\r
#include "XMLObjectBaseTestCase.h"\r
\r
+#include <xmltooling/signature/SignatureValidator.h>\r
+\r
#include <fstream>\r
#include <openssl/pem.h>\r
#include <xercesc/util/XMLUniDefs.hpp>\r
#include <xsec/dsig/DSIGReference.hpp>\r
+#include <xsec/enc/XSECKeyInfoResolverDefault.hpp>\r
#include <xsec/enc/OpenSSL/OpenSSLCryptoX509.hpp>\r
#include <xsec/enc/OpenSSL/OpenSSLCryptoKeyRSA.hpp>\r
+#include <xsec/enc/XSECCryptoException.hpp>\r
+#include <xsec/framework/XSECException.hpp>\r
\r
-class TestContext : public SigningContext\r
+class TestContext : public ContentReference\r
{\r
- XSECCryptoKey* m_key;\r
- vector<XSECCryptoX509*> m_certs;\r
XMLCh* m_uri;\r
\r
public:\r
TestContext(const XMLCh* uri) {\r
+ m_uri=XMLString::replicate(uri);\r
+ }\r
+ \r
+ virtual ~TestContext() {\r
+ XMLString::release(&m_uri);\r
+ }\r
+\r
+ void createReferences(DSIGSignature* sig) {\r
+ DSIGReference* ref=sig->createReference(m_uri);\r
+ ref->appendEnvelopedSignatureTransform();\r
+ ref->appendCanonicalizationTransform(CANON_C14NE_NOC);\r
+ }\r
+};\r
+\r
+class TestValidator : public SignatureValidator\r
+{\r
+ XMLCh* m_uri;\r
+ \r
+ TestValidator(const TestValidator& src) : SignatureValidator(src) {\r
+ m_uri=XMLString::replicate(src.m_uri);\r
+ }\r
+\r
+public:\r
+ TestValidator(const XMLCh* uri, XSECCryptoKey* key) : SignatureValidator(new KeyResolver(key)) {\r
+ m_uri=XMLString::replicate(uri);\r
+ }\r
+ \r
+ virtual ~TestValidator() {\r
+ XMLString::release(&m_uri);\r
+ }\r
+\r
+ TestValidator* clone() const {\r
+ return new TestValidator(*this);\r
+ }\r
+\r
+ void validate(const Signature* sigObj) const {\r
+ DSIGSignature* sig=sigObj->getXMLSignature();\r
+ if (!sig)\r
+ throw SignatureException("Only a marshalled Signature object can be verified.");\r
+ const XMLCh* uri=sig->getReferenceList()->item(0)->getURI();\r
+ TSM_ASSERT_SAME_DATA("Reference URI does not match.",uri,m_uri,XMLString::stringLen(uri));\r
+ SignatureValidator::validate(sigObj);\r
+ }\r
+};\r
+\r
+class _addcert : public std::binary_function<X509Data*,XSECCryptoX509*,void> {\r
+public:\r
+ void operator()(X509Data* bag, XSECCryptoX509* cert) const {\r
+ safeBuffer& buf=cert->getDEREncodingSB();\r
+ X509Certificate* x=X509CertificateBuilder::buildX509Certificate();\r
+ x->setValue(buf.sbStrToXMLCh());\r
+ bag->getX509Certificates().push_back(x);\r
+ }\r
+};\r
+\r
+class SignatureTest : public CxxTest::TestSuite {\r
+ XSECCryptoKey* m_key;\r
+ vector<XSECCryptoX509*> m_certs;\r
+public:\r
+ void setUp() {\r
+ QName qname(SimpleXMLObject::NAMESPACE,SimpleXMLObject::LOCAL_NAME);\r
+ QName qtype(SimpleXMLObject::NAMESPACE,SimpleXMLObject::TYPE_NAME);\r
+ XMLObjectBuilder::registerBuilder(qname, new SimpleXMLObjectBuilder());\r
+ XMLObjectBuilder::registerBuilder(qtype, new SimpleXMLObjectBuilder());\r
string keypath=data_path + "key.pem";\r
BIO* in=BIO_new(BIO_s_file_internal());\r
if (in && BIO_read_filename(in,keypath.c_str())>0) {\r
if (in) BIO_free(in);\r
TS_ASSERT(m_certs.size()>0);\r
\r
- m_uri=XMLString::replicate(uri);\r
- }\r
- \r
- virtual ~TestContext() {\r
- delete m_key;\r
- for_each(m_certs.begin(),m_certs.end(),xmltooling::cleanup<XSECCryptoX509>());\r
- XMLString::release(&m_uri);\r
- }\r
-\r
- void createSignature(DSIGSignature* sig) const {\r
- DSIGReference* ref=sig->createReference(m_uri);\r
- ref->appendEnvelopedSignatureTransform();\r
- ref->appendCanonicalizationTransform(CANON_C14NE_NOC);\r
- }\r
- \r
- const std::vector<XSECCryptoX509*>& getX509Certificates() const { return m_certs; }\r
- XSECCryptoKey* getSigningKey() const { return m_key->clone(); }\r
-};\r
-\r
-class SignatureTest : public CxxTest::TestSuite {\r
- QName m_qname;\r
-public:\r
- SignatureTest() : m_qname(SimpleXMLObject::NAMESPACE,SimpleXMLObject::LOCAL_NAME) {}\r
