Add test for #81

tests/SAML2/AssertionTest.php

@@ -879,6 +879,22 @@ public function testVerifySignedAssertionWrongKey()
  $assertion->validate($publicKey);
  }
 
+ /**
+ * Try to verify an assertion signed with RSA with a DSA public key.
+ * Must yield a signature validation exception.
+ */
+ public function testVerifySignedAssertionWrongKeyDSA()
+ {
+ $doc = new \DOMDocument();
+ $doc->load(__DIR__ . '/signedassertion.xml');
+
+ $publicKey = CertificatesMock::getPublicKeyDSAasRSA();
+
+ $assertion = new Assertion($doc->firstChild);
+ $this->setExpectedException('Exception', 'Unable to validate Signature');
+ $assertion->validate($publicKey);
+ }
+
  /**
  * Calling validate on an unsigned assertion must return
  * false, not an exception.

tests/SAML2/CertificatesMock.php

@@ -69,6 +69,28 @@ class CertificatesMock
 g6/ROR7vJgbSqrBLraXvl8HDUq5+lSF/II4LHVzNM8TpQlMY4ynRP6GEjcNUTH3I
 FKPQk+NwBYQqJ83Uil/36kbXsHQ81o/Vp6it7tlvLBOP1EN9jNGUXZuAqvFphNkw
 EJpABx1x4ukY8bZVl6QzQ79P48oGxOaIy27/g1FVkGqRtA4UPABcn0sJ
+-----END CERTIFICATE-----';
+
+ const PUBLIC_KEY_DSA_PEM = '-----BEGIN CERTIFICATE-----
+MIIDXTCCAxqgAwIBAgIJAO/P24rWSVJKMAsGCWCGSAFlAwQDAjBmMQswCQYDVQQG
+EwJOTDEQMA4GA1UECAwHVXRyZWNodDEQMA4GA1UEBwwHVXRyZWNodDEQMA4GA1UE
+CgwHU1VSRm5ldDEhMB8GA1UEAwwYQ2VydGlmaWNhdGUgd2l0aCBEU0Ega2V5MB4X
+DTE2MTEyOTE1MzU0MloXDTE2MTIyOTE1MzU0MlowZjELMAkGA1UEBhMCTkwxEDAO
+BgNVBAgMB1V0cmVjaHQxEDAOBgNVBAcMB1V0cmVjaHQxEDAOBgNVBAoMB1NVUkZu
+ZXQxITAfBgNVBAMMGENlcnRpZmljYXRlIHdpdGggRFNBIGtleTCCAbcwggEsBgcq
+hkjOOAQBMIIBHwKBgQDymea94rRzJ9Xtj7EoaXuYH8X9a2E0Ei8wfx+9lZK5C8Fm
+5wgTYeTGXV45Tf4VZ+eqz6sU4XQC6ehVIlxdO9PvodYgQdB3aGlDW9mhcVM/kL9v
+AIRgLMHMwyph6FDWD/uKyw6hH4A7XKer09SIfmqwhUqg27Xm5pKVH3kYOUGsBwIV
+ANooxK2eY8ojkNRjxebok0tbKD/tAoGBAMQawu3dHEDtKzYuGrSD9NxGLRB5NI0k
+h4qvliwD6ur2IDrrnxmN/VY0QqwOT6AWChiIur5glBP7zlG2GBR03FrMaJRF727r
+ExSzWETQKKgXx9vQpw6jcwIiHoQhullzjLr8qFQsOsNRnXeKmSvZxEJKRKhAUSAu
+0yEnLkJc4F44A4GEAAKBgF6rEBWslH8aV/iM07JjC+kcLPcG5Yp619KLcSfWt030
+CU2A8azmtNeQZ1FB/sg2PjciQ8qgcxFXBRHkUS/173WXb+6dDTuFBxwTYBVJM+ZD
+Zmm5GEXjGbZN2tV0s1ULp+plbOwROLC8F5oyZE2fvTAvqZ9XHeWIZkgyoVwSuvXO
+o1AwTjAdBgNVHQ4EFgQUC12Td80rgZbLXfvMefDul5w/S/YwHwYDVR0jBBgwFoAU
+C12Td80rgZbLXfvMefDul5w/S/YwDAYDVR0TBAUwAwEB/zALBglghkgBZQMEAwID
+MAAwLQIUKvKKf7u2pLv5JAsc5E5QOpZ9JWoCFQCVymKmF6aYAOJxuSlUj+vF1n6p
+UQ==
 -----END CERTIFICATE-----';
 
  /**
@@ -102,6 +124,17 @@ public static function getPublicKey2()
  }
 
 
+ /**
+ * @return XMLSecurityKey
+ */
+ public static function getPublicKey3()
+ {
+ $publicKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type'=>'public'));
+ $publicKey->loadKey(self::PUBLIC_KEY_3_PEM);
+ return $publicKey;
+ }
+
+
  /**
  * @return XMLSecurityKey
  */
@@ -122,6 +155,17 @@ public static function getPublicKey2Sha1()
  return $publicKey;
  }
 
+ /**
+ * Load a X.509 certificate with a DSA public key as RSA key
+ * @return XMLSecurityKey
+ */
+ public static function getPublicKeyDSAasRSA()
+ {
+ $publicKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type'=>'public'));
+ $publicKey->loadKey(self::PUBLIC_KEY_DSA_PEM);
+ return $publicKey;
+ }
+
  public static function getPlainPublicKey()
  {
  return self::PUBLIC_KEY_PEM;