tests for loading certs and keys from metadata

8 files changed, 257 insertions, 2 deletions

diff --git a/tests/Makefile.am b/tests/Makefile.am
index 4cb1b628..230460bc 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -11,7 +11,7 @@ INCLUDES = \
 	$(LASSO_CFLAGS) \
 	$(CHECK_CFLAGS)
 
-tests_SOURCES = tests.c login_tests.c basic_tests.c random_tests.c
+tests_SOURCES = tests.c login_tests.c basic_tests.c random_tests.c metadata_tests.c
 tests_LDADD = \
 	$(top_builddir)/lasso/liblasso.la \
 	$(LASSO_LIBS) \
@@ -22,7 +22,7 @@ perfs_LDADD = $(top_builddir)/lasso/liblasso.la $(LASSO_LIBS)
 
 endif
 
-EXTRA_DIST = tests.c login_tests.c basic_tests.c random_tests.c
+EXTRA_DIST = tests.c login_tests.c basic_tests.c random_tests.c metadata_tests.c
 
 SUBDIRS = data
 
diff --git a/tests/metadata/metadata_01.xml b/tests/metadata/metadata_01.xml
new file mode 100644
index 00000000..5deacba1
--- /dev/null
+++ b/tests/metadata/metadata_01.xml
@@ -0,0 +1,38 @@
+<?xml version="1.0"?>
+<EntityDescriptor
+    providerID="http://test.local/liberty/metadata"
+    xmlns="urn:liberty:metadata:2003-08">
+
+<SPDescriptor protocolSupportEnumeration="urn:liberty:iff:2003-08">
+
+  <KeyDescriptor use="signing">
+    <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+      <ds:X509Data>
+        <ds:X509Certificate>
+MIIDnjCCAoagAwIBAgIBATANBgkqhkiG9w0BAQUFADBUMQswCQYDVQQGEwJGUjEP
+MA0GA1UECBMGRnJhbmNlMQ4wDAYDVQQHEwVQYXJpczETMBEGA1UEChMKRW50cm91
+dmVydDEPMA0GA1UEAxMGRGFtaWVuMB4XDTA2MTAyNzA5MDc1NFoXDTExMTAyNjA5
+MDc1NFowVDELMAkGA1UEBhMCRlIxDzANBgNVBAgTBkZyYW5jZTEOMAwGA1UEBxMF
+UGFyaXMxEzARBgNVBAoTCkVudHJvdXZlcnQxDzANBgNVBAMTBkRhbWllbjCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM06Hx6VgHYR9wUf/tZVVTRkVWNq
+h9x+PvHA2qH4OYMuqGs4Af6lU2YsZvnrmRdcFWv0+UkdAgXhReCWAZgtB1pd/W9m
+6qDRldCCyysow6xPPKRz/pOTwRXm/fM0QGPeXzwzj34BXOIOuFu+n764vKn18d+u
+uVAEzk1576pxTp4pQPzJfdNLrLeQ8vyCshoFU+MYJtp1UA+h2JoO0Y8oGvywbUxH
+ioHN5PvnzObfAM4XaDQohmfxM9Uc7Wp4xKAc1nUq5hwBrHpjFMRSz6UCfMoJSGIi
++3xJMkNCjL0XEw5NKVc5jRKkzSkN5j8KTM/k1jPPsDHPRYzbWWhnNtd6JlkCAwEA
+AaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0
+ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFP2WWMDShux3iF74+SoO1xf6qhqaMB8G
+A1UdIwQYMBaAFGjl6TRXbQDHzSlZu+e8VeBaZMB5MA0GCSqGSIb3DQEBBQUAA4IB
+AQAZ/imK7UMognXbs5RfSB8cMW6iNAI+JZqe9XWjvtmLfIIPbHM96o953SiFvrvQ
+BZjGmmPMK3UH29cjzDx1R/RQaYTyMrHyTePLh3BMd5mpJ/9eeJCSxPzE2ECqWRUa
+pkjukecFXqmRItwgTxSIUE9QkpzvuQRb268PwmgroE0mwtiREADnvTFkLkdiEMew
+fiYxZfJJLPBqwlkw/7f1SyzXoPXnz5QbNwDmrHelga6rKSprYKb3pueqaIe8j/AP
+NC1/bzp8cGOcJ88BD5+Ny6qgPVCrMLE5twQumJ12V3SvjGNtzFBvg2c/9S5OmVqR
+LlTxKnCrWAXftSm1rNtewTsF
+        </ds:X509Certificate>
+      </ds:X509Data>
+    </ds:KeyInfo>
+  </KeyDescriptor>
+
+</SPDescriptor>
+</EntityDescriptor>
diff --git a/tests/metadata/metadata_02.xml b/tests/metadata/metadata_02.xml
new file mode 100644
index 00000000..3fa9a86e
--- /dev/null
+++ b/tests/metadata/metadata_02.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0"?>
