Make the tests xmlsec version dependent

2010-12-09 09:53:33 +01:00
parent 28f633b0a1
commit 87ec760733
3 changed files with 47 additions and 27 deletions
--- a/tests/test_40_sigver.py
+++ b/tests/test_40_sigver.py
@@ -8,6 +8,8 @@ from saml2 import class_name
 from saml2 import time_util
 from saml2 import saml, samlp
 from saml2.s_utils import factory, do_attribute_statement
+from saml2.sigver import xmlsec_version, get_xmlsec_binary
+
 import xmldsig as ds
 from py.test import raises

@@ -22,19 +24,30 @@ PRIV_KEY = "test.key"
 def _eq(l1,l2):
    return set(l1) == set(l2)

-SIGNED_VALUE= """imvo3quPyMND8yCv8D3LNCbeiG98hKl+F5VekEY5N7EEBoq7S3A7mArz4yZUVJVw
-1migufgOZEiZX80vzR0lwfjAEjwRp+NjKRvOcWHfIgjz+dG8q9n4LcI5YmsjveLa
-+iNTujev1PYA+UWf57S5mqGFoi0KaS8Xnp0FG1olAZ0="""
-
-DIGEST_VALUE = "0+0Td5mWbs+CF7xZeYSlcQ/pjKw="
-
-def get_xmlsec():
-    for path in os.environ["PATH"].split(":"):
-        fil = os.path.join(path, "xmlsec1")
-        if os.access(fil,os.X_OK):
-            return fil
-
-    raise Exception("Can't find xmlsec1")
+SIGNATURE_DIGEST = {
+    "1.2.14": [(
+        "kMuyOK17nyp4CbA1v7KE32rX4+NQQ8EvdglTK61uIMEo3ax0PgFU7bgZGey+Aj8H\nhTPVyAzWmBDxHpSCFe050PTtNoKHx7nXprLfhuQXsPq8s0KBoZR+2qYfVCkWYVX7\nT3zG/Tn+fesBA1zLo4lYdAovol7C35KAsAWoknmZdOE=",
+        "SXw3kqTf+PtTiUnI8nQ6xmrM3qw="),
+        (
+        "upeKPE1pkzXLy9BvKFOSTnjn4du59lQQ74TN5CqDGae9D21uY/zLuOWql7LiSTSi\nC945F0WrOvG7s0eZnpuNPZobdfdeCOffCMMrq5RQ2+abPFBamkjmceuEKGdO5PWQ\nt7B1GkzXAMMgeMuU+YmvIJkHbbv5Yn6M0/ICE/COaKQ=",
+        "uX92C/YDroqITDfDY1IeekGtZac="),
+        (
+        "xHECLk1jj4NBvk1jhGrb2mwnrLFKXk6JN3NogjMVMtnnarg9vtk7jYzy1M9RPWdj\nRSa2Jph7yVZJENm4bGuBkT91w+FYm2X4jREULPUsnupPHTQyhJEVZ07EhnluOWa3\n95KkqnZ5gbnTxn1ZvpsANzThLmYY3eSGzNXz+S7758M=",
+        "l36wHa6Lyed9ZeAZ3jFL77wPVQ4="
+        )
+    ],
+    "":[
+        (
+        "imvo3quPyMND8yCv8D3LNCbeiG98hKl+F5VekEY5N7EEBoq7S3A7mArz4yZUVJVw\n1migufgOZEiZX80vzR0lwfjAEjwRp+NjKRvOcWHfIgjz+dG8q9n4LcI5YmsjveLa\n+iNTujev1PYA+UWf57S5mqGFoi0KaS8Xnp0FG1olAZ0=",
+        "0+0Td5mWbs+CF7xZeYSlcQ/pjKw="),
+        (
+        "NEoJEpCLRi35e+cK8fwInrThausuD3xNlKZFhZda6qS8GU93s8J3sKLpd5BwB9my\nesHX38c9WhQkXeuQu6O75hMwLWb7496vG+QcodaWvLJ8u/Cgp2XdQopkNWLOqLJC\n7XyLa0fEDhPY/kvX88kx9xBnA/VhIYVjQtNrTD9M5Q8=",
+        "gqe292uV8r7LfSomiMh9VS9wYZw="),
+        (
+        "DS5V623NrKCXmBjzCgVDUkPXSg8kMezZIeEqg8RC6Q/0/vjoBgZDt1hMvOmOX4Vf\nA1ckqeEEHnsqegjBRUUiV41SALJmKSVvUG5V29ZonGK4EXtdC5dxRPa/2tqN1i8N\nwtTlD7DE/YLAPIM5nhL8qHKKovQvwypZmC2YVmKIuQ0=",
+        "h6o97FThq9XqEzw+njeKjH45QgM="),
+    ]
+}

