Example #1
0
        public void TestAssertionEncryption()
        {
            Saml20EncryptedAssertion encryptedAssertion = new Saml20EncryptedAssertion();

            encryptedAssertion.Assertion = AssertionUtil.GetTestAssertion_01();

            X509Certificate2 cert = new X509Certificate2(@"Saml20\Certificates\sts_dev_certificate.pfx", "test1234");

            encryptedAssertion.TransportKey = (RSA)cert.PublicKey.Key;

            encryptedAssertion.Encrypt();

            XmlDocument encryptedAssertionXML = encryptedAssertion.GetXml();

            Assert.IsNotNull(encryptedAssertionXML);

            // A number of simple tests until we get some better way to verify the generated encrypted assertion.
            XmlNodeList list;

            list = encryptedAssertionXML.GetElementsByTagName(EncryptedAssertion.ELEMENT_NAME, Saml20Constants.ASSERTION);
            Assert.AreEqual(1, list.Count);

            list = encryptedAssertionXML.GetElementsByTagName(dk.nita.saml20.Schema.XEnc.EncryptedKey.ELEMENT_NAME, Saml20Constants.XENC);
            Assert.AreEqual(1, list.Count);
        }
Example #2
0
        public void TestAlgorithmConfiguration_02()
        {
            Saml20EncryptedAssertion encryptedAssertion = new Saml20EncryptedAssertion();

            encryptedAssertion.SessionKeyAlgorithm = EncryptedXml.XmlEncAES128Url;
            encryptedAssertion.Assertion           = AssertionUtil.GetTestAssertion_01();

            X509Certificate2 cert = new X509Certificate2(@"Saml20\Certificates\sts_dev_certificate.pfx", "test1234");

            encryptedAssertion.TransportKey = (RSA)cert.PublicKey.Key;

            encryptedAssertion.Encrypt();
            XmlDocument encryptedAssertionXML = encryptedAssertion.GetXml();

            Assert.IsNotNull(encryptedAssertionXML);

            // Verify that the EncryptionMethod element is set correctly.
            XmlNodeList list =
                encryptedAssertionXML.GetElementsByTagName(dk.nita.saml20.Schema.XEnc.EncryptedData.ELEMENT_NAME,
                                                           Saml20Constants.XENC);

            Assert.AreEqual(1, list.Count);
            XmlElement el = (XmlElement)list[0];

            // Go through the children and look for the EncryptionMethod element, and verify its algorithm attribute.
            bool encryptionMethodFound = false;

            foreach (XmlNode node in el.ChildNodes)
            {
                if (node.LocalName == dk.nita.saml20.Schema.XEnc.EncryptionMethod.ELEMENT_NAME &&
                    node.NamespaceURI == Saml20Constants.XENC)
                {
                    el = (XmlElement)node;
                    Assert.AreEqual(EncryptedXml.XmlEncAES128Url, el.GetAttribute("Algorithm"));
                    encryptionMethodFound = true;
                }
            }
            Assert.That(encryptionMethodFound, "Unable to find EncryptionMethod element in EncryptedData.");

            // Now decrypt the assertion, and verify that it recognizes the Algorithm used.
            Saml20EncryptedAssertion decrypter = new Saml20EncryptedAssertion((RSA)cert.PrivateKey);

            Assert.IsNull(decrypter.Assertion);
            decrypter.LoadXml(encryptedAssertionXML.DocumentElement);
            // Set a wrong algorithm and make sure that the class gets it algorithm info from the assertion itself.
            decrypter.SessionKeyAlgorithm = EncryptedXml.XmlEncTripleDESUrl;
            decrypter.Decrypt();
            // Verify that the class has discovered the correct algorithm and set the SessionKeyAlgorithm property accordingly.
            Assert.AreEqual(EncryptedXml.XmlEncAES128Url, decrypter.SessionKeyAlgorithm);
            Assert.IsNotNull(decrypter.Assertion);
        }
        public void CanEncryptAssertionFull()
        {
            // Arrange
            var encryptedAssertion = new Saml20EncryptedAssertion
            {
                SessionKeyAlgorithm = EncryptedXml.XmlEncAES128Url,
                Assertion           = AssertionUtil.GetTestAssertion()
            };

            var cert = new X509Certificate2(TestContext.CurrentContext.TestDirectory + @"\Certificates\sts_dev_certificate.pfx", "test1234");

            encryptedAssertion.TransportKey = (RSA)cert.PublicKey.Key;

            // Act
            encryptedAssertion.Encrypt();
            var encryptedAssertionXml = encryptedAssertion.GetXml();

            // Now decrypt the assertion, and verify that it recognizes the Algorithm used.
            var decrypter = new Saml20EncryptedAssertion((RSA)cert.PrivateKey);

            decrypter.LoadXml(encryptedAssertionXml.DocumentElement);

            // Set a wrong algorithm and make sure that the class gets it algorithm info from the assertion itself.
            decrypter.SessionKeyAlgorithm = EncryptedXml.XmlEncTripleDESUrl;
            decrypter.Decrypt();

            // Assert
            // Go through the children and look for the EncryptionMethod element, and verify its algorithm attribute.
            var encryptionMethodFound = false;

            foreach (XmlNode node in encryptedAssertionXml.GetElementsByTagName(Schema.XEnc.EncryptedData.ElementName, Saml20Constants.Xenc)[0].ChildNodes)
            {
                if (node.LocalName == Schema.XEnc.EncryptionMethod.ElementName && node.NamespaceURI == Saml20Constants.Xenc)
                {
                    var element = (XmlElement)node;
                    Assert.AreEqual(EncryptedXml.XmlEncAES128Url, element.GetAttribute("Algorithm"));
                    encryptionMethodFound = true;
                }
            }

