Test: add non regression test for reloading a server dump with encrypted keys

bindings/python/tests/binding_tests.py

@@ -287,6 +287,19 @@ class BindingTestCase(unittest.TestCase):
         # reset
         server.setEncryptionPrivateKeyWithPassword()
 
+    def test11(self):
+        '''Test saving and reloading a Server using an encrypted private key'''
+        pkey = os.path.join(dataDir, 'sp7-saml2', 'private-key.pem')
+        mdata = os.path.join(dataDir, 'sp7-saml2', 'metadata.xml')
+        password = file(os.path.join(dataDir, 'sp7-saml2', 'password')).read().strip()
+        server = lasso.Server(mdata, pkey, password)
+        print server
+        assert isinstance(server, lasso.Server)
+        server_dump = server.dump()
+        assert server_dump
+        server = lasso.Server.newFromDump(server_dump)
+        assert isinstance(server, lasso.Server)
+
 bindingSuite = unittest.makeSuite(BindingTestCase, 'test')
 
 allTests = unittest.TestSuite((bindingSuite, ))

tests/data/sp7-saml2/Makefile.am

@@ -0,0 +1,2 @@
+MAINTAINERCLEANFILES = Makefile.in
+EXTRA_DIST = metadata.xml private-key.pem

tests/data/sp7-saml2/metadata.xml

@@ -0,0 +1,46 @@
+<?xml version="1.0"?>
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+    xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+    entityID="http://sp7/metadata">
+<SPSSODescriptor
+    AuthnRequestsSigned="true"
+    protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+
+<KeyDescriptor use="signing">
+    <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+      <ds:KeyValue>-----BEGIN PUBLIC KEY-----
+MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAN0uVeOaTMQjhFlwGv/yBiGOdHDwiHb3
+BD+ALxLgfcd9LpbAePbKk4Tx/juoEEPT3guQD0zyg0IcqkXO/JxrPa0CAwEAAQ==
+-----END PUBLIC KEY-----</ds:KeyValue>
+    </ds:KeyInfo>
+  </KeyDescriptor>
+
+  <SingleLogoutService
+    Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+    Location="http://sp7/singleLogoutSOAP" />
+  <SingleLogoutService
+    Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+    Location="http://sp7/singleLogout"
+    ResponseLocation="http://sp7/singleLogoutReturn" />
+  <ManageNameIDService
+    Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+    Location="http://sp7/manageNameIdSOAP" />
+  <ManageNameIDService
+    Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+    Location="http://sp7/manageNameId"
+    ResponseLocation="http://sp7/manageNameIdReturn" />
+  <AssertionConsumerService isDefault="true" index="0"
+    Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
+    Location="http://sp7/singleSignOnArtifact" />
+  <AssertionConsumerService index="1"
+    Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+    Location="http://sp7/singleSignOnPost" />
+  <AssertionConsumerService index="2"
+    Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS"
+    Location="http://sp7/singleSignOnSOAP" />
+</SPSSODescriptor>
+<Organization>
+   <OrganizationName xml:lang="en">Lasso Test SP7</OrganizationName>
+</Organization>
+</EntityDescriptor>

tests/data/sp7-saml2/password

@@ -0,0 +1 @@
+geronimo

tests/data/sp7-saml2/private-key.pem

@@ -0,0 +1,12 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: AES-256-CBC,EF4EF473516D85011B23403600D01371
+
+kwbLjFZ8SsSyhTosBKpU1N5hvh4INRpJkXmj8aNHppz75nyGTo/jar+FRD6LA0fX
+3dbXdcHveUHSFs9t2AADQfVAJUbZU0D3bN0horJljA+ymiZ22Fr421cdxqbd2+1U
+4ZmPKF+w/ALkal821a2+br/OP6V1mA4KH7/YScmSGKGKkl1TZ/5cV8bjwAQGJyck
+4e0loU9yrAkw3oua1bWAudl7suS62K0AQA3K5lmfUld3JNzO/TQq2qIcvJVU1hEi
+UtE8biPKjcNOdEcz98+hgsHd1+jBR4tazaaib92P3ga7IgAr+AGwoHd6wBh5q11+
+1/cNTH8MC2AbQhhll4e9bo7A/RmorqvIUQ4/7b8lBzi8JbcgME3UOhBJqSzkgnTb
+emO3IOAQHLbcvel03MbiwS8nhKjdldNdj2NudHD8FPI=
+-----END RSA PRIVATE KEY-----