* limitations under the License.\r
*/\r
\r
-#include "internal.h"\r
-#include <saml/saml1/core/Protocols.h>\r
-#include <saml/signature/SignatureProfileValidator.h>\r
+#include "signature/SAMLSignatureTestBase.h"\r
\r
-#include <xmltooling/signature/Signature.h>\r
+#include <saml/saml1/core/Assertions.h>\r
+#include <saml/saml1/core/Protocols.h>\r
\r
#include <fstream>\r
-#include <openssl/pem.h>\r
-#include <xercesc/util/XMLUniDefs.hpp>\r
-#include <xsec/enc/XSECKeyInfoResolverDefault.hpp>\r
-#include <xsec/enc/OpenSSL/OpenSSLCryptoX509.hpp>\r
-#include <xsec/enc/OpenSSL/OpenSSLCryptoKeyRSA.hpp>\r
-#include <xsec/enc/XSECCryptoException.hpp>\r
-#include <xsec/framework/XSECException.hpp>\r
\r
+using namespace opensaml::saml1p;\r
using namespace opensaml::saml1;\r
-using namespace xmlsignature;\r
-\r
-class TestValidator : public Validator\r
-{\r
-public:\r
- TestValidator() {}\r
- virtual ~TestValidator() {}\r
-\r
- Validator* clone() const {\r
- return new TestValidator();\r
- }\r
-\r
- void validate(const XMLObject* xmlObject) const {\r
- DSIGSignature* sig=dynamic_cast<const Signature*>(xmlObject)->getXMLSignature();\r
- if (!sig)\r
- throw SignatureException("Only a marshalled Signature object can be verified.");\r
- XSECKeyInfoResolverDefault resolver;\r
- sig->setKeyInfoResolver(&resolver); // It will clone the resolver for us.\r
- try {\r
- if (!sig->verify())\r
- throw SignatureException("Signature did not verify.");\r
- }\r
- catch(XSECException& e) {\r
- auto_ptr_char temp(e.getMsg());\r
- throw SignatureException(string("Caught an XMLSecurity exception verifying signature: ") + temp.get());\r
- }\r
- catch(XSECCryptoException& e) {\r
- throw SignatureException(string("Caught an XMLSecurity exception verifying signature: ") + e.getMsg());\r
- }\r
- }\r
-};\r
-\r
-class _addcert : public std::binary_function<X509Data*,XSECCryptoX509*,void> {\r
-public:\r
- void operator()(X509Data* bag, XSECCryptoX509* cert) const {\r
- safeBuffer& buf=cert->getDEREncodingSB();\r
- X509Certificate* x=X509CertificateBuilder::buildX509Certificate();\r
- x->setValue(buf.sbStrToXMLCh());\r
- bag->getX509Certificates().push_back(x);\r
- }\r
-};\r
\r
-class SAML1RequestTest : public CxxTest::TestSuite, public SAMLObjectBaseTestCase {\r
- XSECCryptoKey* m_key;\r
- vector<XSECCryptoX509*> m_certs;\r
+class SAML1RequestTest : public CxxTest::TestSuite, public SAMLSignatureTestBase {\r
public:\r
void setUp() {\r
childElementsFile = data_path + "signature/SAML1Request.xml";\r
- SAMLObjectBaseTestCase::setUp();\r
- string keypath=data_path + "key.pem";\r
- BIO* in=BIO_new(BIO_s_file_internal());\r
- if (in && BIO_read_filename(in,keypath.c_str())>0) {\r
- EVP_PKEY* pkey=PEM_read_bio_PrivateKey(in, NULL, NULL, NULL);\r
- if (pkey) {\r
- m_key=new OpenSSLCryptoKeyRSA(pkey);\r
- EVP_PKEY_free(pkey);\r
- }\r
- }\r
- if (in) BIO_free(in);\r
- TS_ASSERT(m_key!=NULL);\r
-\r
- string certpath=data_path + "cert.pem";\r
- in=BIO_new(BIO_s_file_internal());\r
- if (in && BIO_read_filename(in,certpath.c_str())>0) {\r
- X509* x=NULL;\r
- while (x=PEM_read_bio_X509(in,NULL,NULL,NULL)) {\r
- m_certs.push_back(new OpenSSLCryptoX509(x));\r
- X509_free(x);\r
- }\r
- }\r
- if (in) BIO_free(in);\r
- TS_ASSERT(m_certs.size()>0);\r
+ SAMLSignatureTestBase::setUp();\r
}\r
\r
void tearDown() {\r
- SAMLObjectBaseTestCase::tearDown();\r
- delete m_key;\r
- for_each(m_certs.begin(),m_certs.end(),xmltooling::cleanup<XSECCryptoX509>());\r
+ SAMLSignatureTestBase::tearDown();\r
}\r
\r
void testSignature() {\r
// Append a Signature.\r
Signature* sig=SignatureBuilder::buildSignature();\r
request->setSignature(sig);\r
- sig->setSigningKey(m_key->clone());\r
+ Locker locker(m_resolver);\r
+ sig->setSigningKey(m_resolver->getKey());\r
\r
// Build KeyInfo.\r
KeyInfo* keyInfo=KeyInfoBuilder::buildKeyInfo();\r
X509Data* x509Data=X509DataBuilder::buildX509Data();\r
keyInfo->getX509Datas().push_back(x509Data);\r
- for_each(m_certs.begin(),m_certs.end(),bind1st(_addcert(),x509Data));\r
+ for_each(m_resolver->getCertificates().begin(),m_resolver->getCertificates().end(),bind1st(_addcert(),x509Data));\r
sig->setKeyInfo(keyInfo);\r
\r
// Sign while marshalling.\r
DOMDocument* doc=XMLToolingConfig::getConfig().getParser().parse(in);\r
const XMLObjectBuilder* b = XMLObjectBuilder::getBuilder(doc->getDocumentElement());\r
\r
- assertEquals(expectedChildElementsDOM, b->buildFromDocument(doc));\r
+ auto_ptr<XMLObject> request2(b->buildFromDocument(doc));\r
+ assertEquals("Unmarshalled request does not match", expectedChildElementsDOM, request2.get(), false);\r
\r
try {\r
- request->getSignature()->registerValidator(new SignatureProfileValidator());\r
- request->getSignature()->registerValidator(new TestValidator());\r
- request->getSignature()->validate(true);\r
+ SignatureProfileValidator spv;\r
+ SignatureValidator sv(new KeyResolver(m_resolver->getKey()));\r
+ spv.validate(dynamic_cast<Request*>(request2.get())->getSignature());\r
+ sv.validate(dynamic_cast<Request*>(request2.get())->getSignature());\r
}\r
catch (XMLToolingException& e) {\r
TS_TRACE(e.what());\r