X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=xmltoolingtest%2FSignatureTest.h;h=458fa7ee59e37115f96948fa644f949ff8ef7932;hb=c390bc9abfd5ef673577b2da3104c3f36fb1c18d;hp=2087c4e269a75898e79413a9b14a1fde957d3672;hpb=7068408b1c6000ac3d207c782ba4f8c4e731b178;p=shibboleth%2Fcpp-xmltooling.git diff --git a/xmltoolingtest/SignatureTest.h b/xmltoolingtest/SignatureTest.h index 2087c4e..458fa7e 100644 --- a/xmltoolingtest/SignatureTest.h +++ b/xmltoolingtest/SignatureTest.h @@ -16,21 +16,88 @@ #include "XMLObjectBaseTestCase.h" +#include + #include #include #include #include +#include #include #include +#include +#include -class TestContext : public SigningContext +class TestContext : public ContentReference { - XSECCryptoKey* m_key; - vector m_certs; XMLCh* m_uri; public: TestContext(const XMLCh* uri) { + m_uri=XMLString::replicate(uri); + } + + virtual ~TestContext() { + XMLString::release(&m_uri); + } + + void createReferences(DSIGSignature* sig) { + DSIGReference* ref=sig->createReference(m_uri); + ref->appendEnvelopedSignatureTransform(); + ref->appendCanonicalizationTransform(CANON_C14NE_NOC); + } +}; + +class TestValidator : public SignatureValidator +{ + XMLCh* m_uri; + + TestValidator(const TestValidator& src) : SignatureValidator(src) { + m_uri=XMLString::replicate(src.m_uri); + } + +public: + TestValidator(const XMLCh* uri, XSECCryptoKey* key) : SignatureValidator(new KeyResolver(key)) { + m_uri=XMLString::replicate(uri); + } + + virtual ~TestValidator() { + XMLString::release(&m_uri); + } + + TestValidator* clone() const { + return new TestValidator(*this); + } + + void validate(const Signature* sigObj) const { + DSIGSignature* sig=sigObj->getXMLSignature(); + if (!sig) + throw SignatureException("Only a marshalled Signature object can be verified."); + const XMLCh* uri=sig->getReferenceList()->item(0)->getURI(); + TSM_ASSERT_SAME_DATA("Reference URI does not match.",uri,m_uri,XMLString::stringLen(uri)); + SignatureValidator::validate(sigObj); + } +}; + +class _addcert : public std::binary_function { +public: + void operator()(X509Data* bag, XSECCryptoX509* cert) const { + safeBuffer& buf=cert->getDEREncodingSB(); + X509Certificate* x=X509CertificateBuilder::buildX509Certificate(); + x->setValue(buf.sbStrToXMLCh()); + bag->getX509Certificates().push_back(x); + } +}; + +class SignatureTest : public CxxTest::TestSuite { + XSECCryptoKey* m_key; + vector m_certs; +public: + void setUp() { + QName qname(SimpleXMLObject::NAMESPACE,SimpleXMLObject::LOCAL_NAME); + QName qtype(SimpleXMLObject::NAMESPACE,SimpleXMLObject::TYPE_NAME); + XMLObjectBuilder::registerBuilder(qname, new SimpleXMLObjectBuilder()); + XMLObjectBuilder::registerBuilder(qtype, new SimpleXMLObjectBuilder()); string keypath=data_path + "key.pem"; BIO* in=BIO_new(BIO_s_file_internal()); if (in && BIO_read_filename(in,keypath.c_str())>0) { @@ -55,53 +122,29 @@ public: if (in) BIO_free(in); TS_ASSERT(m_certs.size()>0); - m_uri=XMLString::replicate(uri); - } - - virtual ~TestContext() { - delete m_key; - for_each(m_certs.begin(),m_certs.end(),xmltooling::cleanup()); - XMLString::release(&m_uri); - } - - void createSignature(DSIGSignature* sig) const { - DSIGReference* ref=sig->createReference(m_uri); - ref->appendEnvelopedSignatureTransform(); - ref->appendCanonicalizationTransform(CANON_C14NE_NOC); - } - - const std::vector& getX509Certificates() const { return m_certs; } - XSECCryptoKey* getSigningKey() const { return m_key->clone(); } -}; - -class