+<EntityDescriptor
+    providerID="http://test.local/liberty/metadata"
+    xmlns="urn:liberty:metadata:2003-08">
+
+<SPDescriptor protocolSupportEnumeration="urn:liberty:iff:2003-08">
+
+  <KeyDescriptor use="signing">
+    <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+      <ds:X509Data>
+        <ds:X509Certificate>
+-----BEGIN CERTIFICATE----- MIIDnjCCAoagAwIBAgIBATANBgkqhkiG9w0BAQUFADBUMQswCQYDVQQGEwJGUjEP
+MA0GA1UECBMGRnJhbmNlMQ4wDAYDVQQHEwVQYXJpczETMBEGA1UEChMKRW50cm91
+dmVydDEPMA0GA1UEAxMGRGFtaWVuMB4XDTA2MTAyNzA5MDc1NFoXDTExMTAyNjA5
+MDc1NFowVDELMAkGA1UEBhMCRlIxDzANBgNVBAgTBkZyYW5jZTEOMAwGA1UEBxMF
+UGFyaXMxEzARBgNVBAoTCkVudHJvdXZlcnQxDzANBgNVBAMTBkRhbWllbjCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM06Hx6VgHYR9wUf/tZVVTRkVWNq
+h9x+PvHA2qH4OYMuqGs4Af6lU2YsZvnrmRdcFWv0+UkdAgXhReCWAZgtB1pd/W9m
+6qDRldCCyysow6xPPKRz/pOTwRXm/fM0QGPeXzwzj34BXOIOuFu+n764vKn18d+u
+uVAEzk1576pxTp4pQPzJfdNLrLeQ8vyCshoFU+MYJtp1UA+h2JoO0Y8oGvywbUxH
+ioHN5PvnzObfAM4XaDQohmfxM9Uc7Wp4xKAc1nUq5hwBrHpjFMRSz6UCfMoJSGIi
++3xJMkNCjL0XEw5NKVc5jRKkzSkN5j8KTM/k1jPPsDHPRYzbWWhnNtd6JlkCAwEA
+AaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0
+ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFP2WWMDShux3iF74+SoO1xf6qhqaMB8G
+A1UdIwQYMBaAFGjl6TRXbQDHzSlZu+e8VeBaZMB5MA0GCSqGSIb3DQEBBQUAA4IB
+AQAZ/imK7UMognXbs5RfSB8cMW6iNAI+JZqe9XWjvtmLfIIPbHM96o953SiFvrvQ
+BZjGmmPMK3UH29cjzDx1R/RQaYTyMrHyTePLh3BMd5mpJ/9eeJCSxPzE2ECqWRUa
+pkjukecFXqmRItwgTxSIUE9QkpzvuQRb268PwmgroE0mwtiREADnvTFkLkdiEMew
+fiYxZfJJLPBqwlkw/7f1SyzXoPXnz5QbNwDmrHelga6rKSprYKb3pueqaIe8j/AP
+NC1/bzp8cGOcJ88BD5+Ny6qgPVCrMLE5twQumJ12V3SvjGNtzFBvg2c/9S5OmVqR
+LlTxKnCrWAXftSm1rNtewTsF
+-----END CERTIFICATE-----
+        </ds:X509Certificate>
+      </ds:X509Data>
+    </ds:KeyInfo>
+  </KeyDescriptor>
+
+</SPDescriptor>
+</EntityDescriptor>
diff --git a/tests/metadata/metadata_03.xml b/tests/metadata/metadata_03.xml
new file mode 100644
index 00000000..e06ea631
--- /dev/null
+++ b/tests/metadata/metadata_03.xml
@@ -0,0 +1,23 @@
+<?xml version="1.0"?>
+<EntityDescriptor
+    providerID="http://test.local/liberty/metadata"
+    xmlns="urn:liberty:metadata:2003-08">
+
+<SPDescriptor protocolSupportEnumeration="urn:liberty:iff:2003-08">
+
+  <KeyDescriptor use="signing">
+    <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+      <ds:KeyValue>
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTofHpWAdhH3BR/+1lVV
+NGRVY2qH3H4+8cDaofg5gy6oazgB/qVTZixm+euZF1wVa/T5SR0CBeFF4JYBmC0H
+Wl39b2bqoNGV0ILLKyjDrE88pHP+k5PBFeb98zRAY95fPDOPfgFc4g64W76fvri8
+qfXx3665UATOTXnvqnFOnilA/Ml900ust5Dy/IKyGgVT4xgm2nVQD6HYmg7Rjyga
+/LBtTEeKgc3k++fM5t8AzhdoNCiGZ/Ez1RztanjEoBzWdSrmHAGsemMUxFLPpQJ8
+yglIYiL7fEkyQ0KMvRcTDk0pVzmNEqTNKQ3mPwpMz+TWM8+wMc9FjNtZaGc213om
+WQIDAQAB
+      </ds:KeyValue>
+    </ds:KeyInfo>
+  </KeyDescriptor>
+
+</SPDescriptor>
+</EntityDescriptor>
diff --git a/tests/metadata/metadata_04.xml b/tests/metadata/metadata_04.xml
new file mode 100644
index 00000000..46caf80a
--- /dev/null
+++ b/tests/metadata/metadata_04.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0"?>
+<EntityDescriptor
+    providerID="http://test.local/liberty/metadata"
+    xmlns="urn:liberty:metadata:2003-08">
+
+<SPDescriptor protocolSupportEnumeration="urn:liberty:iff:2003-08">
+
+  <KeyDescriptor use="signing">
+    <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+      <ds:KeyValue>
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTofHpWAdhH3BR/+1lVV
+NGRVY2qH3H4+8cDaofg5gy6oazgB/qVTZixm+euZF1wVa/T5SR0CBeFF4JYBmC0H
+Wl39b2bqoNGV0ILLKyjDrE88pHP+k5PBFeb98zRAY95fPDOPfgFc4g64W76fvri8
+qfXx3665UATOTXnvqnFOnilA/Ml900ust5Dy/IKyGgVT4xgm2nVQD6HYmg7Rjyga
+/LBtTEeKgc3k++fM5t8AzhdoNCiGZ/Ez1RztanjEoBzWdSrmHAGsemMUxFLPpQJ8
+yglIYiL7fEkyQ0KMvRcTDk0pVzmNEqTNKQ3mPwpMz+TWM8+wMc9FjNtZaGc213om
+WQIDAQAB
+-----END PUBLIC KEY-----
+      </ds:KeyValue>
+    </ds:KeyInfo>
+  </KeyDescriptor>
+
+</SPDescriptor>
+</EntityDescriptor>
diff --git a/tests/metadata/metadata_05.xml b/tests/metadata/metadata_05.xml
new file mode 100644
index 00000000..13f3b85f
--- /dev/null
+++ b/tests/metadata/metadata_05.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0"?>
+<EntityDescriptor
+    providerID="http://test.local/liberty/metadata"
+    xmlns="urn:liberty:metadata:2003-08">
+
+<SPDescriptor protocolSupportEnumeration="urn:liberty:iff:2003-08">
+
+  <KeyDescriptor use="signing">
+    <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+      <ds:X509Data>
+        <ds:X509Certificate>
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTofHpWAdhH3BR/+1lVV
+NGRVY2qH3H4+8cDaofg5gy6oazgB/qVTZixm+euZF1wVa/T5SR0CBeFF4JYBmC0H
+Wl39b2bqoNGV0ILLKyjDrE88pHP+k5PBFeb98zRAY95fPDOPfgFc4g64W76fvri8
+qfXx3665UATOTXnvqnFOnilA/Ml900ust5Dy/IKyGgVT4xgm2nVQD6HYmg7Rjyga
+/LBtTEeKgc3k++fM5t8AzhdoNCiGZ/Ez1RztanjEoBzWdSrmHAGsemMUxFLPpQJ8
+yglIYiL7fEkyQ0KMvRcTDk0pVzmNEqTNKQ3mPwpMz+TWM8+wMc9FjNtZaGc213om
+WQIDAQAB
+        </ds:X509Certificate>
+      </ds:X509Data>
+    </ds:KeyInfo>
+  </KeyDescriptor>
+
+</SPDescriptor>
+</EntityDescriptor>
diff --git a/tests/metadata_tests.c b/tests/metadata_tests.c
new file mode 100644
index 00000000..5f5e7cd2
--- /dev/null
+++ b/tests/metadata_tests.c
@@ -0,0 +1,103 @@
+/*
+ * Lasso library C unit tests
+ *
+ * Copyright (C) 2006 Entr'ouvert
+ * http://lasso.entrouvert.org
+ *
+ * Authors: See AUTHORS file in top-level directory.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <check.h>
+
+#include <lasso/lasso.h>
+#include <lasso/id-ff/provider.h>
+
+START_TEST(test01_metadata_load_der_certificate_from_x509_cert)
+{
+	LassoProvider *provider = lasso_provider_new(LASSO_PROVIDER_ROLE_SP,
+			"metadata/metadata_01.xml", NULL, NULL);
+	fail_unless(provider != NULL, "Can't load DER certificate from <ds:X509Certificate>");
+}
+END_TEST
+
+START_TEST(test02_metadata_load_pem_certificate_from_x509_cert)
+{
+	LassoProvider *provider = lasso_provider_new(LASSO_PROVIDER_ROLE_SP,
+			"metadata/metadata_02.xml", NULL, NULL);
