From 8c7ef4c5939c2f1c448c3dff1ac1878b1e73598a Mon Sep 17 00:00:00 2001 From: Scott Cantor Date: Wed, 26 Jul 2006 05:16:58 +0000 Subject: [PATCH] Replace custom code with CredentialResolver. --- samltest/data/FilesystemCredentialResolver.xml | 9 + samltest/samltest.vcproj | 236 ++++++++++++------------- samltest/signature/SAML1AssertionTest.h | 7 +- samltest/signature/SAML1RequestTest.h | 7 +- samltest/signature/SAML1ResponseTest.h | 9 +- samltest/signature/SAML2AssertionTest.h | 7 +- samltest/signature/SAMLSignatureTestBase.h | 47 ++--- 7 files changed, 156 insertions(+), 166 deletions(-) create mode 100644 samltest/data/FilesystemCredentialResolver.xml diff --git a/samltest/data/FilesystemCredentialResolver.xml b/samltest/data/FilesystemCredentialResolver.xml new file mode 100644 index 0000000..a69bf43 --- /dev/null +++ b/samltest/data/FilesystemCredentialResolver.xml @@ -0,0 +1,9 @@ + + + + ../samltest/data/key.pem + + + ../samltest/data/cert.pem + + diff --git a/samltest/samltest.vcproj b/samltest/samltest.vcproj index ff6ee2b..0771976 100644 --- a/samltest/samltest.vcproj +++ b/samltest/samltest.vcproj @@ -61,7 +61,7 @@ /> @@ -892,7 +892,7 @@ > @@ -905,7 +905,7 @@ > @@ -914,7 +914,7 @@ > @@ -927,7 +927,7 @@ > @@ -936,7 +936,7 @@ > @@ -949,7 +949,7 @@ > @@ -958,7 +958,7 @@ > @@ -971,7 +971,7 @@ > @@ -980,7 +980,7 @@ > @@ -993,7 +993,7 @@ > @@ -1002,7 +1002,7 @@ > @@ -1015,7 +1015,7 @@ > @@ -1024,7 +1024,7 @@ > @@ -1037,7 +1037,7 @@ > @@ -1046,7 +1046,7 @@ > @@ -1059,7 +1059,7 @@ > @@ -1068,7 +1068,7 @@ > @@ -1081,7 +1081,7 @@ > @@ -1090,7 +1090,7 @@ > @@ -1103,7 +1103,7 @@ > @@ -1112,7 +1112,7 @@ > @@ -1125,7 +1125,7 @@ > @@ -1134,7 +1134,7 @@ > @@ -1147,7 +1147,7 @@ > @@ -1156,7 +1156,7 @@ > @@ -1169,7 +1169,7 @@ > @@ -1178,7 +1178,7 @@ > @@ -1191,7 +1191,7 @@ > @@ -1200,7 +1200,7 @@ > @@ -1213,7 +1213,7 @@ > @@ -1222,7 +1222,7 @@ > @@ -1235,7 +1235,7 @@ > @@ -1244,7 +1244,7 @@ > @@ -1257,7 +1257,7 @@ > @@ -1266,7 +1266,7 @@ > @@ -1279,7 +1279,7 @@ > @@ -1288,7 +1288,7 @@ > @@ -1301,7 +1301,7 @@ > @@ -1310,7 +1310,7 @@ > @@ -1323,7 +1323,7 @@ > @@ -1332,7 +1332,7 @@ > @@ -1345,7 +1345,7 @@ > @@ -1354,7 +1354,7 @@ > @@ -1367,7 +1367,7 @@ > @@ -1376,7 +1376,7 @@ > @@ -1389,7 +1389,7 @@ > @@ -1398,7 +1398,7 @@ > @@ -1411,7 +1411,7 @@ > @@ -1420,7 +1420,7 @@ > @@ -1433,7 +1433,7 @@ > @@ -1442,7 +1442,7 @@ > @@ -1455,7 +1455,7 @@ > @@ -1464,7 +1464,7 @@ > @@ -1477,7 +1477,7 @@ > @@ -1486,7 +1486,7 @@ > @@ -1499,7 +1499,7 @@ > @@ -1508,7 +1508,7 @@ > @@ -1521,7 +1521,7 @@ > @@ -1530,7 +1530,7 @@ > @@ -1543,7 +1543,7 @@ > @@ -1552,7 +1552,7 @@ > @@ -1565,7 +1565,7 @@ > @@ -1574,7 +1574,7 @@ > @@ -1587,7 +1587,7 @@ > @@ -1596,7 +1596,7 @@ > @@ -1609,7 +1609,7 @@ > @@ -1618,7 +1618,7 @@ > @@ -1631,7 +1631,7 @@ > @@ -1640,7 +1640,7 @@ > @@ -1653,7 +1653,7 @@ > @@ -1662,7 +1662,7 @@ > @@ -1675,7 +1675,7 @@ > @@ -1684,7 +1684,7 @@ > @@ -1697,7 +1697,7 @@ > @@ -1706,7 +1706,7 @@ > @@ -1719,7 +1719,7 @@ > @@ -1728,7 +1728,7 @@ > @@ -1741,7 +1741,7 @@ > @@ -1750,7 +1750,7 @@ > @@ -1763,7 +1763,7 @@ > @@ -1772,7 +1772,7 @@ > @@ -1785,7 +1785,7 @@ > @@ -1794,7 +1794,7 @@ > @@ -1807,7 +1807,7 @@ > @@ -1816,7 +1816,7 @@ > @@ -1829,7 +1829,7 @@ > @@ -1838,7 +1838,7 @@ > @@ -1851,7 +1851,7 @@ > @@ -1860,7 +1860,7 @@ > @@ -1873,7 +1873,7 @@ > @@ -1882,7 +1882,7 @@ > @@ -1895,7 +1895,7 @@ > @@ -1904,7 +1904,7 @@ > @@ -1917,7 +1917,7 @@ > @@ -1926,7 +1926,7 @@ > @@ -1939,7 +1939,7 @@ > @@ -1948,7 +1948,7 @@ > @@ -1961,7 +1961,7 @@ > @@ -1970,7 +1970,7 @@ > @@ -1983,7 +1983,7 @@ > @@ -1992,7 +1992,7 @@ > @@ -2005,7 +2005,7 @@ > @@ -2014,7 +2014,7 @@ > @@ -2027,7 +2027,7 @@ > @@ -2036,7 +2036,7 @@ > @@ -2049,7 +2049,7 @@ > @@ -2058,7 +2058,7 @@ > @@ -2071,7 +2071,7 @@ > @@ -2080,7 +2080,7 @@ > @@ -2093,7 +2093,7 @@ > @@ -2102,7 +2102,7 @@ > @@ -2115,7 +2115,7 @@ > @@ -2124,7 +2124,7 @@ > @@ -2137,7 +2137,7 @@ > @@ -2146,7 +2146,7 @@ > diff --git a/samltest/signature/SAML1AssertionTest.h b/samltest/signature/SAML1AssertionTest.h index 1e6f14d..2f5c7c5 100644 --- a/samltest/signature/SAML1AssertionTest.h +++ b/samltest/signature/SAML1AssertionTest.h @@ -58,13 +58,14 @@ public: // Append a Signature. Signature* sig=SignatureBuilder::buildSignature(); assertion->setSignature(sig); - sig->setSigningKey(m_key->clone()); + Locker locker(m_resolver); + sig->setSigningKey(m_resolver->getKey()); // Build KeyInfo. KeyInfo* keyInfo=KeyInfoBuilder::buildKeyInfo(); X509Data* x509Data=X509DataBuilder::buildX509Data(); keyInfo->getX509Datas().push_back(x509Data); - for_each(m_certs.begin(),m_certs.end(),bind1st(_addcert(),x509Data)); + for_each(m_resolver->getCertificates().begin(),m_resolver->getCertificates().end(),bind1st(_addcert(),x509Data)); sig->setKeyInfo(keyInfo); // Sign while marshalling. @@ -88,7 +89,7 @@ public: try { SignatureProfileValidator spv; - SignatureValidator sv(new KeyResolver(m_key->clone())); + SignatureValidator sv(new KeyResolver(m_resolver->getKey())); spv.validate(assertion->getSignature()); sv.validate(assertion->getSignature()); } diff --git a/samltest/signature/SAML1RequestTest.h b/samltest/signature/SAML1RequestTest.h index b9390a7..46c183c 100644 --- a/samltest/signature/SAML1RequestTest.h +++ b/samltest/signature/SAML1RequestTest.h @@ -57,13 +57,14 @@ public: // Append a Signature. Signature* sig=SignatureBuilder::buildSignature(); request->setSignature(sig); - sig->setSigningKey(m_key->clone()); + Locker locker(m_resolver); + sig->setSigningKey(m_resolver->getKey()); // Build KeyInfo. KeyInfo* keyInfo=KeyInfoBuilder::buildKeyInfo(); X509Data* x509Data=X509DataBuilder::buildX509Data(); keyInfo->getX509Datas().push_back(x509Data); - for_each(m_certs.begin(),m_certs.end(),bind1st(_addcert(),x509Data)); + for_each(m_resolver->getCertificates().begin(),m_resolver->getCertificates().end(),bind1st(_addcert(),x509Data)); sig->setKeyInfo(keyInfo); // Sign while marshalling. @@ -87,7 +88,7 @@ public: try { SignatureProfileValidator spv; - SignatureValidator sv(new KeyResolver(m_key->clone())); + SignatureValidator sv(new KeyResolver(m_resolver->getKey())); spv.validate(request->getSignature()); sv.validate(request->getSignature()); } diff --git a/samltest/signature/SAML1ResponseTest.h b/samltest/signature/SAML1ResponseTest.h index 6c83b22..6643b5e 100644 --- a/samltest/signature/SAML1ResponseTest.h +++ b/samltest/signature/SAML1ResponseTest.h @@ -60,13 +60,14 @@ public: // Append a Signature. assertion->setSignature(SignatureBuilder::buildSignature()); - assertion->getSignature()->setSigningKey(m_key->clone()); + Locker locker(m_resolver); + assertion->getSignature()->setSigningKey(m_resolver->getKey()); // Build KeyInfo. KeyInfo* keyInfo=KeyInfoBuilder::buildKeyInfo(); X509Data* x509Data=X509DataBuilder::buildX509Data(); keyInfo->getX509Datas().push_back(x509Data); - for_each(m_certs.begin(),m_certs.end(),bind1st(_addcert(),x509Data)); + for_each(m_resolver->getCertificates().begin(),m_resolver->getCertificates().end(),bind1st(_addcert(),x509Data)); assertion->getSignature()->setKeyInfo(keyInfo); // Sign assertion while marshalling. @@ -92,7 +93,7 @@ public: response->setStatus(status); response->getAssertions().push_back(assertion); response->setSignature(SignatureBuilder::buildSignature()); - response->getSignature()->setSigningKey(m_key->clone()); + response->getSignature()->setSigningKey(m_resolver->getKey()); response->getSignature()->setKeyInfo(keyInfo->cloneKeyInfo()); // Sign response while marshalling. @@ -120,7 +121,7 @@ public: spv.validate(assertion->getSignature()); spv.validate(response->getSignature()); - SignatureValidator sv(new KeyResolver(m_key->clone())); + SignatureValidator sv(new KeyResolver(m_resolver->getKey())); sv.validate(assertion->getSignature()); sv.validate(response->getSignature()); } diff --git a/samltest/signature/SAML2AssertionTest.h b/samltest/signature/SAML2AssertionTest.h index 0245bce..db45a15 100644 --- a/samltest/signature/SAML2AssertionTest.h +++ b/samltest/signature/SAML2AssertionTest.h @@ -66,13 +66,14 @@ public: // Append a Signature. Signature* sig=SignatureBuilder::buildSignature(); assertion->setSignature(sig); - sig->setSigningKey(m_key->clone()); + Locker locker(m_resolver); + sig->setSigningKey(m_resolver->getKey()); // Build KeyInfo. KeyInfo* keyInfo=KeyInfoBuilder::buildKeyInfo(); X509Data* x509Data=X509DataBuilder::buildX509Data(); keyInfo->getX509Datas().push_back(x509Data); - for_each(m_certs.begin(),m_certs.end(),bind1st(_addcert(),x509Data)); + for_each(m_resolver->getCertificates().begin(),m_resolver->getCertificates().end(),bind1st(_addcert(),x509Data)); sig->setKeyInfo(keyInfo); // Sign while marshalling. @@ -96,7 +97,7 @@ public: try { SignatureProfileValidator spv; - SignatureValidator sv(new KeyResolver(m_key->clone())); + SignatureValidator sv(new KeyResolver(m_resolver->getKey())); spv.validate(assertion->getSignature()); sv.validate(assertion->getSignature()); } diff --git a/samltest/signature/SAMLSignatureTestBase.h b/samltest/signature/SAMLSignatureTestBase.h index 24a8873..d0ec194 100644 --- a/samltest/signature/SAMLSignatureTestBase.h +++ b/samltest/signature/SAMLSignatureTestBase.h @@ -16,15 +16,9 @@ #include "internal.h" #include -#include - -#include -#include -#include -#include -#include -#include +#include +#include using namespace xmlsignature; @@ -40,39 +34,22 @@ public: class SAMLSignatureTestBase : public SAMLObjectBaseTestCase { protected: - XSECCryptoKey* m_key; - vector m_certs; + CredentialResolver* m_resolver; public: void setUp() { + m_resolver=NULL; SAMLObjectBaseTestCase::setUp(); - string keypath=data_path + "key.pem"; - BIO* in=BIO_new(BIO_s_file_internal()); - if (in && BIO_read_filename(in,keypath.c_str())>0) { - EVP_PKEY* pkey=PEM_read_bio_PrivateKey(in, NULL, NULL, NULL); - if (pkey) { - m_key=new OpenSSLCryptoKeyRSA(pkey); - EVP_PKEY_free(pkey); - } - } - if (in) BIO_free(in); - TS_ASSERT(m_key!=NULL); - - string certpath=data_path + "cert.pem"; - in=BIO_new(BIO_s_file_internal()); - if (in && BIO_read_filename(in,certpath.c_str())>0) { - X509* x=NULL; - while (x=PEM_read_bio_X509(in,NULL,NULL,NULL)) { - m_certs.push_back(new OpenSSLCryptoX509(x)); - X509_free(x); - } - } - if (in) BIO_free(in); - TS_ASSERT(m_certs.size()>0); + string config = data_path + "FilesystemCredentialResolver.xml"; + ifstream in(config.c_str()); + DOMDocument* doc=XMLToolingConfig::getConfig().getParser().parse(in); + XercesJanitor janitor(doc); + m_resolver = XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin( + FILESYSTEM_CREDENTIAL_RESOLVER,doc->getDocumentElement() + ); } void tearDown() { + delete m_resolver; SAMLObjectBaseTestCase::tearDown(); - delete m_key; - for_each(m_certs.begin(),m_certs.end(),xmltooling::cleanup()); } }; -- 2.1.4