--- /dev/null
+++ b/tests/resources/xml/sp_WssRelV20Token10.xml
@@ -0,0 +1 @@
+<sp:WssRelV20Token10 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_WssRelV20Token11.xml b/tests/resources/xml/sp_WssRelV20Token11.xml
new file mode 100644
index 00000000..cc10a513
--- /dev/null
+++ b/tests/resources/xml/sp_WssRelV20Token11.xml
@@ -0,0 +1 @@
+<sp:WssRelV20Token11 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_WssSamlV11Token10.xml b/tests/resources/xml/sp_WssSamlV11Token10.xml
new file mode 100644
index 00000000..a43dc8b0
--- /dev/null
+++ b/tests/resources/xml/sp_WssSamlV11Token10.xml
@@ -0,0 +1 @@
+<sp:WssSamlV11Token10 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_WssSamlV11Token11.xml b/tests/resources/xml/sp_WssSamlV11Token11.xml
new file mode 100644
index 00000000..6c11f647
--- /dev/null
+++ b/tests/resources/xml/sp_WssSamlV11Token11.xml
@@ -0,0 +1 @@
+<sp:WssSamlV11Token11 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_WssSamlV20Token11.xml b/tests/resources/xml/sp_WssSamlV20Token11.xml
new file mode 100644
index 00000000..a5be0604
--- /dev/null
+++ b/tests/resources/xml/sp_WssSamlV20Token11.xml
@@ -0,0 +1 @@
+<sp:WssSamlV20Token11 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_WssUsernameToken10.xml b/tests/resources/xml/sp_WssUsernameToken10.xml
new file mode 100644
index 00000000..cb1ecf84
--- /dev/null
+++ b/tests/resources/xml/sp_WssUsernameToken10.xml
@@ -0,0 +1 @@
+<sp:WssUsernameToken10 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_WssUsernameToken11.xml b/tests/resources/xml/sp_WssUsernameToken11.xml
new file mode 100644
index 00000000..16aeeff0
--- /dev/null
+++ b/tests/resources/xml/sp_WssUsernameToken11.xml
@@ -0,0 +1 @@
+<sp:WssUsernameToken11 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_WssX509Pkcs7Token10.xml b/tests/resources/xml/sp_WssX509Pkcs7Token10.xml
new file mode 100644
index 00000000..e5cb90ca
--- /dev/null
+++ b/tests/resources/xml/sp_WssX509Pkcs7Token10.xml
@@ -0,0 +1 @@
+<sp:WssX509Pkcs7Token10 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_WssX509Pkcs7Token11.xml b/tests/resources/xml/sp_WssX509Pkcs7Token11.xml
new file mode 100644
index 00000000..8e9aa504
--- /dev/null
+++ b/tests/resources/xml/sp_WssX509Pkcs7Token11.xml
@@ -0,0 +1 @@
+<sp:WssX509Pkcs7Token11 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_WssX509PkiPathV1Token10.xml b/tests/resources/xml/sp_WssX509PkiPathV1Token10.xml
new file mode 100644
index 00000000..af250e42
--- /dev/null
+++ b/tests/resources/xml/sp_WssX509PkiPathV1Token10.xml
@@ -0,0 +1 @@
+<sp:WssX509PkiPathV1Token10 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_WssX509PkiPathV1Token11.xml b/tests/resources/xml/sp_WssX509PkiPathV1Token11.xml
new file mode 100644
index 00000000..896712c1
--- /dev/null
+++ b/tests/resources/xml/sp_WssX509PkiPathV1Token11.xml
@@ -0,0 +1 @@
+<sp:WssX509PkiPathV1Token11 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_WssX509V1Token11.xml b/tests/resources/xml/sp_WssX509V1Token11.xml
new file mode 100644
index 00000000..62becc8f
--- /dev/null
+++ b/tests/resources/xml/sp_WssX509V1Token11.xml
@@ -0,0 +1 @@
+<sp:WssX509V1Token11 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_WssX509V3Token10.xml b/tests/resources/xml/sp_WssX509V3Token10.xml
new file mode 100644
index 00000000..6931e0a0
--- /dev/null
+++ b/tests/resources/xml/sp_WssX509V3Token10.xml
@@ -0,0 +1 @@
+<sp:WssX509V3Token10 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_WssX509V3Token11.xml b/tests/resources/xml/sp_WssX509V3Token11.xml
new file mode 100644
index 00000000..f6d56e98
--- /dev/null
+++ b/tests/resources/xml/sp_WssX509V3Token11.xml
@@ -0,0 +1 @@
+<sp:WssX509V3Token11 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_X509Token.xml b/tests/resources/xml/sp_X509Token.xml
new file mode 100644
index 00000000..7cd7f958
--- /dev/null
+++ b/tests/resources/xml/sp_X509Token.xml
@@ -0,0 +1,3 @@
+<sp:X509Token xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always" ssp:attr1="value1">
+  <ssp:Chunk>some</ssp:Chunk>
+</sp:X509Token>
diff --git a/tests/resources/xml/sp_XPath.xml b/tests/resources/xml/sp_XPath.xml
new file mode 100644
index 00000000..4a2bfcaa
--- /dev/null
+++ b/tests/resources/xml/sp_XPath.xml
@@ -0,0 +1 @@
+<sp:XPath xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">/bookstore/book[price>35.00]/title</sp:XPath>
diff --git a/tests/resources/xml/sp_XPath10.xml b/tests/resources/xml/sp_XPath10.xml
new file mode 100644
index 00000000..233ab1fd
--- /dev/null
+++ b/tests/resources/xml/sp_XPath10.xml
@@ -0,0 +1 @@
+<sp:XPath10 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/sp_XPathFilter20.xml b/tests/resources/xml/sp_XPathFilter20.xml
new file mode 100644
index 00000000..c871aa27
--- /dev/null
+++ b/tests/resources/xml/sp_XPathFilter20.xml
@@ -0,0 +1 @@
+<sp:XPathFilter20 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>