[tests] add test cases for the LassoKey class
This commit is contained in:
parent
f42bef0836
commit
466b6f3746
|
@ -2057,13 +2057,11 @@ START_TEST(test15_ds_key_info)
|
|||
list = (GList){ .data = ds_key_info, .next = NULL, .prev = NULL };
|
||||
lasso_saml2_key_info_confirmation_data_type_set_key_info(kicdt, &list);
|
||||
dump = lasso_node_debug((LassoNode*)sc, 10);
|
||||
printf("1 %s\n", dump);
|
||||
lasso_release_gobject(sc);
|
||||
lasso_release_gobject(ds_key_info);
|
||||
node = lasso_node_new_from_dump(dump);
|
||||
lasso_release_string(dump);
|
||||
dump = lasso_node_debug(node, 10);
|
||||
printf("2 %s\n", dump);
|
||||
lasso_release_string(dump);
|
||||
}
|
||||
END_TEST
|
||||
|
|
|
@ -33,6 +33,7 @@
|
|||
#include "../lasso/xml/saml_name_identifier.h"
|
||||
#include "../lasso/xml/samlp_response.h"
|
||||
#include "../lasso/utils.h"
|
||||
#include "../lasso/key.h"
|
||||
|
||||
|
||||
Suite* random_suite();
|
||||
|
@ -328,6 +329,105 @@ LlTxKnCrWAXftSm1rNtewTsF\n\
|
|||
}
|
||||
END_TEST
|
||||
|
||||
|
||||
START_TEST(test08_lasso_key)
|
||||
{
|
||||
/* normal query as produces by Lasso */
|
||||
const char query1[] = "SAMLRequest=fZHNasMwEIRfxeieWrYTtQjb4DgJBNqSNqWHXopw1kQgS6523Z%2B3r%2BxQSKDkOppvd2aVo%2BpML6uBjvYZPgZAir47Y1FODwUbvJVOoUZpVQcoqZH76uFepjdc9t6Ra5xhZ8h1QiGCJ%2B0si7argr0vxTLJ1guRilpU8%2FWtyKpNnaXrukoF32SCRa%2FgMfgLFvAAIQ6wtUjKUpB4wmc8nSX8hXOZ3Ml0%2FsaijfMNTIUK1iqDMGK7sFl%2Fwp9S5mNWOY3z5ZGol3GM%2FSLugNRBkcrjc0N%2ButJj6LNd7ZzRzc%2B4plN0ve6o6MOsnayyH6sggSUW7XfjsKdBGd1q8AX7JwOLKmPcV%2B1BUUhOfgAWl6dkl19W%2FgI%3D&RelayState=fake%5B%5D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=wDxMSEPKhK%2FuU06cmL50oVx%2B7eP5%2FQirShQE%2BLv9pT3CrVwb6WBV1Tp9XS2VVJ2odLHogdA%2FE1XDW7BIRKYgkN8bXVlC2GybSYBhyn8bwAuyHs%2BnMW48LF%2FE5vFiZxbw8tMWUAktdvDuaXoZLhubX7UgV%2B%2BdRyjhckolpXTC9xuJdoHJUDF0vzzNm8xZs6LR7tjWUoz5CcjMJA3LVfWmpE5UjCyRmGbi9knGWHdY75CFtArD%2BNSkGeNx9xySrUlik6e57Zlodv4V9WBdeopAWskO58BA27GqTmnSLooeo%2FrtLxc1NZeuau11YxNzwl%2FvN8%2FQ5IsR3Xic8X1TaCCtwg%3D%3D";
|
||||
/* SAMLRequest field was moved in the middle, Signature to the beginning and all & were
|
||||
* changed to ; */
|
||||
const char