summaryrefslogtreecommitdiffstats
path: root/tests/data
diff options
context:
space:
mode:
authorBenjamin Dauvergne <bdauvergne@entrouvert.com>2011-11-22 17:42:41 +0100
committerBenjamin Dauvergne <bdauvergne@entrouvert.com>2011-11-22 18:51:49 +0100
commit95137b1ad10b706c3ba99a0455c6db83a2b4be8b (patch)
tree72708c31c43f47497320ac66164a5dde39369d40 /tests/data
parentfd7af65e910b5aa2f5710863eb8ffb86b9f7ca2f (diff)
downloadlasso-95137b1ad10b706c3ba99a0455c6db83a2b4be8b.tar.gz
lasso-95137b1ad10b706c3ba99a0455c6db83a2b4be8b.tar.xz
lasso-95137b1ad10b706c3ba99a0455c6db83a2b4be8b.zip
[tests] add test for rollover on the SP side, i.e. rollover of encryption keys
This test case is the first to abstract the workflow between two LassoLogin object (for the idp and sp side). This part of the code could be used to simplify the code of other tests in the future.
Diffstat (limited to 'tests/data')
-rw-r--r--tests/data/idp6-saml2/certificate.pem22
-rw-r--r--tests/data/sp11-multikey-saml2/certificate-after-rollover.pem22
-rw-r--r--tests/data/sp11-multikey-saml2/certificate-before-rollover.pem14
-rw-r--r--tests/data/sp11-multikey-saml2/metadata-after-rollover.xml88
-rw-r--r--tests/data/sp11-multikey-saml2/metadata-before-rollover.xml88
-rw-r--r--tests/data/sp11-multikey-saml2/private-key-after-rollover.pem27
-rw-r--r--tests/data/sp11-multikey-saml2/private-key-before-rollover.pem15
7 files changed, 276 insertions, 0 deletions
diff --git a/tests/data/idp6-saml2/certificate.pem b/tests/data/idp6-saml2/certificate.pem
new file mode 100644
index 00000000..9bdaf99d
--- /dev/null
+++ b/tests/data/idp6-saml2/certificate.pem
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDnjCCAoagAwIBAgIBATANBgkqhkiG9w0BAQUFADBUMQswCQYDVQQGEwJGUjEP
+MA0GA1UECBMGRnJhbmNlMQ4wDAYDVQQHEwVQYXJpczETMBEGA1UEChMKRW50cm91
+dmVydDEPMA0GA1UEAxMGRGFtaWVuMB4XDTA2MTAyNzA5MDc1NFoXDTExMTAyNjA5
+MDc1NFowVDELMAkGA1UEBhMCRlIxDzANBgNVBAgTBkZyYW5jZTEOMAwGA1UEBxMF
+UGFyaXMxEzARBgNVBAoTCkVudHJvdXZlcnQxDzANBgNVBAMTBkRhbWllbjCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM06Hx6VgHYR9wUf/tZVVTRkVWNq
+h9x+PvHA2qH4OYMuqGs4Af6lU2YsZvnrmRdcFWv0+UkdAgXhReCWAZgtB1pd/W9m
+6qDRldCCyysow6xPPKRz/pOTwRXm/fM0QGPeXzwzj34BXOIOuFu+n764vKn18d+u
+uVAEzk1576pxTp4pQPzJfdNLrLeQ8vyCshoFU+MYJtp1UA+h2JoO0Y8oGvywbUxH
+ioHN5PvnzObfAM4XaDQohmfxM9Uc7Wp4xKAc1nUq5hwBrHpjFMRSz6UCfMoJSGIi
++3xJMkNCjL0XEw5NKVc5jRKkzSkN5j8KTM/k1jPPsDHPRYzbWWhnNtd6JlkCAwEA
+AaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0
+ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFP2WWMDShux3iF74+SoO1xf6qhqaMB8G
+A1UdIwQYMBaAFGjl6TRXbQDHzSlZu+e8VeBaZMB5MA0GCSqGSIb3DQEBBQUAA4IB
+AQAZ/imK7UMognXbs5RfSB8cMW6iNAI+JZqe9XWjvtmLfIIPbHM96o953SiFvrvQ
+BZjGmmPMK3UH29cjzDx1R/RQaYTyMrHyTePLh3BMd5mpJ/9eeJCSxPzE2ECqWRUa
+pkjukecFXqmRItwgTxSIUE9QkpzvuQRb268PwmgroE0mwtiREADnvTFkLkdiEMew
+fiYxZfJJLPBqwlkw/7f1SyzXoPXnz5QbNwDmrHelga6rKSprYKb3pueqaIe8j/AP
+NC1/bzp8cGOcJ88BD5+Ny6qgPVCrMLE5twQumJ12V3SvjGNtzFBvg2c/9S5OmVqR
+LlTxKnCrWAXftSm1rNtewTsF
+-----END CERTIFICATE-----
diff --git a/tests/data/sp11-multikey-saml2/certificate-after-rollover.pem b/tests/data/sp11-multikey-saml2/certificate-after-rollover.pem
new file mode 100644
index 00000000..9bdaf99d
--- /dev/null
+++ b/tests/data/sp11-multikey-saml2/certificate-after-rollover.pem
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDnjCCAoagAwIBAgIBATANBgkqhkiG9w0BAQUFADBUMQswCQYDVQQGEwJGUjEP
+MA0GA1UECBMGRnJhbmNlMQ4wDAYDVQQHEwVQYXJpczETMBEGA1UEChMKRW50cm91
+dmVydDEPMA0GA1UEAxMGRGFtaWVuMB4XDTA2MTAyNzA5MDc1NFoXDTExMTAyNjA5
+MDc1NFowVDELMAkGA1UEBhMCRlIxDzANBgNVBAgTBkZyYW5jZTEOMAwGA1UEBxMF
+UGFyaXMxEzARBgNVBAoTCkVudHJvdXZlcnQxDzANBgNVBAMTBkRhbWllbjCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM06Hx6VgHYR9wUf/tZVVTRkVWNq
+h9x+PvHA2qH4OYMuqGs4Af6lU2YsZvnrmRdcFWv0+UkdAgXhReCWAZgtB1pd/W9m
+6qDRldCCyysow6xPPKRz/pOTwRXm/fM0QGPeXzwzj34BXOIOuFu+n764vKn18d+u
+uVAEzk1576pxTp4pQPzJfdNLrLeQ8vyCshoFU+MYJtp1UA+h2JoO0Y8oGvywbUxH
+ioHN5PvnzObfAM4XaDQohmfxM9Uc7Wp4xKAc1nUq5hwBrHpjFMRSz6UCfMoJSGIi
++3xJMkNCjL0XEw5NKVc5jRKkzSkN5j8KTM/k1jPPsDHPRYzbWWhnNtd6JlkCAwEA
+AaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0
+ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFP2WWMDShux3iF74+SoO1xf6qhqaMB8G
+A1UdIwQYMBaAFGjl6TRXbQDHzSlZu+e8VeBaZMB5MA0GCSqGSIb3DQEBBQUAA4IB
+AQAZ/imK7UMognXbs5RfSB8cMW6iNAI+JZqe9XWjvtmLfIIPbHM96o953SiFvrvQ
+BZjGmmPMK3UH29cjzDx1R/RQaYTyMrHyTePLh3BMd5mpJ/9eeJCSxPzE2ECqWRUa
+pkjukecFXqmRItwgTxSIUE9QkpzvuQRb268PwmgroE0mwtiREADnvTFkLkdiEMew
+fiYxZfJJLPBqwlkw/7f1SyzXoPXnz5QbNwDmrHelga6rKSprYKb3pueqaIe8j/AP
+NC1/bzp8cGOcJ88BD5+Ny6qgPVCrMLE5twQumJ12V3SvjGNtzFBvg2c/9S5OmVqR
+LlTxKnCrWAXftSm1rNtewTsF
+-----END CERTIFICATE-----
diff --git a/tests/data/sp11-multikey-saml2/certificate-before-rollover.pem b/tests/data/sp11-multikey-saml2/certificate-before-rollover.pem
new file mode 100644