 CERT1 = """MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
 BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
@@ -92,9 +105,12 @@ def test_cert_from_instance_ssp():
    
 class TestSecurity():
    def setup_class(self):
-        self.sec = sigver.SecurityContext(get_xmlsec(), PRIV_KEY, "pem",
+        xmlexec = get_xmlsec_binary()
+        self.sec = sigver.SecurityContext(xmlexec, PRIV_KEY, "pem",
                                            PUB_KEY, "pem", debug=1)
        
+        self.sign_digest = SIGNATURE_DIGEST[xmlsec_version(xmlexec)]
+        
        self._assertion = factory( saml.Assertion,
            version="2.0",
            id="11111",
@@ -135,10 +151,10 @@ class TestSecurity():
        assert sass.id == "11111"
        assert time_util.str_to_time(sass.issue_instant)
        sig = sass.signature
-        assert sig.signature_value.text == SIGNED_VALUE
+        assert sig.signature_value.text == self.sign_digest[0][0]
        assert len(sig.signed_info.reference) == 1
        assert sig.signed_info.reference[0].digest_value
-        assert sig.signed_info.reference[0].digest_value.text == DIGEST_VALUE
+        assert sig.signed_info.reference[0].digest_value.text == self.sign_digest[0][1]
        
    def test_sign_response(self):
        response = factory(samlp.Response,
@@ -162,12 +178,12 @@ class TestSecurity():
        assert sass.id == "11111"
        assert time_util.str_to_time(sass.issue_instant)
        sig = sass.signature
-        assert sig.signature_value.text == """NEoJEpCLRi35e+cK8fwInrThausuD3xNlKZFhZda6qS8GU93s8J3sKLpd5BwB9my\nesHX38c9WhQkXeuQu6O75hMwLWb7496vG+QcodaWvLJ8u/Cgp2XdQopkNWLOqLJC\n7XyLa0fEDhPY/kvX88kx9xBnA/VhIYVjQtNrTD9M5Q8="""
+        assert sig.signature_value.text == self.sign_digest[1][0]
        
        assert len(sig.signed_info.reference) == 1
        assert sig.signed_info.reference[0].digest_value
        digest = sig.signed_info.reference[0].digest_value.text
-        assert digest == "gqe292uV8r7LfSomiMh9VS9wYZw="
+        assert digest == self.sign_digest[1][1]

    def test_sign_response_2(self):
        assertion2 = factory( saml.Assertion,
@@ -202,12 +218,12 @@ class TestSecurity():
        assert sass.id == "11122"
        assert time_util.str_to_time(sass.issue_instant)
        sig = sass.signature
-        assert sig.signature_value.text == "DS5V623NrKCXmBjzCgVDUkPXSg8kMezZIeEqg8RC6Q/0/vjoBgZDt1hMvOmOX4Vf\nA1ckqeEEHnsqegjBRUUiV41SALJmKSVvUG5V29ZonGK4EXtdC5dxRPa/2tqN1i8N\nwtTlD7DE/YLAPIM5nhL8qHKKovQvwypZmC2YVmKIuQ0="
+        assert sig.signature_value.text == self.sign_digest[2][0]
        
        assert len(sig.signed_info.reference) == 1
        assert sig.signed_info.reference[0].digest_value
        digest = sig.signed_info.reference[0].digest_value.text
-        assert digest == "h6o97FThq9XqEzw+njeKjH45QgM="
+        assert digest == self.sign_digest[2][1]