query2[] = "Signature=wDxMSEPKhK%2FuU06cmL50oVx%2B7eP5%2FQirShQE%2BLv9pT3CrVwb6WBV1Tp9XS2VVJ2odLHogdA%2FE1XDW7BIRKYgkN8bXVlC2GybSYBhyn8bwAuyHs%2BnMW48LF%2FE5vFiZxbw8tMWUAktdvDuaXoZLhubX7UgV%2B%2BdRyjhckolpXTC9xuJdoHJUDF0vzzNm8xZs6LR7tjWUoz5CcjMJA3LVfWmpE5UjCyRmGbi9knGWHdY75CFtArD%2BNSkGeNx9xySrUlik6e57Zlodv4V9WBdeopAWskO58BA27GqTmnSLooeo%2FrtLxc1NZeuau11YxNzwl%2FvN8%2FQ5IsR3Xic8X1TaCCtwg%3D%3D;RelayState=fake%5B%5D;SAMLRequest=fZHNasMwEIRfxeieWrYTtQjb4DgJBNqSNqWHXopw1kQgS6523Z%2B3r%2BxQSKDkOppvd2aVo%2BpML6uBjvYZPgZAir47Y1FODwUbvJVOoUZpVQcoqZH76uFepjdc9t6Ra5xhZ8h1QiGCJ%2B0si7argr0vxTLJ1guRilpU8%2FWtyKpNnaXrukoF32SCRa%2FgMfgLFvAAIQ6wtUjKUpB4wmc8nSX8hXOZ3Ml0%2FsaijfMNTIUK1iqDMGK7sFl%2Fwp9S5mNWOY3z5ZGol3GM%2FSLugNRBkcrjc0N%2ButJj6LNd7ZzRzc%2B4plN0ve6o6MOsnayyH6sggSUW7XfjsKdBGd1q8AX7JwOLKmPcV%2B1BUUhOfgAWl6dkl19W%2FgI%3D;SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1";
|
||||
const char query3[] = "RelayState=fake%5B%5D&SAMLRequest=fZHNasMwEIRfxeieWrYTtQjb4DgJBNqSNqWHXopw1kQgS6523Z%2B3r%2BxQSKDkOppvd2aVo%2BpML6uBjvYZPgZAir47Y1FODwUbvJVOoUZpVQcoqZH76uFepjdc9t6Ra5xhZ8h1QiGCJ%2B0si7argr0vxTLJ1guRilpU8%2FWtyKpNnaXrukoF32SCRa%2FgMfgLFvAAIQ6wtUjKUpB4wmc8nSX8hXOZ3Ml0%2FsaijfMNTIUK1iqDMGK7sFl%2Fwp9S5mNWOY3z5ZGol3GM%2FSLugNRBkcrjc0N%2ButJj6LNd7ZzRzc%2B4plN0ve6o6MOsnayyH6sggSUW7XfjsKdBGd1q8AX7JwOLKmPcV%2B1BUUhOfgAWl6dkl19W%2FgI%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=wDxMSEPKhK%2FuU06cmL50oVx%2B7eP5%2FQirShQE%2BLv9pT3CrVwb6WBV1Tp9XS2VVJ2odLHogdA%2FE1XDW7BIRKYgkN8bXVlC2GybSYBhyn8bwAuyHs%2BnMW48LF%2FE5vFiZxbw8tMWUAktdvDuaXoZLhubX7UgV%2B%2BdRyjhckolpXTC9xuJdoHJUDF0vzzNm8xZs6LR7tjWUoz5CcjMJA3LVfWmpE5UjCyRmGbi9knGWHdY75CFtArD%2BNSkGeNx9xySrUlik6e57Zlodv4V9WBdeopAWskO58BA27GqTmnSLooeo%2FrtLxc1NZeuau11YxNzwl%2FvN8%2FQ5IsR3Xic8X1TacCtwg%3D%3D";
|
||||
/* sp5-saml2 key */
|
||||
const char pkey[] = "-----BEGIN CERTIFICATE-----\n\
|
||||
MIIDnjCCAoagAwIBAgIBATANBgkqhkiG9w0BAQUFADBUMQswCQYDVQQGEwJGUjEP\n\
|
||||
MA0GA1UECBMGRnJhbmNlMQ4wDAYDVQQHEwVQYXJpczETMBEGA1UEChMKRW50cm91\n\
|
||||
dmVydDEPMA0GA1UEAxMGRGFtaWVuMB4XDTA2MTAyNzA5MDc1NFoXDTExMTAyNjA5\n\
|
||||
MDc1NFowVDELMAkGA1UEBhMCRlIxDzANBgNVBAgTBkZyYW5jZTEOMAwGA1UEBxMF\n\
|
||||
UGFyaXMxEzARBgNVBAoTCkVudHJvdXZlcnQxDzANBgNVBAMTBkRhbWllbjCCASIw\n\
|
||||
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM06Hx6VgHYR9wUf/tZVVTRkVWNq\n\
|
||||
h9x+PvHA2qH4OYMuqGs4Af6lU2YsZvnrmRdcFWv0+UkdAgXhReCWAZgtB1pd/W9m\n\
|
||||
6qDRldCCyysow6xPPKRz/pOTwRXm/fM0QGPeXzwzj34BXOIOuFu+n764vKn18d+u\n\
|
||||
uVAEzk1576pxTp4pQPzJfdNLrLeQ8vyCshoFU+MYJtp1UA+h2JoO0Y8oGvywbUxH\n\
|
||||
ioHN5PvnzObfAM4XaDQohmfxM9Uc7Wp4xKAc1nUq5hwBrHpjFMRSz6UCfMoJSGIi\n\
|
||||
+3xJMkNCjL0XEw5NKVc5jRKkzSkN5j8KTM/k1jPPsDHPRYzbWWhnNtd6JlkCAwEA\n\
|
||||
AaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0\n\
|
||||
ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFP2WWMDShux3iF74+SoO1xf6qhqaMB8G\n\
|
||||
A1UdIwQYMBaAFGjl6TRXbQDHzSlZu+e8VeBaZMB5MA0GCSqGSIb3DQEBBQUAA4IB\n\