index 00000000..cb830e75
--- /dev/null
+++ b/tests/data/sp11-multikey-saml2/certificate-before-rollover.pem
@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICHjCCAYegAwIBAgIJAKCn8J6jYs6kMA0GCSqGSIb3DQEBBQUAMBUxEzARBgNV
+BAoTCkVudHJvdXZlcnQwHhcNMTEwMTE5MjAxNDE2WhcNMTEwMjE4MjAxNDE2WjAV
+MRMwEQYDVQQKEwpFbnRyb3V2ZXJ0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDGI2g/WLmdODxhiraxFklG09r6C/yjX06zTt1MapA5+eIcEg2Hp+elCwcCogL1
+ZK9/vYlU2yzIGgxV5mVVUybgdQuIvmEi8BlWM4HM5np97J/g6r41vG5auA4ve1Xp
+F11rVO9Ru1LIQwMaHXJVf0yojNLH6VOmJU3GDELjKB+VLwIDAQABo3YwdDAdBgNV
+HQ4EFgQUssAKE1M50yrgLpqoFzRbSOeZ41swRQYDVR0jBD4wPIAUssAKE1M50yrg
+LpqoFzRbSOeZ41uhGaQXMBUxEzARBgNVBAoTCkVudHJvdXZlcnSCCQCgp/Ceo2LO
+pDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBABPxbVQuuVzkfZFmeUJH
+S6WSvTKoEfJKXm7xLB9ChtPixZkPN6XXYaV0zx6cIwiUBi97ijcMU4W/+s5Xn4rB
+/HJ2UWPlObpjZOxdl1eGsrTw8l7LWPls1B0b0wYms32q6bDVwPWVlDqc5Z13b9M3
+8bNF5SUdZmcRJzk3LKXZ9nkA
+-----END CERTIFICATE-----
diff --git a/tests/data/sp11-multikey-saml2/metadata-after-rollover.xml b/tests/data/sp11-multikey-saml2/metadata-after-rollover.xml
new file mode 100644
index 00000000..3fe5f754
--- /dev/null
+++ b/tests/data/sp11-multikey-saml2/metadata-after-rollover.xml
@@ -0,0 +1,88 @@
+<?xml version="1.0"?>
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+ entityID="http://sp11/metadata">
+ <SPSSODescriptor
+ AuthnRequestsSigned="true"
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIICHjCCAYegAwIBAgIJAKCn8J6jYs6kMA0GCSqGSIb3DQEBBQUAMBUxEzARBgNV
+BAoTCkVudHJvdXZlcnQwHhcNMTEwMTE5MjAxNDE2WhcNMTEwMjE4MjAxNDE2WjAV
+MRMwEQYDVQQKEwpFbnRyb3V2ZXJ0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDGI2g/WLmdODxhiraxFklG09r6C/yjX06zTt1MapA5+eIcEg2Hp+elCwcCogL1
+ZK9/vYlU2yzIGgxV5mVVUybgdQuIvmEi8BlWM4HM5np97J/g6r41vG5auA4ve1Xp
+F11rVO9Ru1LIQwMaHXJVf0yojNLH6VOmJU3GDELjKB+VLwIDAQABo3YwdDAdBgNV
+HQ4EFgQUssAKE1M50yrgLpqoFzRbSOeZ41swRQYDVR0jBD4wPIAUssAKE1M50yrg
+LpqoFzRbSOeZ41uhGaQXMBUxEzARBgNVBAoTCkVudHJvdXZlcnSCCQCgp/Ceo2LO
+pDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBABPxbVQuuVzkfZFmeUJH
+S6WSvTKoEfJKXm7xLB9ChtPixZkPN6XXYaV0zx6cIwiUBi97ijcMU4W/+s5Xn4rB
+/HJ2UWPlObpjZOxdl1eGsrTw8l7LWPls1B0b0wYms32q6bDVwPWVlDqc5Z13b9M3
+8bNF5SUdZmcRJzk3LKXZ9nkA
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+<KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDnjCCAoagAwIBAgIBATANBgkqhkiG9w0BAQUFADBUMQswCQYDVQQGEwJGUjEP
