Exemple #1
0
func (s *ServiceProviderSettings) Init() (err error) {
	if s.hasInit {
		return nil
	}
	s.hasInit = true

	if s.SPSignRequest {
		s.publicCert, err = util.LoadCertificate(s.PublicCertPath)
		if err != nil {
			panic(err)
		}

		s.privateKey, err = util.LoadCertificate(s.PrivateKeyPath)
		if err != nil {
			panic(err)
		}
	}

	//support for a IDP cert or a PEM encoded public key
	if s.IDPPublicCertPath != "" {
		s.iDPPublicCert, err = util.LoadCertificate(s.IDPPublicCertPath)
		if err != nil {
			panic(err)
		}
	}

	return nil
}
Exemple #2
0
func TestResponseSignatureVerificationWithPubKeyPem(t *testing.T) {
	assert := assert.New(t)
	cert, err := util.LoadCertificate("./default.crt")
	assert.NoError(err)

	// Construct an AuthnRequest
	response := NewSignedResponse()
	response.Signature.KeyInfo.X509Data.X509Certificate.Cert = cert

	b, err := xml.MarshalIndent(response, "", "    ")
	assert.NoError(err)
	xmlResponse := string(b)

	signedXml, err := SignResponse(xmlResponse, "./default.key")
	assert.NoError(err)
	assert.NotEmpty(signedXml)

	sp := ServiceProviderSettings{
		IDPPublicCertPath: "./pubkey.pem",
		XmlSecVerifyFlag:  "--pubkey-pem",
	}

	err = VerifyResponseSignatureWithSettings(signedXml, &sp)
	assert.NoError(err)
}
Exemple #3
0
func TestResponse(t *testing.T) {
	assert := assert.New(t)
	cert, err := util.LoadCertificate("./default.crt")
	assert.NoError(err)

	// Construct an AuthnRequest
	response := NewSignedResponse()
	response.Signature.KeyInfo.X509Data.X509Certificate.Cert = cert

	b, err := xml.MarshalIndent(response, "", "    ")
	assert.NoError(err)
	xmlResponse := string(b)

	signedXml, err := SignResponse(xmlResponse, "./default.key")
	assert.NoError(err)
	assert.NotEmpty(signedXml)

	err = VerifyRequestSignature(signedXml, "./default.crt")
	assert.NoError(err)
}