|
||||
AQAZ/imK7UMognXbs5RfSB8cMW6iNAI+JZqe9XWjvtmLfIIPbHM96o953SiFvrvQ\n\
|
||||
BZjGmmPMK3UH29cjzDx1R/RQaYTyMrHyTePLh3BMd5mpJ/9eeJCSxPzE2ECqWRUa\n\
|
||||
pkjukecFXqmRItwgTxSIUE9QkpzvuQRb268PwmgroE0mwtiREADnvTFkLkdiEMew\n\
|
||||
fiYxZfJJLPBqwlkw/7f1SyzXoPXnz5QbNwDmrHelga6rKSprYKb3pueqaIe8j/AP\n\
|
||||
NC1/bzp8cGOcJ88BD5+Ny6qgPVCrMLE5twQumJ12V3SvjGNtzFBvg2c/9S5OmVqR\n\
|
||||
LlTxKnCrWAXftSm1rNtewTsF\n\
|
||||
-----END CERTIFICATE-----";
|
||||
LassoKey *key = lasso_key_new_for_signature_from_memory(pkey, strlen(pkey), NULL,
|
||||
LASSO_SIGNATURE_METHOD_RSA_SHA1, NULL);
|
||||
LassoKey *key2 = lasso_key_new_for_signature_from_file(
|
||||
TESTSDATADIR "/sp5-saml2/private-key.pem", NULL,
|
||||
LASSO_SIGNATURE_METHOD_RSA_SHA1, NULL);
|
||||
char *message = "<samlp:AuthnRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\" ID=\"_E3F8E9116EE08F0E2607CF9789649BB4\" Version=\"2.0\" IssueInstant=\"2012-03-09T11:34:48Z\" ForceAuthn=\"false\" IsPassive=\"false\"><saml:Issuer>http://sp5/metadata</saml:Issuer><Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\">\n\
|
||||
<SignedInfo>\n\
|
||||
<CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/>\n\
|
||||
<SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"/>\n\
|
||||
<Reference URI=\"#_E3F8E9116EE08F0E2607CF9789649BB4\">\n\
|
||||
<Transforms>\n\
|
||||
<Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/>\n\
|
||||
<Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/>\n\
|
||||
</Transforms>\n\
|
||||
<DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"/>\n\
|
||||
<DigestValue>tMncKjklMJaJLbmB7bARmX14Fdg=</DigestValue>\n\
|
||||
</Reference>\n\
|
||||
</SignedInfo>\n\
|
||||
<SignatureValue>VjAHErXE8rz5yQ/t9Ubws11E59PsU/tXPtL6eCMAVLQxV4Bv0dwyYkeHtge1DXDT\n\
|
||||
usTy1c17+iuYCVqD3Db51+LMVsHchj0j44fhu/PXNQTmgiT2AuVfH97YhiBWykAs\n\
|
||||
LwT8MiE9vNGiHQwsWVjhdzooVmU0M80m0Ij2DFMcYiKzmuMhE4M65qUO4tygQLiL\n\
|
||||
YB5oPe0VYKEBJLfaTvuijLBTi4ecx6aU+HptAvuEOcCbcJZtGyv7jr2yuEDSq72S\n\
|
||||
0hwOV0CIsQoSf/vL7R9RzTs2bpgYVGqgerhpWsz6dqo7YX0NSj9pMbXZiOyX/YzS\n\
|
||||
uP3QSjow05NiPhy8ywKW8A==</SignatureValue>\n\
|
||||
<KeyInfo>\n\
|
||||
<KeyValue>\n\
|
||||
<RSAKeyValue>\n\
|
||||
<Modulus>\n\
|
||||
zTofHpWAdhH3BR/+1lVVNGRVY2qH3H4+8cDaofg5gy6oazgB/qVTZixm+euZF1wV\n\
|
||||
a/T5SR0CBeFF4JYBmC0HWl39b2bqoNGV0ILLKyjDrE88pHP+k5PBFeb98zRAY95f\n\
|
||||
PDOPfgFc4g64W76fvri8qfXx3665UATOTXnvqnFOnilA/Ml900ust5Dy/IKyGgVT\n\
|
||||
4xgm2nVQD6HYmg7Rjyga/LBtTEeKgc3k++fM5t8AzhdoNCiGZ/Ez1RztanjEoBzW\n\