+MA0GA1UECBMGRnJhbmNlMQ4wDAYDVQQHEwVQYXJpczETMBEGA1UEChMKRW50cm91
+dmVydDEPMA0GA1UEAxMGRGFtaWVuMB4XDTA2MTAyNzA5MDc1NFoXDTExMTAyNjA5
+MDc1NFowVDELMAkGA1UEBhMCRlIxDzANBgNVBAgTBkZyYW5jZTEOMAwGA1UEBxMF
+UGFyaXMxEzARBgNVBAoTCkVudHJvdXZlcnQxDzANBgNVBAMTBkRhbWllbjCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM06Hx6VgHYR9wUf/tZVVTRkVWNq
+h9x+PvHA2qH4OYMuqGs4Af6lU2YsZvnrmRdcFWv0+UkdAgXhReCWAZgtB1pd/W9m
+6qDRldCCyysow6xPPKRz/pOTwRXm/fM0QGPeXzwzj34BXOIOuFu+n764vKn18d+u
+uVAEzk1576pxTp4pQPzJfdNLrLeQ8vyCshoFU+MYJtp1UA+h2JoO0Y8oGvywbUxH
+ioHN5PvnzObfAM4XaDQohmfxM9Uc7Wp4xKAc1nUq5hwBrHpjFMRSz6UCfMoJSGIi
++3xJMkNCjL0XEw5NKVc5jRKkzSkN5j8KTM/k1jPPsDHPRYzbWWhnNtd6JlkCAwEA
+AaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0
+ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFP2WWMDShux3iF74+SoO1xf6qhqaMB8G
+A1UdIwQYMBaAFGjl6TRXbQDHzSlZu+e8VeBaZMB5MA0GCSqGSIb3DQEBBQUAA4IB
+AQAZ/imK7UMognXbs5RfSB8cMW6iNAI+JZqe9XWjvtmLfIIPbHM96o953SiFvrvQ
+BZjGmmPMK3UH29cjzDx1R/RQaYTyMrHyTePLh3BMd5mpJ/9eeJCSxPzE2ECqWRUa
+pkjukecFXqmRItwgTxSIUE9QkpzvuQRb268PwmgroE0mwtiREADnvTFkLkdiEMew
+fiYxZfJJLPBqwlkw/7f1SyzXoPXnz5QbNwDmrHelga6rKSprYKb3pueqaIe8j/AP
+NC1/bzp8cGOcJ88BD5+Ny6qgPVCrMLE5twQumJ12V3SvjGNtzFBvg2c/9S5OmVqR
+LlTxKnCrWAXftSm1rNtewTsF</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService isDefault="true" index="0"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="http://sp11/artifact" />
+ <SingleLogoutService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="http://sp11/singleLogoutSOAP" />
+ <SingleLogoutService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="http://sp11/singleLogout"
+ ResponseLocation="http://sp11/singleLogoutReturn" />
+ <ManageNameIDService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="http://sp11/manageNameIdSOAP" />
+ <ManageNameIDService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="http://sp11/manageNameId"
+ ResponseLocation="http://sp11/manageNameIdReturn" />
+ <AssertionConsumerService isDefault="true" index="0"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
+ Location="http://sp11/singleSignOnArtifact" />
+ <AssertionConsumerService index="1"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://sp11/singleSignOnPost" />
+ <AssertionConsumerService index="2"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS"
+ Location="http://sp11/singleSignOnSOAP" />
+ <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Example SAML 2.0 metadatas</OrganizationName>