-\r
- void setUp() {\r
- XMLObjectBuilder::registerBuilder(m_qname, new SimpleXMLObjectBuilder());\r
- Marshaller::registerMarshaller(m_qname, new SimpleXMLObjectMarshaller());\r
- Unmarshaller::registerUnmarshaller(m_qname, new SimpleXMLObjectUnmarshaller());\r
}\r
\r
void tearDown() {\r
- XMLObjectBuilder::deregisterBuilder(m_qname);\r
- Marshaller::deregisterMarshaller(m_qname);\r
- Unmarshaller::deregisterUnmarshaller(m_qname);\r
+ QName qname(SimpleXMLObject::NAMESPACE,SimpleXMLObject::LOCAL_NAME);\r
+ QName qtype(SimpleXMLObject::NAMESPACE,SimpleXMLObject::TYPE_NAME);\r
+ XMLObjectBuilder::deregisterBuilder(qname);\r
+ XMLObjectBuilder::deregisterBuilder(qtype);\r
+ delete m_key;\r
+ for_each(m_certs.begin(),m_certs.end(),xmltooling::cleanup<XSECCryptoX509>());\r
}\r
\r
void testSignature() {\r
TS_TRACE("testSignature");\r
\r
- const XMLObjectBuilder* b=XMLObjectBuilder::getBuilder(m_qname);\r
+ QName qname(SimpleXMLObject::NAMESPACE,SimpleXMLObject::LOCAL_NAME);\r
+ const SimpleXMLObjectBuilder* b=dynamic_cast<const SimpleXMLObjectBuilder*>(XMLObjectBuilder::getBuilder(qname));\r
TS_ASSERT(b!=NULL);\r
\r
- auto_ptr<SimpleXMLObject> sxObject(dynamic_cast<SimpleXMLObject*>(b->buildObject()));\r
+ auto_ptr<SimpleXMLObject> sxObject(b->buildObject());\r
TS_ASSERT(sxObject.get()!=NULL);\r
VectorOf(SimpleXMLObject) kids=sxObject->getSimpleXMLObjects();\r
- kids.push_back(dynamic_cast<SimpleXMLObject*>(b->buildObject()));\r
- kids.push_back(dynamic_cast<SimpleXMLObject*>(b->buildObject()));\r
+ kids.push_back(b->buildObject());\r
+ kids.push_back(b->buildObject());\r
\r
// Test some collection stuff\r
auto_ptr_XMLCh foo("Foo");\r
kids[1]->setValue(bar.get());\r
\r
// Append a Signature.\r
- Signature* sig=dynamic_cast<Signature*>(XMLObjectBuilder::buildObject(QName(XMLConstants::XMLSIG_NS,Signature::LOCAL_NAME)));\r
+ Signature* sig=SignatureBuilder::buildSignature();\r
sxObject->setSignature(sig);\r
+ sig->setContentReference(new TestContext(&chNull));\r
+ sig->setSigningKey(m_key->clone());\r
+ \r
+ // Build KeyInfo.\r
+ KeyInfo* keyInfo=KeyInfoBuilder::buildKeyInfo();\r
+ X509Data* x509Data=X509DataBuilder::buildX509Data();\r
+ keyInfo->getX509Datas().push_back(x509Data);\r
+ for_each(m_certs.begin(),m_certs.end(),bind1st(_addcert(),x509Data));\r
+ sig->setKeyInfo(keyInfo);\r
\r
// Signing context for the whole document.\r
- TestContext tc(&chNull);\r
- MarshallingContext mctx(sig,&tc);\r
- DOMElement* rootElement = Marshaller::getMarshaller(sxObject.get())->marshall(sxObject.get(),(DOMDocument*)NULL,&mctx);\r
+ vector<Signature*> sigs(1,sig);\r
+ DOMElement* rootElement = NULL;\r
+ try {\r
+ rootElement=sxObject->marshall((DOMDocument*)NULL,&sigs);\r
+ }\r
+ catch (XMLToolingException& e) {\r
+ TS_TRACE(e.what());\r
+ throw;\r
+ }\r
\r
string buf;\r
XMLHelper::serialize(rootElement, buf);\r
- TS_TRACE(buf.c_str());\r
+ //TS_TRACE(buf.c_str());\r
\r
istringstream in(buf);\r
- DOMDocument* doc=nonvalidatingPool->parse(in);\r
- const Unmarshaller* u = Unmarshaller::getUnmarshaller(doc->getDocumentElement());\r
- auto_ptr<SimpleXMLObject> sxObject2(dynamic_cast<SimpleXMLObject*>(u->unmarshall(doc->getDocumentElement(),true)));\r
+ DOMDocument* doc=XMLToolingConfig::getConfig().getParser().parse(in);\r
+ auto_ptr<SimpleXMLObject> sxObject2(dynamic_cast<SimpleXMLObject*>(b->buildFromDocument(doc)));\r
TS_ASSERT(sxObject2.get()!=NULL);\r
TS_ASSERT(sxObject2->getSignature()!=NULL);\r
+ sxObject2->getSignature()->registerValidator(new TestValidator(&chNull,m_key->clone()));\r
+ \r
+ try {\r
+ sxObject2->getSignature()->validate(false);\r
+ }\r
+ catch (XMLToolingException& e) {\r
+ TS_TRACE(e.what());\r
+ throw;\r
+ }\r
}\r
\r
};\r