|
||||
dSrmHAGsemMUxFLPpQJ8yglIYiL7fEkyQ0KMvRcTDk0pVzmNEqTNKQ3mPwpMz+TW\n\
|
||||
M8+wMc9FjNtZaGc213omWQ==\n\
|
||||
</Modulus>\n\
|
||||
<Exponent>\n\
|
||||
AQAB\n\
|
||||
</Exponent>\n\
|
||||
</RSAKeyValue>\n\
|
||||
</KeyValue>\n\
|
||||
</KeyInfo>\n\
|
||||
</Signature><samlp:NameIDPolicy Format=\"urn:oasis:names:tc:SAML:2.0:nameid-format:persistent\" AllowCreate=\"true\"/></samlp:AuthnRequest>";
|
||||
xmlDoc *doc;
|
||||
|
||||
doc = xmlParseDoc(BAD_CAST message);
|
||||
fail_unless(key != NULL, "Cannot load public key");
|
||||
fail_unless(lasso_key_query_verify(key, query1) == 0, "Signature was not validated");
|
||||
/* test reordering and semi-colon separator support */
|
||||
fail_unless(lasso_key_query_verify(key, query2) == 0, "Disordered signature was not validated");
|
||||
fail_unless(lasso_key_query_verify(key, query3) != 0, "Altered signature was validated");
|
||||
fail_unless(lasso_key_saml2_xml_verify(key,
|
||||
"_E3F8E9116EE08F0E2607CF9789649BB4", xmlDocGetRootElement(doc)) == 0,
|
||||
"XML Signature is not validated");
|
||||
g_object_unref(key);
|
||||
fail_unless(key2 != NULL, "Cannot load public key2");
|
||||
fail_unless(lasso_key_query_verify(key2, query1) == 0, "Signature was not validated");
|
||||
/* test reordering and semi-colon separator support */
|
||||
fail_unless(lasso_key_query_verify(key2, query2) == 0, "Disordered signature was not validated");
|
||||
fail_unless(lasso_key_query_verify(key2, query3) != 0, "Altered signature was validated");
|
||||
fail_unless(lasso_key_saml2_xml_verify(key2,
|
||||
"_E3F8E9116EE08F0E2607CF9789649BB4", xmlDocGetRootElement(doc)) == 0,
|
||||
"XML Signature is not validated");
|
||||
g_object_unref(key2);
|
||||
lasso_release_doc(doc);
|
||||
}
|
||||
END_TEST
|
||||
|
||||
Suite*
|
||||
random_suite()
|
||||
{
|
||||
|
@ -335,6 +435,7 @@ random_suite()
|
|||
TCase *tc_providers = tcase_create("Provider stuffs");
|
||||
TCase *tc_servers = tcase_create("Server stuffs");
|
||||
TCase *tc_node = tcase_create("Node stuff");
|
||||
TCase *tc_keys = tcase_create("Lasso keys");
|
||||
|
||||
suite_add_tcase(s, tc_providers);
|
||||
tcase_add_test(tc_providers, test01_provider_new);
|
||||
|
@ -351,6 +452,9 @@ random_suite()
|
|||
tcase_add_test(tc_node, test06_lib_statuscode);
|
||||
tcase_add_test(tc_node, test07_saml2_query_verify_signature);
|
||||
|
||||
suite_add_tcase(s, tc_keys);
|
||||
tcase_add_test(tc_keys, test08_lasso_key);
|
||||
|
||||
return s;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue