[xmltooling] 07/24: CPPXT-110 test for code changes to OpenSSLCryptoKeyDSA

Ferenc Wágner wferi at moszumanska.debian.org
Fri Dec 16 11:56:11 UTC 2016 

This is an automated email from the git hooks/post-receive script.

wferi pushed a commit to branch master
in repository xmltooling.

commit 6b3d60c686265b538a38637893f86853dcb22eba
Author: Rod Widdowson <rdw at steadingsoftware.com>
Date:   Thu Nov 10 05:39:55 2016 -0500

    CPPXT-110 test for code changes to OpenSSLCryptoKeyDSA
    
    https://issues.shibboleth.net/jira/browse/CPPXT-110
    
    Load a hand crafted <ds:keyInfo> and prove that its the same as loaded by OpenSSL.
---
 xmltoolingtest/InlineKeyResolverTest.h | 44 ++++++++++++++++++++++++++++++++++
 xmltoolingtest/data/KeyInfoDSA.xml     | 17 +++++++++++++
 2 files changed, 61 insertions(+)

diff --git a/xmltoolingtest/InlineKeyResolverTest.h b/xmltoolingtest/InlineKeyResolverTest.h
index 6418ec2..87c3f0f 100644
--- a/xmltoolingtest/InlineKeyResolverTest.h
+++ b/xmltoolingtest/InlineKeyResolverTest.h
@@ -24,8 +24,12 @@
 
 #include <xmltooling/security/X509Credential.h>
 #include <xmltooling/security/KeyInfoResolver.h>
+#include <xmltooling/security/Credential.h>
+#include <xmltooling/security/CredentialCriteria.h>
+#include <xmltooling/security/CredentialResolver.h>
 #include <xmltooling/signature/KeyInfo.h>
 
+
 #include <xsec/enc/XSECCryptoKey.hpp>
 
 #include <xsec/dsig/DSIGReference.hpp>
@@ -83,6 +87,45 @@ public:
         TSM_ASSERT_EQUALS("Wrong CRL count.", cred->getCRLs().size(), 3);
     }
 
+    void testOpenSSLDSA() {
+
+        string path=data_path + "KeyInfoDSA.xml";
+        ifstream fs(path.c_str());
+        DOMDocument* doc=XMLToolingConfig::getConfig().getValidatingParser().parse(fs);
+        TS_ASSERT(doc!=nullptr);
+        const XMLObjectBuilder* b = XMLObjectBuilder::getBuilder(doc->getDocumentElement());
+        TS_ASSERT(b!=nullptr);
+        auto_ptr<KeyInfo> kiObject(dynamic_cast<KeyInfo*>(b->buildFromDocument(doc)));
+        TS_ASSERT(kiObject.get()!=nullptr);
+
+        auto_ptr<X509Credential> credFromKeyInfo(dynamic_cast<X509Credential*>(m_resolver->resolve(kiObject.get())));
+        const DSA *keyInfoDSA = dynamic_cast<OpenSSLCryptoKeyDSA*>(credFromKeyInfo->getPublicKey())->getOpenSSLDSA();
+
+        path = data_path + "FileSystemCredentialResolver.xml";
+        ifstream in(path.c_str());
+        DOMDocument* cdoc=XMLToolingConfig::getConfig().getParser().parse(in);
+        XercesJanitor<DOMDocument> cjanitor(cdoc);
+        CredentialResolver* cresolver = XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin(
+            CHAINING_CREDENTIAL_RESOLVER,cdoc->getDocumentElement()
+            );
+
+        CredentialCriteria cc;
+        cc.setUsage(Credential::SIGNING_CREDENTIAL);
+        cc.setKeyAlgorithm("DSA");
+        OpenSSLCryptoKeyDSA* fileResolverCryptoKeyDSA = dynamic_cast<OpenSSLCryptoKeyDSA*>(cresolver->resolve(&cc)->getPublicKey());
+        DSA* fileResolverDSA = fileResolverCryptoKeyDSA ->getOpenSSLDSA();
+
+        int cmp = BN_cmp(keyInfoDSA->g, fileResolverDSA->g);
+        TSM_ASSERT(cmp, "G mismatch between keyInfo and file");
+        cmp = BN_cmp(keyInfoDSA->p, fileResolverDSA->p);
+        TSM_ASSERT(cmp, "P mismatch between keyInfo and file");
+        cmp = BN_cmp(keyInfoDSA->q, fileResolverDSA->q);
+        TSM_ASSERT(cmp, "Q mismatch between keyInfo and file");
+        cmp = BN_cmp(keyInfoDSA->priv_key, fileResolverDSA->priv_key);
+        //TSM_ASSERT(cmp, "G mismatch between keyInfo and file");  // There is no private key in KeyInfo
+        cmp = BN_cmp(keyInfoDSA->pub_key, fileResolverDSA->pub_key);
+        TSM_ASSERT(cmp, "PubKey/Y mismatch between keyInfo and file");
+    }
 
     void testOpenSSLRSA() {
         string path=data_path + "KeyInfo1.xml";
@@ -131,6 +174,7 @@ public:
         TS_ASSERT(0 ==  BN_cmp(kiqmp, iqmp));
     }
 
+
     void testDER() {
         string path=data_path + "KeyInfo5.xml";
         ifstream fs(path.c_str());
diff --git a/xmltoolingtest/data/KeyInfoDSA.xml b/xmltoolingtest/data/KeyInfoDSA.xml
new file mode 100644
index 0000000..f0c3ebb
--- /dev/null
+++ b/xmltoolingtest/data/KeyInfoDSA.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+    <ds:KeyName>Foo</ds:KeyName>
+    <ds:KeyName>Bar</ds:KeyName>
+    <ds:KeyValue>
+        <ds:DSAKeyValue>
+            <ds:P>ANVGAtN1Mxr3ZkxKcQqZaMxw2Qbre4jG8G+KFhcPYJQNjhpYH2O+DVWx02vV4H9ypCnPaANktCitKuQSiDA9l1U=
+</ds:P>
+            <ds:Q>AK/apfGsK5pA4iia1j9qAR0Tdaw1
+</ds:Q>
+            <ds:G>DmEQoo+YAVNTUGokcy1ki01WgMfTBsvPqYjRDzcmF7p4oJ8neVCn0B990jv9W8v8gpvxr+w5ZpQkJybngJFAjw==
+</ds:G>
+            <ds:Y>AMJPFxCB9Kp6ekdM90H23zv4JNEhkm1qXNix44Xdl6IABgE896kpNzGQDCKf6iecO7oX+eTJl3KwT3oNE+8EQxk=
+</ds:Y>
+        </ds:DSAKeyValue>
+    </ds:KeyValue> 
+</ds:KeyInfo>

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-shibboleth/xmltooling.git

More information about the Pkg-shibboleth-devel mailing list