+	fail_unless(provider != NULL, "Can't load PEM certificate from <ds:X509Certificate>");
+}
+END_TEST
+
+START_TEST(test03_metadata_load_der_public_key_from_keyvalue)
+{
+	LassoProvider *provider = lasso_provider_new(LASSO_PROVIDER_ROLE_SP,
+			"metadata/metadata_03.xml", NULL, NULL);
+	fail_unless(provider != NULL, "Can't load DER public key from <ds:KeyValue>");
+}
+END_TEST
+
+START_TEST(test04_metadata_load_pem_public_key_from_keyvalue)
+{
+	LassoProvider *provider = lasso_provider_new(LASSO_PROVIDER_ROLE_SP,
+			"metadata/metadata_04.xml", NULL, NULL);
+	fail_unless(provider != NULL, "Can't load PEM public key from <ds:KeyValue>");
+}
+END_TEST
+
+START_TEST(test05_metadata_load_public_key_from_x509_cert)
+{
+	LassoProvider *provider = lasso_provider_new(LASSO_PROVIDER_ROLE_SP,
+			"metadata/metadata_05.xml", NULL, NULL);
+	fail_unless(provider != NULL, "Can't load DER public key from <ds:X509Certificate>");
+}
+END_TEST
+
+
+Suite*
+metadata_suite()
+{
+	Suite *s = suite_create("Metadata");
+	TCase *tc_metadata_load_der_certificate_from_x509_cert =
+		tcase_create("Load DER certificate from metadata");
+	TCase *tc_metadata_load_pem_certificate_from_x509_cert =
+		tcase_create("Load PEM certificate from metadata");
+	TCase *tc_metadata_load_der_public_key_from_keyvalue =
+		tcase_create("Load DER public key from <ds:KeyValue>");
+	TCase *tc_metadata_load_pem_public_key_from_keyvalue =
+		tcase_create("Load PEM public key from <ds:KeyValue>");
+	TCase *tc_metadata_load_public_key_from_x509_cert =
+		tcase_create("Load DER public key from <ds:X509Certificate>");
+	suite_add_tcase(s, tc_metadata_load_der_certificate_from_x509_cert);
+	suite_add_tcase(s, tc_metadata_load_pem_certificate_from_x509_cert);
+	suite_add_tcase(s, tc_metadata_load_der_public_key_from_keyvalue);
+	suite_add_tcase(s, tc_metadata_load_pem_public_key_from_keyvalue);
+	suite_add_tcase(s, tc_metadata_load_public_key_from_x509_cert);
+	tcase_add_test(tc_metadata_load_der_certificate_from_x509_cert,
+		test01_metadata_load_der_certificate_from_x509_cert);
+	tcase_add_test(tc_metadata_load_pem_certificate_from_x509_cert,
+		test02_metadata_load_pem_certificate_from_x509_cert);
+	tcase_add_test(tc_metadata_load_der_public_key_from_keyvalue,
+		test03_metadata_load_der_public_key_from_keyvalue);
+	tcase_add_test(tc_metadata_load_pem_public_key_from_keyvalue,
+		test04_metadata_load_pem_public_key_from_keyvalue);
+	tcase_add_test(tc_metadata_load_public_key_from_x509_cert,
+		test05_metadata_load_public_key_from_x509_cert);
+	return s;
+}
diff --git a/tests/tests.c b/tests/tests.c
index b92844a0..64f45f01 100644
--- a/tests/tests.c
+++ b/tests/tests.c
@@ -31,6 +31,7 @@
 extern Suite* basic_suite();
 extern Suite* login_suite();
 extern Suite* random_suite();
+extern Suite* metadata_suite();
 
 typedef Suite* (*SuiteFunction) ();
 
@@ -38,6 +39,7 @@ SuiteFunction suites[] = {
 	basic_suite,
 	login_suite,
 	random_suite,
+	metadata_suite,
 	NULL
 };