\r
#include "XMLObjectBaseTestCase.h"\r
\r
+#include <xmltooling/signature/CredentialResolver.h>\r
+#include <xmltooling/signature/KeyInfo.h>\r
+#include <xmltooling/signature/SignatureValidator.h>\r
+\r
#include <fstream>\r
-#include <openssl/pem.h>\r
#include <xercesc/util/XMLUniDefs.hpp>\r
#include <xsec/dsig/DSIGReference.hpp>\r
-#include <xsec/enc/XSECKeyInfoResolverDefault.hpp>\r
-#include <xsec/enc/OpenSSL/OpenSSLCryptoX509.hpp>\r
-#include <xsec/enc/OpenSSL/OpenSSLCryptoKeyRSA.hpp>\r
-#include <xsec/enc/XSECCryptoException.hpp>\r
-#include <xsec/framework/XSECException.hpp>\r
\r
class TestContext : public ContentReference\r
{\r
XMLString::release(&m_uri);\r
}\r
\r
- ContentReference* clone() const {\r
- return new TestContext(m_uri);\r
- }\r
-\r
void createReferences(DSIGSignature* sig) {\r
DSIGReference* ref=sig->createReference(m_uri);\r
ref->appendEnvelopedSignatureTransform();\r
}\r
};\r
\r
-class TestValidator : public Validator\r
+class TestValidator : public SignatureValidator\r
{\r
XMLCh* m_uri;\r
\r
public:\r
- TestValidator(const XMLCh* uri) {\r
+ TestValidator(const XMLCh* uri) : SignatureValidator(XMLToolingConfig::getConfig().KeyResolverManager.newPlugin(INLINE_KEY_RESOLVER,NULL)) {\r
m_uri=XMLString::replicate(uri);\r
}\r
\r
XMLString::release(&m_uri);\r
}\r
\r
- Validator* clone() const {\r
- return new TestValidator(m_uri);\r
- }\r
-\r
- void validate(const XMLObject* xmlObject) const {\r
- DSIGSignature* sig=dynamic_cast<const Signature*>(xmlObject)->getXMLSignature();\r
+ void validate(const Signature* sigObj) const {\r
+ DSIGSignature* sig=sigObj->getXMLSignature();\r
if (!sig)\r
throw SignatureException("Only a marshalled Signature object can be verified.");\r
const XMLCh* uri=sig->getReferenceList()->item(0)->getURI();\r
TSM_ASSERT_SAME_DATA("Reference URI does not match.",uri,m_uri,XMLString::stringLen(uri));\r
- XSECKeyInfoResolverDefault resolver;\r
- sig->setKeyInfoResolver(&resolver); // It will clone the resolver for us.\r
- try {\r
- if (!sig->verify())\r
- throw SignatureException("Signature did not verify.");\r
- }\r
- catch(XSECException& e) {\r
- auto_ptr_char temp(e.getMsg());\r
- throw SignatureException(string("Caught an XMLSecurity exception verifying signature: ") + temp.get());\r
- }\r
- catch(XSECCryptoException& e) {\r
- throw SignatureException(string("Caught an XMLSecurity exception verifying signature: ") + e.getMsg());\r
- }\r
+ SignatureValidator::validate(sigObj);\r
}\r
};\r
\r
};\r
\r
class SignatureTest : public CxxTest::TestSuite {\r
- XSECCryptoKey* m_key;\r
- vector<XSECCryptoX509*> m_certs;\r
+ CredentialResolver* m_resolver;\r
public:\r
void setUp() {\r
+ m_resolver=NULL;\r
QName qname(SimpleXMLObject::NAMESPACE,SimpleXMLObject::LOCAL_NAME);\r
QName qtype(SimpleXMLObject::NAMESPACE,SimpleXMLObject::TYPE_NAME);\r
XMLObjectBuilder::registerBuilder(qname, new SimpleXMLObjectBuilder());\r
XMLObjectBuilder::registerBuilder(qtype, new SimpleXMLObjectBuilder());\r
- string keypath=data_path + "key.pem";\r
- BIO* in=BIO_new(BIO_s_file_internal());\r