+ </Organization>
+</EntityDescriptor>
diff --git a/tests/data/sp11-multikey-saml2/metadata-before-rollover.xml b/tests/data/sp11-multikey-saml2/metadata-before-rollover.xml
new file mode 100644
index 00000000..bfb91a5d
--- /dev/null
+++ b/tests/data/sp11-multikey-saml2/metadata-before-rollover.xml
@@ -0,0 +1,88 @@
+<?xml version="1.0"?>
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+ entityID="http://sp11/metadata">
+ <SPSSODescriptor
+ AuthnRequestsSigned="true"
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIICHjCCAYegAwIBAgIJAKCn8J6jYs6kMA0GCSqGSIb3DQEBBQUAMBUxEzARBgNV
+BAoTCkVudHJvdXZlcnQwHhcNMTEwMTE5MjAxNDE2WhcNMTEwMjE4MjAxNDE2WjAV
+MRMwEQYDVQQKEwpFbnRyb3V2ZXJ0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDGI2g/WLmdODxhiraxFklG09r6C/yjX06zTt1MapA5+eIcEg2Hp+elCwcCogL1
+ZK9/vYlU2yzIGgxV5mVVUybgdQuIvmEi8BlWM4HM5np97J/g6r41vG5auA4ve1Xp
+F11rVO9Ru1LIQwMaHXJVf0yojNLH6VOmJU3GDELjKB+VLwIDAQABo3YwdDAdBgNV
+HQ4EFgQUssAKE1M50yrgLpqoFzRbSOeZ41swRQYDVR0jBD4wPIAUssAKE1M50yrg
+LpqoFzRbSOeZ41uhGaQXMBUxEzARBgNVBAoTCkVudHJvdXZlcnSCCQCgp/Ceo2LO
+pDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBABPxbVQuuVzkfZFmeUJH
+S6WSvTKoEfJKXm7xLB9ChtPixZkPN6XXYaV0zx6cIwiUBi97ijcMU4W/+s5Xn4rB
+/HJ2UWPlObpjZOxdl1eGsrTw8l7LWPls1B0b0wYms32q6bDVwPWVlDqc5Z13b9M3
+8bNF5SUdZmcRJzk3LKXZ9nkA
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+<KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDnjCCAoagAwIBAgIBATANBgkqhkiG9w0BAQUFADBUMQswCQYDVQQGEwJGUjEP
+MA0GA1UECBMGRnJhbmNlMQ4wDAYDVQQHEwVQYXJpczETMBEGA1UEChMKRW50cm91
+dmVydDEPMA0GA1UEAxMGRGFtaWVuMB4XDTA2MTAyNzA5MDc1NFoXDTExMTAyNjA5
+MDc1NFowVDELMAkGA1UEBhMCRlIxDzANBgNVBAgTBkZyYW5jZTEOMAwGA1UEBxMF
+UGFyaXMxEzARBgNVBAoTCkVudHJvdXZlcnQxDzANBgNVBAMTBkRhbWllbjCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM06Hx6VgHYR9wUf/tZVVTRkVWNq
+h9x+PvHA2qH4OYMuqGs4Af6lU2YsZvnrmRdcFWv0+UkdAgXhReCWAZgtB1pd/W9m
+6qDRldCCyysow6xPPKRz/pOTwRXm/fM0QGPeXzwzj34BXOIOuFu+n764vKn18d+u
+uVAEzk1576pxTp4pQPzJfdNLrLeQ8vyCshoFU+MYJtp1UA+h2JoO0Y8oGvywbUxH
+ioHN5PvnzObfAM4XaDQohmfxM9Uc7Wp4xKAc1nUq5hwBrHpjFMRSz6UCfMoJSGIi
++3xJMkNCjL0XEw5NKVc5jRKkzSkN5j8KTM/k1jPPsDHPRYzbWWhnNtd6JlkCAwEA
+AaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0
+ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFP2WWMDShux3iF74+SoO1xf6qhqaMB8G
+A1UdIwQYMBaAFGjl6TRXbQDHzSlZu+e8VeBaZMB5MA0GCSqGSIb3DQEBBQUAA4IB
