From db3e559d06d026d5adfb3657fbea6d7726689dd1 Mon Sep 17 00:00:00 2001
From: Scott Cantor <cantor.2@osu.edu>
Date: Tue, 8 Jun 2010 17:52:43 +0000
Subject: [PATCH] Alter trust engine test to leverage KeyInfoReference.

---
 samltest/data/security/example-metadata.xml    | 20 ++++++++++++++++++--
 samltest/security/ExplicitKeyTrustEngineTest.h |  4 ++--
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/samltest/data/security/example-metadata.xml b/samltest/data/security/example-metadata.xml
index 9cd8666..290ffc8 100644
--- a/samltest/data/security/example-metadata.xml
+++ b/samltest/data/security/example-metadata.xml
@@ -1,13 +1,14 @@
 <EntitiesDescriptor
 	xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
-	xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+	xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+    xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
 
 <EntityDescriptor 
 	entityID="https://idp.example.org">
 	
 	<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
 		<KeyDescriptor use="signing">
-		    <ds:KeyInfo>
+		    <ds:KeyInfo Id="examplekey">
 		    	<ds:KeyName>sp.example.org</ds:KeyName>
 		        <ds:X509Data>
 		        	<ds:X509Certificate>
@@ -50,4 +51,19 @@
 	
 </EntityDescriptor>
 
+<EntityDescriptor 
+    entityID="https://idp3.example.org">
+    
+    <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+        <KeyDescriptor use="signing">
+            <ds:KeyInfo>
+                <ds11:KeyInfoReference URI="#examplekey"/>
+            </ds:KeyInfo>
+        </KeyDescriptor>
+        
+        <SingleSignOnService Binding="foo" Location="foo"/>
+    </IDPSSODescriptor>
+    
+</EntityDescriptor>
+
 </EntitiesDescriptor>
\ No newline at end of file
diff --git a/samltest/security/ExplicitKeyTrustEngineTest.h b/samltest/security/ExplicitKeyTrustEngineTest.h
index acdae86..b43de44 100644
--- a/samltest/security/ExplicitKeyTrustEngineTest.h
+++ b/samltest/security/ExplicitKeyTrustEngineTest.h
@@ -73,7 +73,7 @@ public:
         janitor2.release();
 
         Locker locker(metadataProvider.get());
-        const EntityDescriptor* descriptor = metadataProvider->getEntityDescriptor(MetadataProvider::Criteria("https://idp.example.org")).first;
+        const EntityDescriptor* descriptor = metadataProvider->getEntityDescriptor(MetadataProvider::Criteria("https://idp3.example.org")).first;
         TSM_ASSERT("Retrieved entity descriptor was null", descriptor!=nullptr);
         
         RoleDescriptor* role=descriptor->getIDPSSODescriptors().front();
@@ -83,7 +83,7 @@ public:
         TSM_ASSERT("Signature not present", sig!=nullptr);
 
         MetadataCredentialCriteria cc(*role);
-        cc.setPeerName("https://idp.example.org");
+        cc.setPeerName("https://idp3.example.org");
         TSM_ASSERT("Signature failed to validate.", dynamic_cast<SignatureTrustEngine*>(trustEngine.get())->validate(*sig, *metadataProvider, &cc));
 
         descriptor = metadataProvider->getEntityDescriptor(MetadataProvider::Criteria("https://idp2.example.org")).first;
-- 
2.1.4