    def test_sign_verify(self):        
        response = factory(samlp.Response,
--- a/tests/test_43_soap.py
+++ b/tests/test_43_soap.py
@@ -56,6 +56,5 @@ def test_make_soap_envelope():
    request.become_child_element_of(body)
    
    string = ElementTree.tostring(envelope, encoding="UTF-8")
-    result = """<?xml version='1.0' encoding='UTF-8'?>
-<ns0:Envelope xmlns:ns0="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="urn:oasis:names:tc:SAML:2.0:protocol"><ns0:Body><ns1:AuthnRequest /></ns0:Body></ns0:Envelope>"""
+    result = """<?xml version=\'1.0\' encoding=\'UTF-8\'?>\n<ns0:Envelope xmlns:ns0="http://schemas.xmlsoap.org/soap/envelope/"><ns0:Body><ns1:AuthnRequest xmlns:ns1="urn:oasis:names:tc:SAML:2.0:protocol" /></ns0:Body></ns0:Envelope>"""
    assert string == result
--- a/tests/test_51_client.py
+++ b/tests/test_51_client.py
@@ -12,6 +12,7 @@ from saml2 import saml, s_utils, config, class_name
 from saml2.server import Server
 from saml2.s_utils import decode_base64_and_inflate
 from saml2.time_util import in_a_while
+from saml2.sigver import xmlsec_version

 from py.test import raises

@@ -48,9 +49,11 @@ def _leq(l1, l2):
 #     print name_id
 #     assert False

-REQ1 = """<?xml version='1.0' encoding='UTF-8'?>
-<ns0:AttributeQuery xmlns:ns0="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion" Destination="https://idp.example.com/idp/" ID="id1" IssueInstant="%s" Version="2.0"><ns1:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">urn:mace:example.com:saml:roland:sp</ns1:Issuer><ns1:Subject><ns1:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">E8042FB4-4D5B-48C3-8E14-8EDD852790DD</ns1:NameID></ns1:Subject></ns0:AttributeQuery>"""
-    
+REQ1 = { "1.2.14": """<?xml version='1.0' encoding='UTF-8'?>
+<ns0:AttributeQuery Destination="https://idp.example.com/idp/" ID="id1" IssueInstant="%s" Version="2.0" xmlns:ns0="urn:oasis:names:tc:SAML:2.0:protocol"><ns1:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion">urn:mace:example.com:saml:roland:sp</ns1:Issuer><ns1:Subject xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion"><ns1:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">E8042FB4-4D5B-48C3-8E14-8EDD852790DD</ns1:NameID></ns1:Subject></ns0:AttributeQuery>""",
+    "":"""<?xml version='1.0' encoding='UTF-8'?>
+<ns0:AttributeQuery xmlns:ns0="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion" Destination="https://idp.example.com/idp/" ID="id1" IssueInstant="%s" Version="2.0"><ns1:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">urn:mace:example.com:saml:roland:sp</ns1:Issuer><ns1:Subject><ns1:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">E8042FB4-4D5B-48C3-8E14-8EDD852790DD</ns1:NameID></ns1:Subject></ns0:AttributeQuery>"""}
+
 class TestClient:
    def setup_class(self):
        self.server = Server("idp.config")
@@ -69,9 +72,11 @@ class TestClient:
            self.client.issuer(),
            nameid_format=saml.NAMEID_FORMAT_PERSISTENT)
        reqstr = "%s" % req.to_string()
+        xmlsec_vers = xmlsec_version(self.client.config["xmlsec_binary"])
+        print "XMLSEC version: %s" % xmlsec_vers
        print reqstr
-        print REQ1 % req.issue_instant
-        assert reqstr == REQ1 % req.issue_instant
+        print REQ1[xmlsec_vers] % req.issue_instant
+        assert reqstr == REQ1[xmlsec_vers] % req.issue_instant
        assert req.destination == "https://idp.example.com/idp/"
        assert req.id == "id1"
        assert req.version == "2.0"