SignatureTest : public CxxTest::TestSuite { - QName m_qname; -public: - SignatureTest() : m_qname(SimpleXMLObject::NAMESPACE,SimpleXMLObject::LOCAL_NAME) {} - - void setUp() { - XMLObjectBuilder::registerBuilder(m_qname, new SimpleXMLObjectBuilder()); - Marshaller::registerMarshaller(m_qname, new SimpleXMLObjectMarshaller()); - Unmarshaller::registerUnmarshaller(m_qname, new SimpleXMLObjectUnmarshaller()); } void tearDown() { - XMLObjectBuilder::deregisterBuilder(m_qname); - Marshaller::deregisterMarshaller(m_qname); - Unmarshaller::deregisterUnmarshaller(m_qname); + QName qname(SimpleXMLObject::NAMESPACE,SimpleXMLObject::LOCAL_NAME); + QName qtype(SimpleXMLObject::NAMESPACE,SimpleXMLObject::TYPE_NAME); + XMLObjectBuilder::deregisterBuilder(qname); + XMLObjectBuilder::deregisterBuilder(qtype); + delete m_key; + for_each(m_certs.begin(),m_certs.end(),xmltooling::cleanup()); } void testSignature() { TS_TRACE("testSignature"); - const XMLObjectBuilder* b=XMLObjectBuilder::getBuilder(m_qname); + QName qname(SimpleXMLObject::NAMESPACE,SimpleXMLObject::LOCAL_NAME); + const SimpleXMLObjectBuilder* b=dynamic_cast(XMLObjectBuilder::getBuilder(qname)); TS_ASSERT(b!=NULL); - auto_ptr sxObject(dynamic_cast(b->buildObject())); + auto_ptr sxObject(b->buildObject()); TS_ASSERT(sxObject.get()!=NULL); VectorOf(SimpleXMLObject) kids=sxObject->getSimpleXMLObjects(); - kids.push_back(dynamic_cast(b->buildObject())); - kids.push_back(dynamic_cast(b->buildObject())); + kids.push_back(b->buildObject()); + kids.push_back(b->buildObject()); // Test some collection stuff auto_ptr_XMLCh foo("Foo"); @@ -110,24 +153,47 @@ public: kids[1]->setValue(bar.get()); // Append a Signature. - Signature* sig=dynamic_cast(XMLObjectBuilder::buildObject(QName(XMLConstants::XMLSIG_NS,Signature::LOCAL_NAME))); + Signature* sig=SignatureBuilder::buildSignature(); sxObject->setSignature(sig); + sig->setContentReference(new TestContext(&chNull)); + sig->setSigningKey(m_key->clone()); + + // Build KeyInfo. + KeyInfo* keyInfo=KeyInfoBuilder::buildKeyInfo(); + X509Data* x509Data=X509DataBuilder::buildX509Data(); + keyInfo->getX509Datas().push_back(x509Data); + for_each(m_certs.begin(),m_certs.end(),bind1st(_addcert(),x509Data)); + sig->setKeyInfo(keyInfo); // Signing context for the whole document. - TestContext tc(&chNull); - MarshallingContext mctx(sig,&tc); - DOMElement* rootElement = Marshaller::getMarshaller(sxObject.get())->marshall(sxObject.get(),(DOMDocument*)NULL,&mctx); + vector sigs(1,sig); + DOMElement* rootElement = NULL; + try { + rootElement=sxObject->marshall((DOMDocument*)NULL,&sigs); + } + catch (XMLToolingException& e) { + TS_TRACE(e.what()); + throw; + } string buf; XMLHelper::serialize(rootElement, buf); - TS_TRACE(buf.c_str()); + //TS_TRACE(buf.c_str()); istringstream in(buf); - DOMDocument* doc=nonvalidatingPool->parse(in); - const Unmarshaller* u = Unmarshaller::getUnmarshaller(doc->getDocumentElement()); - auto_ptr sxObject2(dynamic_cast(u->unmarshall(doc->getDocumentElement(),true))); + DOMDocument* doc=XMLToolingConfig::getConfig().getParser().parse(in); + auto_ptr sxObject2(dynamic_cast(b->buildFromDocument(doc))); TS_ASSERT(sxObject2.get()!=NULL); TS_ASSERT(sxObject2->getSignature()!=NULL); + sxObject2->getSignature()->registerValidator(new TestValidator(&chNull,m_key->clone())); + + try { + sxObject2->getSignature()->validate(false); + } + catch (XMLToolingException& e) { + TS_TRACE(e.what()); + throw; + } } };