X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=xmltoolingtest%2FSecurityHelperTest.h;h=81f0080fe9189d871f1e5794d52b1eb83e0b3690;hb=83de10b45721b7882182aaa8a6df0c729db8fc01;hp=61e571e566c77b284fe52e386217b02acefca7cb;hpb=10942e2040fe67f6d8903385b274e83d58965aa2;p=shibboleth%2Fcpp-xmltooling.git

diff --git a/xmltoolingtest/SecurityHelperTest.h b/xmltoolingtest/SecurityHelperTest.h
index 61e571e..81f0080 100644
--- a/xmltoolingtest/SecurityHelperTest.h
+++ b/xmltoolingtest/SecurityHelperTest.h
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2007 Internet2
+ *  Copyright 2001-2009 Internet2
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -18,6 +18,9 @@
 
 #include <xmltooling/security/SecurityHelper.h>
 
+#include <xsec/enc/XSECCryptoKey.hpp>
+#include <xsec/enc/XSECCryptoX509.hpp>
+
 class SecurityHelperTest : public CxxTest::TestSuite {
     vector<XSECCryptoX509*> certs;
 
@@ -32,6 +35,7 @@ public:
 
     void tearDown() {
         for_each(certs.begin(), certs.end(), xmltooling::cleanup<XSECCryptoX509>());
+        certs.clear();
     }
 
     void testKeysFromFiles() {
@@ -42,12 +46,12 @@ public:
         pathname = data_path + "test.pfx";
         auto_ptr<XSECCryptoKey> key3(SecurityHelper::loadKeyFromFile(pathname.c_str(), NULL, "password"));
 
-        TSM_ASSERT("PEM/DER keys did not match", SecurityHelper::matches(key1.get(), key2.get()));
-        TSM_ASSERT("DER/PKCS12 keys did not match", SecurityHelper::matches(key2.get(), key3.get()));
+        TSM_ASSERT("PEM/DER keys did not match", SecurityHelper::matches(*key1.get(), *key2.get()));
+        TSM_ASSERT("DER/PKCS12 keys did not match", SecurityHelper::matches(*key2.get(), *key3.get()));
 
         pathname = data_path + "key2.pem";
         auto_ptr<XSECCryptoKey> key4(SecurityHelper::loadKeyFromFile(pathname.c_str()));
-        TSM_ASSERT("Different keys matched", !SecurityHelper::matches(key3.get(), key4.get()));
+        TSM_ASSERT("Different keys matched", !SecurityHelper::matches(*key3.get(), *key4.get()));
     }
 
     void testKeysFromURLs() {
@@ -61,8 +65,8 @@ public:
         auto_ptr<SOAPTransport> t3(getTransport("https://spaces.internet2.edu/download/attachments/5305/test.pfx"));
         auto_ptr<XSECCryptoKey> key3(SecurityHelper::loadKeyFromURL(*t3.get(), pathname.c_str(), NULL, "password"));
 
-        TSM_ASSERT("PEM/DER keys did not match", SecurityHelper::matches(key1.get(), key2.get()));
-        TSM_ASSERT("DER/PKCS12 keys did not match", SecurityHelper::matches(key2.get(), key3.get()));
+        TSM_ASSERT("PEM/DER keys did not match", SecurityHelper::matches(*key1.get(), *key2.get()));
+        TSM_ASSERT("DER/PKCS12 keys did not match", SecurityHelper::matches(*key2.get(), *key3.get()));
     }
 
     void testCertificatesFromFiles() {
@@ -76,11 +80,26 @@ public:
         TSM_ASSERT_EQUALS("Wrong certificate count", certs.size(), 3);
 
         auto_ptr<XSECCryptoKey> key1(certs[0]->clonePublicKey());
-        auto_ptr<XSECCryptoKey> key2(certs[0]->clonePublicKey());
-        auto_ptr<XSECCryptoKey> key3(certs[0]->clonePublicKey());
+        auto_ptr<XSECCryptoKey> key2(certs[1]->clonePublicKey());
+        auto_ptr<XSECCryptoKey> key3(certs[2]->clonePublicKey());
+
+        TSM_ASSERT("PEM/DER keys did not match", SecurityHelper::matches(*key1.get(), *key2.get()));
+        TSM_ASSERT("DER/PKCS12 keys did not match", SecurityHelper::matches(*key2.get(), *key3.get()));
+
+        TSM_ASSERT_EQUALS(
+            "Certificate and its key produced different DER encodings",
+            SecurityHelper::getDEREncoding(*certs[2]), SecurityHelper::getDEREncoding(*key1.get())
+            );
+
+        TSM_ASSERT_EQUALS(
+            "Certificate and its key produced different hashed encodings",
+            SecurityHelper::getDEREncoding(*certs[2], "SHA1"), SecurityHelper::getDEREncoding(*key1.get(), "SHA1")
+            );
 
-        TSM_ASSERT("PEM/DER keys did not match", SecurityHelper::matches(key1.get(), key2.get()));
-        TSM_ASSERT("DER/PKCS12 keys did not match", SecurityHelper::matches(key2.get(), key3.get()));
+        TSM_ASSERT_EQUALS(
+            "Certificate and its key produced different hashed encodings",
+            SecurityHelper::getDEREncoding(*certs[2], "SHA256"), SecurityHelper::getDEREncoding(*key1.get(), "SHA256")
+            );
 
         for_each(certs.begin(), certs.end(), xmltooling::cleanup<XSECCryptoX509>());
         certs.clear();
@@ -103,8 +122,8 @@ public:
         auto_ptr<XSECCryptoKey> key2(certs[0]->clonePublicKey());
         auto_ptr<XSECCryptoKey> key3(certs[0]->clonePublicKey());
 
-        TSM_ASSERT("PEM/DER keys did not match", SecurityHelper::matches(key1.get(), key2.get()));
-        TSM_ASSERT("DER/PKCS12 keys did not match", SecurityHelper::matches(key2.get(), key3.get()));
+        TSM_ASSERT("PEM/DER keys did not match", SecurityHelper::matches(*key1.get(), *key2.get()));
+        TSM_ASSERT("DER/PKCS12 keys did not match", SecurityHelper::matches(*key2.get(), *key3.get()));
 
         for_each(certs.begin(), certs.end(), xmltooling::cleanup<XSECCryptoX509>());
         certs.clear();