+AQAZ/imK7UMognXbs5RfSB8cMW6iNAI+JZqe9XWjvtmLfIIPbHM96o953SiFvrvQ
+BZjGmmPMK3UH29cjzDx1R/RQaYTyMrHyTePLh3BMd5mpJ/9eeJCSxPzE2ECqWRUa
+pkjukecFXqmRItwgTxSIUE9QkpzvuQRb268PwmgroE0mwtiREADnvTFkLkdiEMew
+fiYxZfJJLPBqwlkw/7f1SyzXoPXnz5QbNwDmrHelga6rKSprYKb3pueqaIe8j/AP
+NC1/bzp8cGOcJ88BD5+Ny6qgPVCrMLE5twQumJ12V3SvjGNtzFBvg2c/9S5OmVqR
+LlTxKnCrWAXftSm1rNtewTsF</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService isDefault="true" index="0"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="http://sp11/artifact" />
+ <SingleLogoutService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="http://sp11/singleLogoutSOAP" />
+ <SingleLogoutService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="http://sp11/singleLogout"
+ ResponseLocation="http://sp11/singleLogoutReturn" />
+ <ManageNameIDService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="http://sp11/manageNameIdSOAP" />
+ <ManageNameIDService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="http://sp11/manageNameId"
+ ResponseLocation="http://sp11/manageNameIdReturn" />
+ <AssertionConsumerService isDefault="true" index="0"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
+ Location="http://sp11/singleSignOnArtifact" />
+ <AssertionConsumerService index="1"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://sp11/singleSignOnPost" />
+ <AssertionConsumerService index="2"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS"
+ Location="http://sp11/singleSignOnSOAP" />
+ <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Example SAML 2.0 metadatas</OrganizationName>
+ </Organization>
+</EntityDescriptor>
diff --git a/tests/data/sp11-multikey-saml2/private-key-after-rollover.pem b/tests/data/sp11-multikey-saml2/private-key-after-rollover.pem
new file mode 100644
index 00000000..626e1fcc
--- /dev/null
+++ b/tests/data/sp11-multikey-saml2/private-key-after-rollover.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAzTofHpWAdhH3BR/+1lVVNGRVY2qH3H4+8cDaofg5gy6oazgB
+/qVTZixm+euZF1wVa/T5SR0CBeFF4JYBmC0HWl39b2bqoNGV0ILLKyjDrE88pHP+
+k5PBFeb98zRAY95fPDOPfgFc4g64W76fvri8qfXx3665UATOTXnvqnFOnilA/Ml9
+00ust5Dy/IKyGgVT4xgm2nVQD6HYmg7Rjyga/LBtTEeKgc3k++fM5t8AzhdoNCiG
+Z/Ez1RztanjEoBzWdSrmHAGsemMUxFLPpQJ8yglIYiL7fEkyQ0KMvRcTDk0pVzmN
+EqTNKQ3mPwpMz+TWM8+wMc9FjNtZaGc213omWQIDAQABAoIBAEPj5keHzWdBqiXX
+38WnlPgv+M9afndCjDANTEYoh14OIUjWzlIe/ufd6HLkrVA89hkwgQbewbyQOT2C
+YiSlQLl0PlKMCTIKIzVHD07HvXNTAwykEqNfTZChSYEa1/Ixre+MXvugF8nwdKxk