- if (in && BIO_read_filename(in,keypath.c_str())>0) {\r
- EVP_PKEY* pkey=PEM_read_bio_PrivateKey(in, NULL, NULL, NULL);\r
- if (pkey) {\r
- m_key=new OpenSSLCryptoKeyRSA(pkey);\r
- EVP_PKEY_free(pkey);\r
- }\r
- }\r
- if (in) BIO_free(in);\r
- TS_ASSERT(m_key!=NULL);\r
\r
- string certpath=data_path + "cert.pem";\r
- in=BIO_new(BIO_s_file_internal());\r
- if (in && BIO_read_filename(in,certpath.c_str())>0) {\r
- X509* x=NULL;\r
- while (x=PEM_read_bio_X509(in,NULL,NULL,NULL)) {\r
- m_certs.push_back(new OpenSSLCryptoX509(x));\r
- X509_free(x);\r
- }\r
- }\r
- if (in) BIO_free(in);\r
- TS_ASSERT(m_certs.size()>0);\r
- \r
+ string config = data_path + "FilesystemCredentialResolver.xml";\r
+ ifstream in(config.c_str());\r
+ DOMDocument* doc=XMLToolingConfig::getConfig().getParser().parse(in);\r
+ XercesJanitor<DOMDocument> janitor(doc);\r
+ m_resolver = XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin(\r
+ FILESYSTEM_CREDENTIAL_RESOLVER,doc->getDocumentElement()\r
+ );\r
}\r
\r
void tearDown() {\r
QName qtype(SimpleXMLObject::NAMESPACE,SimpleXMLObject::TYPE_NAME);\r
XMLObjectBuilder::deregisterBuilder(qname);\r
XMLObjectBuilder::deregisterBuilder(qtype);\r
- delete m_key;\r
- for_each(m_certs.begin(),m_certs.end(),xmltooling::cleanup<XSECCryptoX509>());\r
+ delete m_resolver;\r
}\r
\r
void testSignature() {\r
- TS_TRACE("testSignature");\r
-\r
QName qname(SimpleXMLObject::NAMESPACE,SimpleXMLObject::LOCAL_NAME);\r
const SimpleXMLObjectBuilder* b=dynamic_cast<const SimpleXMLObjectBuilder*>(XMLObjectBuilder::getBuilder(qname));\r
TS_ASSERT(b!=NULL);\r
Signature* sig=SignatureBuilder::buildSignature();\r
sxObject->setSignature(sig);\r
sig->setContentReference(new TestContext(&chNull));\r
- sig->setSigningKey(m_key->clone());\r
+\r
+ Locker locker(m_resolver);\r
+ sig->setSigningKey(m_resolver->getKey());\r
\r
// Build KeyInfo.\r
KeyInfo* keyInfo=KeyInfoBuilder::buildKeyInfo();\r
X509Data* x509Data=X509DataBuilder::buildX509Data();\r
keyInfo->getX509Datas().push_back(x509Data);\r
- for_each(m_certs.begin(),m_certs.end(),bind1st(_addcert(),x509Data));\r
+ for_each(m_resolver->getCertificates().begin(),m_resolver->getCertificates().end(),bind1st(_addcert(),x509Data));\r
sig->setKeyInfo(keyInfo);\r
\r
- // Signing context for the whole document.\r
- vector<Signature*> sigs(1,sig);\r
DOMElement* rootElement = NULL;\r
try {\r
- rootElement=sxObject->marshall((DOMDocument*)NULL,&sigs);\r
+ rootElement=sxObject->marshall((DOMDocument*)NULL);\r
+ sig->sign();\r
}\r
catch (XMLToolingException& e) {\r
TS_TRACE(e.what());\r
auto_ptr<SimpleXMLObject> sxObject2(dynamic_cast<SimpleXMLObject*>(b->buildFromDocument(doc)));\r
TS_ASSERT(sxObject2.get()!=NULL);\r
TS_ASSERT(sxObject2->getSignature()!=NULL);\r
- sxObject2->getSignature()->registerValidator(new TestValidator(&chNull));\r
\r
try {\r
- sxObject2->getSignature()->validate(false);\r
+ TestValidator tv(&chNull);\r
+ tv.validate(sxObject2->getSignature());\r
}\r
catch (XMLToolingException& e) {\r
TS_TRACE(e.what());\r
projects / shibboleth / cpp-xmltooling.git / blobdiff