            Assert.That(encryptionMethodFound, "Unable to find EncryptionMethod element in EncryptedData.");

            // Verify that the class has discovered the correct algorithm and set the SessionKeyAlgorithm property accordingly.
            Assert.AreEqual(EncryptedXml.XmlEncAES128Url, decrypter.SessionKeyAlgorithm);
            Assert.IsNotNull(decrypter.Assertion);
        }
            public void CanEncryptAssertion()
            {
                // Arrange
                var encryptedAssertion = new Saml20EncryptedAssertion {
                    Assertion = AssertionUtil.GetTestAssertion()
                };

                encryptedAssertion.TransportKey = (RSA)_context.Sts_Dev_cetificate.PublicKey.Key;

                // Act
                encryptedAssertion.Encrypt();
                var encryptedAssertionXml = encryptedAssertion.GetXml();

                // Assert
                Assert.NotNull(encryptedAssertionXml);
                Assert.Equal(1, encryptedAssertionXml.GetElementsByTagName(EncryptedAssertion.ElementName, Saml20Constants.Assertion).Count);
                Assert.Equal(1, encryptedAssertionXml.GetElementsByTagName(Schema.XEnc.EncryptedKey.ElementName, Saml20Constants.Xenc).Count);
            }
            public void CanEncryptAssertion()
            {
                // Arrange
                var encryptedAssertion = new Saml20EncryptedAssertion {
                    Assertion = AssertionUtil.GetTestAssertion()
                };
                var cert = new X509Certificate2(TestContext.CurrentContext.TestDirectory + @"\Certificates\sts_dev_certificate.pfx", "test1234");

                encryptedAssertion.TransportKey = (RSA)cert.PublicKey.Key;

                // Act
                encryptedAssertion.Encrypt();
                var encryptedAssertionXml = encryptedAssertion.GetXml();

                // Assert
                Assert.IsNotNull(encryptedAssertionXml);
                Assert.AreEqual(1, encryptedAssertionXml.GetElementsByTagName(EncryptedAssertion.ElementName, Saml20Constants.Assertion).Count);
                Assert.AreEqual(1, encryptedAssertionXml.GetElementsByTagName(Schema.XEnc.EncryptedKey.ElementName, Saml20Constants.Xenc).Count);
            }
        public void CanEncryptAssertionFull()
        {
            // Arrange
            var encryptedAssertion = new Saml20EncryptedAssertion
                                         {
                                             SessionKeyAlgorithm = EncryptedXml.XmlEncAES128Url,
                                             Assertion = AssertionUtil.GetTestAssertion()
                                         };

            var cert = new X509Certificate2(@"Certificates\sts_dev_certificate.pfx", "test1234");
            encryptedAssertion.TransportKey = (RSA)cert.PublicKey.Key;

            // Act
            encryptedAssertion.Encrypt();
            var encryptedAssertionXml = encryptedAssertion.GetXml();

            // Now decrypt the assertion, and verify that it recognizes the Algorithm used.
            var decrypter = new Saml20EncryptedAssertion((RSA)cert.PrivateKey);
            decrypter.LoadXml(encryptedAssertionXml.DocumentElement);

            // Set a wrong algorithm and make sure that the class gets it algorithm info from the assertion itself.
            decrypter.SessionKeyAlgorithm = EncryptedXml.XmlEncTripleDESUrl;
            decrypter.Decrypt();

            // Assert
            // Go through the children and look for the EncryptionMethod element, and verify its algorithm attribute.
            var encryptionMethodFound = false;
            foreach (XmlNode node in encryptedAssertionXml.GetElementsByTagName(Schema.XEnc.EncryptedData.ElementName, Saml20Constants.Xenc)[0].ChildNodes)
            {
                if (node.LocalName == Schema.XEnc.EncryptionMethod.ElementName && node.NamespaceURI == Saml20Constants.Xenc)
                {
                    var element = (XmlElement)node;
                    Assert.AreEqual(EncryptedXml.XmlEncAES128Url, element.GetAttribute("Algorithm"));
                    encryptionMethodFound = true;
                }
            }

            Assert.That(encryptionMethodFound, "Unable to find EncryptionMethod element in EncryptedData.");

            // Verify that the class has discovered the correct algorithm and set the SessionKeyAlgorithm property accordingly.
            Assert.AreEqual(EncryptedXml.XmlEncAES128Url, decrypter.SessionKeyAlgorithm);
            Assert.IsNotNull(decrypter.Assertion);
        }
            public void CanEncryptAssertion()
            {
                // Arrange
                var encryptedAssertion = new Saml20EncryptedAssertion { Assertion = AssertionUtil.GetTestAssertion() };
                var cert = new X509Certificate2(@"Certificates\sts_dev_certificate.pfx", "test1234");
                encryptedAssertion.TransportKey = (RSA)cert.PublicKey.Key;

                // Act
                encryptedAssertion.Encrypt();
                var encryptedAssertionXml = encryptedAssertion.GetXml();

                // Assert
                Assert.IsNotNull(encryptedAssertionXml);
                Assert.AreEqual(1, encryptedAssertionXml.GetElementsByTagName(EncryptedAssertion.ElementName, Saml20Constants.Assertion).Count);
                Assert.AreEqual(1, encryptedAssertionXml.GetElementsByTagName(Schema.XEnc.EncryptedKey.ElementName, Saml20Constants.Xenc).Count);
            }