+8xN0qXTQF6OXeVYvQNAAdng743YON4ubqKlEezIwnfG/jcoZrGkiTpx+k1JXJsZN
+4dHKFP12RRhUTGjaOkBo41w8GNKQLFpy1vqAOYMyi1SJcrwpAu3H0iQug9SylQaM
+bFjt8j/m13gu3zXIJbi8xbyg3nqpxl9dxcZG/cDA9z2tLu/h3G3nPq7CXvkZxmjl
+ePvOCwECgYEA9zbwYMtd8tT3PHtrCtjwkfxV0dvMmfNw/rRT4ShWtKLmgX+K9nz/
+T4qpbehz4z7OvsLjQ6Bt6wjMNMw9SEBeEMyDVTpmzSD2PowARegmeLX4CsilqHHl
+/AMYUtywEQ2f65/CWPiMIt8mLnEyJ/dsyVLpuzGUNNt34Yaqpu2qXnUCgYEA1IUy
+PObmTh3I8ZyESyGhbu2TYs0A8Zy6eTIAv0ijOIpmUykzjE5pR9sB3nYEd4GTHPEv
+hF6SWfNIDDr83TqThJYzkFyXMCxiVLH55U42wlsvwp4jTnOI3K/7Y7U/lEmBlgcl
+JbIIv1t9okg3+Kuu4i7iB6JR89cSO/Wfcdu/c9UCgYAHE5eF7cxeqyH4pT/HK7aX
+NzXtr/EHZySQ5fCQvWrd+NvIUTJVI/ba/AklkEXg92dLpqCCyxDabYIK8N3AN7d5
+m6EWy3kt3geueqt3VNHlGrBi/qNfUwNWV3BWzuJrWox9XjFeAp9gUCrzoWHiKv7+
+NFVkemLXsICaABTaemsqEQKBgQDJJ4n1u1gieG7Kwqs1sg9rP9RRoFlUWFTogjvS
+0p4r1lQkQstX8qAUM2gBeROhSjRFIMUpNZqxKWT4rpzJibg3tzP3YKx6HIi2Qf+W
+3AFY1ZbPT397sj/JI4l/Rv93DFxr9TdkBq/g8GhqQpE3/sj5rgaj0zBe7SOFPWg+
+DRGaQQKBgEEcSF5KmpIHnhi3WlfGiEtx3kcD63orKME0YYA5BM6wnmRT4QiSw+qj
+i7ljrKGSbmdMFC3ArM42/k2lXYpVLsYWmyaRYSgbdowxLM1XxDJMFIPR2uG6N+vi
+HzWkRxi2SXKU42vfs5eA0itHvQP2DfUx8VuvtwVbOxDGgntYia70
+-----END RSA PRIVATE KEY-----
diff --git a/tests/data/sp11-multikey-saml2/private-key-before-rollover.pem b/tests/data/sp11-multikey-saml2/private-key-before-rollover.pem
new file mode 100644
index 00000000..ac7a9b59
--- /dev/null
+++ b/tests/data/sp11-multikey-saml2/private-key-before-rollover.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDGI2g/WLmdODxhiraxFklG09r6C/yjX06zTt1MapA5+eIcEg2H
+p+elCwcCogL1ZK9/vYlU2yzIGgxV5mVVUybgdQuIvmEi8BlWM4HM5np97J/g6r41
+vG5auA4ve1XpF11rVO9Ru1LIQwMaHXJVf0yojNLH6VOmJU3GDELjKB+VLwIDAQAB
+AoGAKqJ3zhmzZwcwxvRoN1bKUblIh0GJDUZ20tKHf+f2PONuKgggbS5OBA+JZKGj
+7VXLBbutD1tSGYSxXtKCv4dy97xDWlsWmc9AhWss0i7bYMQ+bps0buCtLclrBbOA
+5N9/NU1j2E+V7CStQ8C7P3DbEjYuwm9lB+A85HFaONXhT5ECQQDzAKw8j/+6M5Ib
+asuO+Vj7WIelVaXJ2pjLrf78pQInYt1elO/bqqi4AMJu953OIY7dlDKlu1BPd+9J
+5/lrw6q7AkEA0LxtXRfiJrcZdQf8X6Uq51hceQSbnkWB+d4CREMtAK2tpbsb/kJc
+INvG2ncVb0MUbv/6jrlHZf7/oua6PpbaHQJBANpHT2+zVd33dxXjr2gFeTWFh4sv
+TRXtovTKndJpkm64surD1FU4jgeCvySYjorbwA4vkfMnN/O6Yxq7ImP3xgMCQQDP
+TYOTxAd/CbNHrnGvj7qnXfMg4TmoG0H1pM49ezWzicl+YfBwOPmETKEWENSB1m3x
+u1nc6xeErZa280yeonTlAkAHzm/BUqAY8I1IMQMcNn4db9CJK3pRHRHjPxYMClWK
+TPsLK5iak13+EZ6r9Lej/i1J4cujVh7ijA7J9zH+01Ve
+-----END RSA PRIVATE KEY-----
generated by cgit (git 2.34.1) at 2026-01-07 21:50:41 +0000