Core: Finish support for all XMLDsig key formats

 * lasso/xml/tools.c:
   xmlsec is not able to load a certificate public key without checking
   it against trusted root certificate, so we must work around and load
   the key by hand.
   lasso_xmlsec_load_private_key_from_buffer is made more robust in the
   same (loading of the key was extracted inside
   _lasso_xmlsec_load_key_from_buffer) and now can load certificates and
   keys directly embedded inside KeyValue nodes (in total opposition to
   the XMLDsig specification but...), with or without PEM headers.
 * tests/metadata/Makefile.am tests/metadata/metadata_06.xml
   tests/metadata_tests.c:
   add test case for RSAKeyValue public keys.

2 files changed, 25 insertions, 1 deletions

diff --git a/tests/metadata/Makefile.am b/tests/metadata/Makefile.am
index 40d4798b..956054a0 100644
--- a/tests/metadata/Makefile.am
+++ b/tests/metadata/Makefile.am
@@ -4,4 +4,5 @@ EXTRA_DIST = \
 	metadata_02.xml \
 	metadata_03.xml \
 	metadata_04.xml \
-	metadata_05.xml
+	metadata_05.xml \
+	metadata_06.xml
diff --git a/tests/metadata/metadata_06.xml b/tests/metadata/metadata_06.xml
new file mode 100644
index 00000000..bce00184
--- /dev/null
+++ b/tests/metadata/metadata_06.xml
@@ -0,0 +1,23 @@
+<?xml version="1.0"?>
+<EntityDescriptor
+    providerID="http://test.local/liberty/metadata"
+    xmlns="urn:liberty:metadata:2003-08">
+
+<SPDescriptor protocolSupportEnumeration="urn:liberty:iff:2003-08">
+
+  <KeyDescriptor use="signing">
+    <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+      <ds:KeyValue>
+       <ds:RSAKeyValue>
+          <ds:Modulus>xA7SEU+e0yQH5rm9kbCDN9o3aPIo7HbP7tX6WOocLZAtNfyxSZDU16ksL6W
+jubafOqNEpcwR3RdFsT7bCqnXPBe5ELh5u4VEy19MzxkXRgrMvavzyBpVRgBUwUlV
+5foK5hhmbktQhyNdy/6LpQRhDUDsTvK+g9Ucj47es9AQJ3U=
+          </ds:Modulus>
+          <ds:Exponent>AQAB</ds:Exponent>
+       </ds:RSAKeyValue>
+      </ds:KeyValue>
+    </ds:KeyInfo>
+  </KeyDescriptor>
+
+</SPDescriptor>
+</EntityDescriptor>