Improve unit test

tests/XML/EncryptedCustomTest.php

@@ -10,10 +10,12 @@
 use SimpleSAML\XML\DOMDocumentFactory;
 use SimpleSAML\XMLSecurity\Alg\Encryption\EncryptionAlgorithmFactory;
 use SimpleSAML\XMLSecurity\Alg\KeyTransport\KeyTransportAlgorithmFactory;
+use SimpleSAML\XMLSecurity\Alg\Signature\SignatureAlgorithmFactory;
 use SimpleSAML\XMLSecurity\Constants as C;
 use SimpleSAML\XMLSecurity\Key\PrivateKey;
 use SimpleSAML\XMLSecurity\Key\PublicKey;
 use SimpleSAML\XMLSecurity\Key\SymmetricKey;
+use SimpleSAML\XMLSecurity\Test\XML\CustomSigned;
 use SimpleSAML\XMLSecurity\Test\XML\EncryptedCustom;
 use SimpleSAML\XMLSecurity\TestUtils\PEMCertificatesMock;
 use SimpleSAML\XMLSecurity\XML\EncryptableElementTrait;
@@ -32,7 +34,7 @@
 class EncryptedCustomTest extends TestCase
 {
     /** @var \DOMElement */
-    private DOMElement $signedDocument;
+    private DOMElement $signableDocument;
 
     /** @var PrivateKey */
     protected PrivateKey $privKey;
@@ -45,8 +47,8 @@ class EncryptedCustomTest extends TestCase
      */
     public function setUp(): void
     {
-        $this->signedDocument = DOMDocumentFactory::fromFile(
-            dirname(__FILE__, 2) . '/resources/xml/custom_CustomSignableSigned.xml',
+        $this->signableDocument = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 2) . '/resources/xml/custom_CustomSignable.xml',
         )->documentElement;
 
         $this->privKey = PEMCertificatesMock::getPrivateKey(PEMCertificatesMock::PRIVATE_KEY);
@@ -60,7 +62,7 @@ public function setUp(): void
     public function testEncryptAndDecryptSharedSecret(): void
     {
         // instantiate
-        $customSigned = CustomSignable::fromXML($this->signedDocument);
+        $customSigned = CustomSignable::fromXML($this->signableDocument);
         $sharedKey = SymmetricKey::generate(16);
 
         // encrypt
@@ -81,7 +83,7 @@ public function testEncryptAndDecryptSharedSecret(): void
     public function testEncryptAndDecryptSessionKey(): void
     {
         // instantiate
-        $customSigned = CustomSignable::fromXML($this->signedDocument);
+        $customSigned = CustomSignable::fromXML($this->signableDocument);
 
         // encrypt
         $factory = new KeyTransportAlgorithmFactory();
@@ -94,4 +96,42 @@ public function testEncryptAndDecryptSessionKey(): void
 
         $this->assertEquals($customSigned, $decryptedCustom);
     }
+
+
+    /**
+     * Test that a signature isn't mangled after encrypting/decrypting a signed object.
+     */
+    public function testSignatureVerifiesAfterEncryptionAndDecryption(): void
+    {
+        // instantiate
+        $customSigned = CustomSignable::fromXML($this->signableDocument);
+
+        // sign
+        $privateKey = PEMCertificatesMock::getPrivateKey(PEMCertificatesMock::SELFSIGNED_PRIVATE_KEY);
+        $signer = (new SignatureAlgorithmFactory())->getAlgorithm(
+            C::SIG_RSA_SHA256,
+            $privateKey
+        );
+        $customSigned->sign($signer);
+        $customSigned = CustomSignable::fromXML($customSigned->toXML());
+
+        // encrypt
+        $factory = new KeyTransportAlgorithmFactory();
+        $encryptor = $factory->getAlgorithm(C::KEY_TRANSPORT_OAEP_MGF1P, $this->pubKey);
+        $encryptedCustom = new EncryptedCustom($customSigned->encrypt($encryptor));
+
+        // decrypt
+        $decryptor = $factory->getAlgorithm(C::KEY_TRANSPORT_OAEP_MGF1P, $this->privKey);
+        $decryptedCustom = $encryptedCustom->decrypt($decryptor);
+
+        // verify signature
+        $publicKey = PEMCertificatesMock::getPublicKey(PEMCertificatesMock::SELFSIGNED_PUBLIC_KEY);
+        $verifier = (new SignatureAlgorithmFactory())->getAlgorithm(
+            $decryptedCustom->getSignature()->getSignedInfo()->getSignatureMethod()->getAlgorithm(),
+            $publicKey,
+        );
+
+        $verified = $decryptedCustom->verify($verifier);
+        $this->assertInstanceOf(CustomSignable::class, $verified);
+    }
 }