X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=xmltoolingtest%2FSecurityHelperTest.h;h=81f0080fe9189d871f1e5794d52b1eb83e0b3690;hb=544b840e37b2ba94f2a228a84aa2d0202039a0b1;hp=70560127b4f1f09d6c8929d27b3c8473dae0db0f;hpb=18296076c28faadea55aec9384967574bb485b99;p=shibboleth%2Fcpp-xmltooling.git

diff --git a/xmltoolingtest/SecurityHelperTest.h b/xmltoolingtest/SecurityHelperTest.h
index 7056012..81f0080 100644
--- a/xmltoolingtest/SecurityHelperTest.h
+++ b/xmltoolingtest/SecurityHelperTest.h
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2007 Internet2
+ *  Copyright 2001-2009 Internet2
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -18,6 +18,9 @@
 
 #include <xmltooling/security/SecurityHelper.h>
 
+#include <xsec/enc/XSECCryptoKey.hpp>
+#include <xsec/enc/XSECCryptoX509.hpp>
+
 class SecurityHelperTest : public CxxTest::TestSuite {
     vector<XSECCryptoX509*> certs;
 
@@ -32,6 +35,7 @@ public:
 
     void tearDown() {
         for_each(certs.begin(), certs.end(), xmltooling::cleanup<XSECCryptoX509>());
+        certs.clear();
     }
 
     void testKeysFromFiles() {
@@ -42,12 +46,12 @@ public:
         pathname = data_path + "test.pfx";
         auto_ptr<XSECCryptoKey> key3(SecurityHelper::loadKeyFromFile(pathname.c_str(), NULL, "password"));
 
-        TSM_ASSERT("PEM/DER keys did not match", SecurityHelper::matches(key1.get(), key2.get()));
-        TSM_ASSERT("DER/PKCS12 keys did not match", SecurityHelper::matches(key2.get(), key3.get()));
+        TSM_ASSERT("PEM/DER keys did not match", SecurityHelper::matches(*key1.get(), *key2.get()));
+        TSM_ASSERT("DER/PKCS12 keys did not match", SecurityHelper::matches(*key2.get(), *key3.get()));
 
         pathname = data_path + "key2.pem";
         auto_ptr<XSECCryptoKey> key4(SecurityHelper::loadKeyFromFile(pathname.c_str()));
-        TSM_ASSERT("Different keys matched", !SecurityHelper::matches(key3.get(), key4.get()));
+        TSM_ASSERT("Different keys matched", !SecurityHelper::matches(*key3.get(), *key4.get()));
     }
 
     void testKeysFromURLs() {
@@ -61,8 +65,8 @@ public:
         auto_ptr<SOAPTransport> t3(getTransport("https://spaces.internet2.edu/download/attachments/5305/test.pfx"));
         auto_ptr<XSECCryptoKey> key3(SecurityHelper::loadKeyFromURL(*t3.get(), pathname.c_str(), NULL, "password"));
 
-        TSM_ASSERT("PEM/DER keys did not match", SecurityHelper::matches(key1.get(), key2.get()));
-        TSM_ASSERT("DER/PKCS12 keys did not match", SecurityHelper::matches(key2.get(), key3.get()));
+        TSM_ASSERT("PEM/DER keys did not match", SecurityHelper::matches(*key1.get(), *key2.get()));
+        TSM_ASSERT("DER/PKCS12 keys did not match", SecurityHelper::matches(*key2.get(), *key3.get()));
     }
 
     void testCertificatesFromFiles() {
@@ -79,11 +83,22 @@ public:
         auto_ptr<XSECCryptoKey> key2(certs[1]->clonePublicKey());
         auto_ptr<XSECCryptoKey> key3(certs[2]->clonePublicKey());
 
-        TSM_ASSERT("PEM/DER keys did not match", SecurityHelper::matches(key1.get(), key2.get()));
-        TSM_ASSERT("DER/PKCS12 keys did not match", SecurityHelper::matches(key2.get(), key3.get()));
+        TSM_ASSERT("PEM/DER keys did not match", SecurityHelper::matches(*key1.get(), *key2.get()));
+        TSM_ASSERT("DER/PKCS12 keys did not match", SecurityHelper::matches(*key2.get(), *key3.get()));
+
+        TSM_ASSERT_EQUALS(
+            "Certificate and its key produced different DER encodings",
+            SecurityHelper::getDEREncoding(*certs[2]), SecurityHelper::getDEREncoding(*key1.get())
+            );
+
+        TSM_ASSERT_EQUALS(
+            "Certificate and its key produced different hashed encodings",
+            SecurityHelper::getDEREncoding(*certs[2], "SHA1"), SecurityHelper::getDEREncoding(*key1.get(), "SHA1")
+            );
 
-        TSM_ASSERT_EQUALS("Certificate and its key produced different DER encodings",
-            SecurityHelper::getDEREncoding(certs[2]), SecurityHelper::getDEREncoding(key1.get())
+        TSM_ASSERT_EQUALS(
+            "Certificate and its key produced different hashed encodings",
+            SecurityHelper::getDEREncoding(*certs[2], "SHA256"), SecurityHelper::getDEREncoding(*key1.get(), "SHA256")
             );
 
         for_each(certs.begin(), certs.end(), xmltooling::cleanup<XSECCryptoX509>());
@@ -107,8 +122,8 @@ public:
         auto_ptr<XSECCryptoKey> key2(certs[0]->clonePublicKey());
         auto_ptr<XSECCryptoKey> key3(certs[0]->clonePublicKey());
 
-        TSM_ASSERT("PEM/DER keys did not match", SecurityHelper::matches(key1.get(), key2.get()));
-        TSM_ASSERT("DER/PKCS12 keys did not match", SecurityHelper::matches(key2.get(), key3.get()));
+        TSM_ASSERT("PEM/DER keys did not match", SecurityHelper::matches(*key1.get(), *key2.get()));
+        TSM_ASSERT("DER/PKCS12 keys did not match", SecurityHelper::matches(*key2.get(), *key3.get()));
 
         for_each(certs.begin(), certs.end(), xmltooling::cleanup<XSECCryptoX509>());
         certs.clear();