Fix key usage in SamlAuthenticatorTests (#57124) (#57129)

In #51089 where SamlAuthenticatorTests were refactored, we missed
to update one test case which meant that a single key would be
used both for signing and encryption in the same run. As explained
in #51089, and due to FIPS 140 requirements, BouncyCastle FIPS
provider will block RSA keys that have been used for signing from
being used for encryption and vice versa

This commit changes testNoAttributesReturnedWhenTheyCannotBeDecrypted
to always use the specific keys we have added for encryption.
This commit is contained in:
Ioannis Kakavas 2020-05-26 10:51:47 +03:00 committed by GitHub
parent 52443d41cf
commit 1e03de4999
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions

View File

@ -403,7 +403,7 @@ public class SamlAuthenticatorTests extends SamlTestCase {
final String xml = getSimpleResponseAsString(now); final String xml = getSimpleResponseAsString(now);
// Encrypting with different cert instead of sp cert will mean that the SP cannot decrypt // Encrypting with different cert instead of sp cert will mean that the SP cannot decrypt
final Response encrypted = encryptAttributes(xml, readKeyPair("RSA_4096_updated")); final Response encrypted = encryptAttributes(xml, readKeyPair("ENCRYPTION_RSA_4096_updated"));
final String encryptedString = SamlUtils.getXmlContent(encrypted, false); final String encryptedString = SamlUtils.getXmlContent(encrypted, false);
assertThat(encryptedString, not(equalTo(xml))); assertThat(encryptedString, not(equalTo(xml)));