Update gitignore to account for subdirs / missing files.

[shibboleth/cpp-opensaml.git] / samltest / encryption / EncryptedAssertionTest.h

diff --git a/samltest/encryption/EncryptedAssertionTest.h b/samltest/encryption/EncryptedAssertionTest.h
index 2fa9f93..43eb34c 100644 (file)
--- a/samltest/encryption/EncryptedAssertionTest.h
+++ b/samltest/encryption/EncryptedAssertionTest.h
@@ -1,17 +1,21 @@
-/*
- *  Copyright 2001-2007 Internet2
- * 
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+/**
+ * Licensed to the University Corporation for Advanced Internet
+ * Development, Inc. (UCAID) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
  *
- *     http://www.apache.org/licenses/LICENSE-2.0
+ * UCAID licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the
+ * License at
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
  */
 
 #include "signature/SAMLSignatureTestBase.h"
@@ -24,6 +28,8 @@
 #include <saml/saml2/metadata/MetadataProvider.h>
 #include <saml/saml2/metadata/MetadataCredentialContext.h>
 #include <saml/saml2/metadata/MetadataCredentialCriteria.h>
+#include <xmltooling/security/Credential.h>
+#include <xsec/dsig/DSIGConstants.hpp>
 
 using namespace opensaml::saml2md;
 using namespace opensaml::saml2;
@@ -43,7 +49,7 @@ public:
         auto_ptr_XMLCh path("path");
         string s = data_path + "binding/example-metadata.xml";
         auto_ptr_XMLCh file(s.c_str());
-        doc->getDocumentElement()->setAttributeNS(NULL,path.get(),file.get());
+        doc->getDocumentElement()->setAttributeNS(nullptr,path.get(),file.get());
 
         m_metadata = opensaml::SAMLConfig::getConfig().MetadataProviderManager.newPlugin(
             XML_METADATA_PROVIDER,doc->getDocumentElement()
@@ -53,7 +59,7 @@ public:
 
     void tearDown() {
         delete m_metadata;
-        m_metadata=NULL;
+        m_metadata=nullptr;
         SAMLSignatureTestBase::tearDown();
     }
 
@@ -98,11 +104,11 @@ public:
         cc.setUsage(Credential::SIGNING_CREDENTIAL);
         Locker locker(m_resolver);
         const Credential* cred = m_resolver->resolve(&cc);
-        TSM_ASSERT("Retrieved credential was null", cred!=NULL);
+        TSM_ASSERT("Retrieved credential was null", cred!=nullptr);
 
-        DOMElement* rootElement = NULL;
+        DOMElement* rootElement = nullptr;
         try {
-            rootElement=assertion->marshall((DOMDocument*)NULL,&sigs,cred);
+            rootElement=assertion->marshall((DOMDocument*)nullptr,&sigs,cred);
         }
         catch (XMLToolingException& e) {
             TS_TRACE(e.what());
@@ -112,16 +118,20 @@ public:
         // Now encrypt this puppy to the SP role in the example metadata.
         auto_ptr<EncryptedAssertion> encrypted(EncryptedAssertionBuilder::buildEncryptedAssertion());
         Locker mlocker(m_metadata);
-        const EntityDescriptor* sp = m_metadata->getEntityDescriptor("https://sp.example.org/");
-        TSM_ASSERT("No metadata for recipient.", sp!=NULL); 
-        const SPSSODescriptor* sprole =  sp->getSPSSODescriptor(samlconstants::SAML20P_NS);
-        TSM_ASSERT("No SP role for recipient.", sprole!=NULL);
-        MetadataCredentialCriteria mcc(*sprole);
+        MetadataProvider::Criteria mc("https://sp.example.org/", &SPSSODescriptor::ELEMENT_QNAME, samlconstants::SAML20P_NS);
+        pair<const EntityDescriptor*,const RoleDescriptor*> sp = m_metadata->getEntityDescriptor(mc);
+        TSM_ASSERT("No metadata for recipient.", sp.first!=nullptr); 
+        TSM_ASSERT("No SP role for recipient.", sp.second!=nullptr);
+        MetadataCredentialCriteria mcc(*sp.second);
         vector< pair<const MetadataProvider*,MetadataCredentialCriteria*> > recipients(
             1, pair<const MetadataProvider*,MetadataCredentialCriteria*>(m_metadata, &mcc)
             );
+#ifdef XSEC_OPENSSL_HAVE_GCM
+        encrypted->encrypt(*assertion.get(), recipients, false, DSIGConstants::s_unicodeStrURIAES256_GCM);
+#else
         encrypted->encrypt(*assertion.get(), recipients);
-        
+#endif
+
         // Roundtrip it.
         string buf;
         XMLHelper::serialize(encrypted->marshall(), buf);
@@ -132,7 +142,7 @@ public:
         
         // Unpack, then decypt with our key.
         auto_ptr<EncryptedAssertion> encrypted2(dynamic_cast<EncryptedAssertion*>(b->buildFromDocument(doc)));
-        auto_ptr<Assertion> assertion2(dynamic_cast<Assertion*>(encrypted2->decrypt(*m_resolver, sp->getEntityID())));
+        auto_ptr<Assertion> assertion2(dynamic_cast<Assertion*>(encrypted2->decrypt(*m_resolver, sp.first->getEntityID())));
         assertEquals("Unmarshalled assertion does not match", expectedChildElementsDOM, assertion2.get(), false);
         
         // And check the signature.